15 matches found
Denial of Service Vulnerability in IBM Db2
IBM Db2 is a set of relational database management system developed by the United States International Business Machines IBM Corporation, and its main operating environments are UNIX including IBM's own AIX, Linux, IBM i formerly known as OS/400, z/OS, as well as Windows server versions. A denial...
CVE-2025-36247
IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server 11.5.0 through 11.5.9 and 12.1.0 through 12.1.3 is vulnerable to an XML external entity injection XXE attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memo...
CVE-2025-36247
CVE-2025-36247 affects IBM Db2 for Linux/UNIX/Windows (including Db2 Connect Server) versions 11.5.0–11.5.9 and 12.1.0–12.1.3. The vulnerability is an XML External Entity (XXE) injection when processing XML data, enabling potential disclosure of sensitive information or memory resource consumptio...
CVE-2025-36428
IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server 11.5.0 - 11.5.9 and 12.1.0 - 12.1.3 could allow an authenticated user to cause a denial of service due to improper neutralization of special elements in data query logic when the RPSCAN feature is enabled...
EUVD-2025-206553
IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server 11.5.0 - 11.5.9 and 12.1.0 - 12.1.3 is vulnerable to a denial of service as a trap may occur when selecting from certain types of tables...
EUVD-2025-206557
IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server 11.5.0 - 11.5.9 and 12.1.0 - 12.1.3 could allow a local user to cause a denial of service due to improper neutralization of special elements in data query logic...
UBUNTU-CVE-2025-36001
IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server 11.5.0 - 11.5.9 and 12.1.0 - 12.1.3 could allow an authenticated user to cause a denial of service using a specially crafted SQL statement including XML that performs uncontrolled recursion...
CVE-2025-36009 IBM Db2 Denial of Service
IBM Db2 for Linux, UNIX and Windows includes DB2 Connect Server could allow an authenticated user to cause a denial of service due to excessive use of a global variable...
CVE-2025-36384
CVE-2025-36384 affects IBM Db2 for Windows versions 12.1.0–12.1.3. The root cause is an unquoted search path element, enabling a local user with filesystem access to escalate privileges. IBM’s advisory notes a CVSSv3.1 base score of 8.4 (PR:N, UI:N, AV:L, AC:L, C:H/I:H/A:H) and indicates Windows ...
PT-2026-5453
Name of the Vulnerable Software and Affected Versions IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server versions 11.5.0 through 11.5.9 IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server versions 12.1.0 through 12.1.3 Description The software may allow a local user to...
IBM DB2 Privilege Escalation (7250486) (Unix)
According to its self-reported version number, IBM Db2 on Unix may be affected by a vulnerability: - IBM Db2 12.1.0 through 12.1.3 for Linux, UNIX and Windows includes Db2 Connect Server under specific configurations could allow a local user to execute malicious code that escalate their privilege...
CVE-2025-36186
IBM Db2 12.1.0 through 12.1.3 for Linux, UNIX and Windows includes Db2 Connect Server under specific configurations could allow a local user to execute malicious code that escalate their privileges to root due to execution of unnecessary privileges operated at a higher than minimum level...
CVE-2025-36186 IBM Db2 privilege escalation
IBM Db2 12.1.0 through 12.1.3 for Linux, UNIX and Windows includes Db2 Connect Server under specific configurations could allow a local user to execute malicious code that escalate their privileges to root due to execution of unnecessary privileges operated at a higher than minimum level...
PT-2025-45489
Name of the Vulnerable Software and Affected Versions IBM Db2 versions 12.1.0 through 12.1.3 Description IBM Db2, under specific configurations, may allow a local user to execute malicious code and escalate privileges to root. This is due to the execution of operations at a higher privilege level...
F5 BIG-IP APM Information Disclosure Vulnerability (CNVD-2019-07130)
F5 BIG-IP Access Policy Manager APM is a suite of access and security solutions from F5 America. The solution provides unified access to business-critical applications and networks. portal access is one of the portal access components. A security vulnerability exists in portal access in F5 BIG-IP...