CVE-2026-6052

IBM Db2 is vulnerable to memory exhaustion when executing certain queries involving MDC tables. Affected products and versions: IBM Db2 11.5.0–11.5.9 and 12.1.0–12.1.4. IBM’s advisory notes that mitigation includes applying interim special builds (V11.5.9 and V12.1.4) via Fix Central and avoiding...

PT-2026-43979

Name of the Vulnerable Software and Affected Versions IBM Db2 versions 11.5.0 through 11.5.9 IBM Db2 versions 12.1.0 through 12.1.4 Description A denial of service can occur when a specially crafted query is executed using range partitioned tables. Recommendations At the moment, there is no...

IBM Db2 安全漏洞

IBM Db2 is a relational database management system developed by IBM. Versions 11.5.0 to 11.5.9 and 12.1.0 to 12.1.4 of IBM Db2 contain security vulnerabilities. These vulnerabilities arise from the use of range partition tables when special queries are executed, and could lead to denial-of-servic...

IBM Db2 日志信息泄露漏洞

IBM Db2 is a relational database management system developed by IBM. Versions 11.5.0 to 11.5.9 and 12.1.0 to 12.1.4 of IBM Db2 contain a vulnerability related to log information leakage. This vulnerability stems from the storage of potentially sensitive information in log files, which may allow...

Security Bulletin: A vulnerability in IBM Semeru affects IBM® Db2®. (Jan 2026 CPU)

Summary There is a vulnerability in IBM Semeru Version 21.0.9.0 and earlier used by IBM® Db2®. These issues were disclosed as part of the IBM Java SDK updates in Jan 2026. Vulnerability Details CVEID:CVE-2026-1188 DESCRIPTION: In the Eclipse OMR port library component since release 0.2.0, an API...

CVE-2026-1577 IBM® Db2® is vulnerable to a denial of service with a specially crafted query involving multiple subqueries

IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 for Linux, UNIX and Windows includes Db2 Connect Server could allow an authenticated user to cause a denial of service due to improper neutralization of special elements in data query logic...

PT-2026-34577

IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 for Linux, UNIX and Windows includes Db2 Connect Server could allow an authenticated user to cause a denial of service due to improper neutralization of special elements in data query logic...

CVE-2019-7287

A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 12.1.4. An application may be able to execute arbitrary code with kernel privileges...

Foxit PhantomPDF Multiple Vulnerabilities (June-2 2024)

Foxit PhantomPDF is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:foxitsoftware:phantompdf";...

GHSA-RPJ9-XJWM-WR6W Umbraco Commerce vulnerable to Stored Cross-site Scripting on Print Functionality

Impact Stored Cross-site scripting XSS enable attackers to inject malicious code into Print Functionality Patches 12.1.4, 10.0.5 References https://docs.umbraco.com/umbraco-commerce/release-notesid-13.0.0-december-13th-2023...

Umbraco Commerce 安全漏洞

Umbraco Commerce is an e-commerce solution from Umbraco, Denmark. A security vulnerability exists in Umbraco Commerce that stems from a stored cross-site scripting XSS vulnerability in the Print feature. Affected products and versions: Umbraco Commerce versions prior to 12.1.4, versions prior to...

CVE-2022-31789

An integer overflow in WatchGuard Firebox and XTM appliances allows an unauthenticated remote attacker to trigger a buffer overflow and potentially execute arbitrary code by sending a malicious request to exposed management ports. This is fixed in Fireware OS 12.8.1, 12.5.10, and 12.1.4...

CVE-2022-31792

A stored cross-site scripting XSS vulnerability exists in the management web interface of WatchGuard Firebox and XTM appliances. A remote attacker can potentially execute arbitrary JavaScript code in the management web interface by sending crafted requests to exposed management ports. This is fix...

Cross site scripting

A stored cross-site scripting XSS vulnerability exists in the management web interface of WatchGuard Firebox and XTM appliances. A remote attacker can potentially execute arbitrary JavaScript code in the management web interface by sending crafted requests to exposed management ports. This is fix...

Integer overflow

An integer overflow in WatchGuard Firebox and XTM appliances allows an unauthenticated remote attacker to trigger a buffer overflow and potentially execute arbitrary code by sending a malicious request to exposed management ports. This is fixed in Fireware OS 12.8.1, 12.5.10, and 12.1.4...

CVE-2022-31791

WatchGuard Firebox and XTM appliances allow a local attacker that has already obtained shell access to elevate their privileges and execute code with root permissions. This is fixed in Fireware OS 12.8.1, 12.5.10, and 12.1.4...

CVE-2022-31792

A stored cross-site scripting XSS vulnerability exists in the management web interface of WatchGuard Firebox and XTM appliances. A remote attacker can potentially execute arbitrary JavaScript code in the management web interface by sending crafted requests to exposed management ports. This is fix...

CVE-2022-31789

WatchGuard Firebox and XTM appliances are affected by an integer overflow that can trigger a buffer overflow via requests to exposed management ports, allowing an unauthenticated remote attacker to potentially execute arbitrary code. The issue is documented across multiple sources (NVD/Red Hat/NC...

CVE-2022-31790

WatchGuard Firebox and XTM appliances allow an unauthenticated remote attacker to retrieve sensitive authentication server settings by sending a malicious request to exposed authentication endpoints. This is fixed in Fireware OS 12.8.1, 12.5.10, and 12.1.4...

Design/Logic Flaw

WatchGuard Firebox and XTM appliances allow an unauthenticated remote attacker to retrieve sensitive authentication server settings by sending a malicious request to exposed authentication endpoints. This is fixed in Fireware OS 12.8.1, 12.5.10, and 12.1.4...