CVE-2025-13867

IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server 11.5.0 through 11.5.9 and 12.1.0 through 12.1.3 could allow an authenticated user to cause a denial of service due to improper neutralization of special elements in data query logic...

Linux Distros Unpatched Vulnerability : CVE-2025-36366

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server could allow a user to cause a denial of service by executing a query that invokes the JSONObject...

Linux Distros Unpatched Vulnerability : CVE-2025-2668

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server 11.5.0 - 11.5.9 is vulnerable to a denial of service as the server may crash when an authenticat...

Linux Distros Unpatched Vulnerability : CVE-2025-36387

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - IBM Db2 for Linux, UNIX and Windows includes DB2 Connect Server 11.5.0 - 11.5.9 could allow an authenticated user to cause a denial of service when given...

CVE-2025-36184

IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server 11.5.0 - 11.5.9 could allow an instance owner to execute malicious code that escalate their privileges to root due to execution of unnecessary privileges operated at a higher than minimum level...

CVE-2025-36184

IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server 11.5.0 - 11.5.9 could allow an instance owner to execute malicious code that escalate their privileges to root due to execution of unnecessary privileges operated at a higher than minimum level...

UBUNTU-CVE-2025-36428

IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server 11.5.0 - 11.5.9 and 12.1.0 - 12.1.3 could allow an authenticated user to cause a denial of service due to improper neutralization of special elements in data query logic when the RPSCAN feature is enabled...

UBUNTU-CVE-2025-36184

IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server 11.5.0 - 11.5.9 could allow an instance owner to execute malicious code that escalate their privileges to root due to execution of unnecessary privileges operated at a higher than minimum level...

PT-2026-5450

Name of the Vulnerable Software and Affected Versions IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server versions 11.5.0 through 11.5.9 Description The software may allow an instance owner to execute malicious code, potentially escalating their privileges to root due to the execution...

PT-2026-5458

Name of the Vulnerable Software and Affected Versions IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server versions 11.5.0 through 11.5.9 IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server versions 12.1.0 through 12.1.3 Description The software may allow a local user to...

CVE-2023-25930

IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server 10.1, 11.1, and 11.5 is vulnerable to a denial of service. Under rare conditions, setting a special register may cause the Db2 server to terminate abnormally. IBM X-Force ID: 247862...

Security Bulletin: Multiple vulnerabilities affect Data Virtualization on IBM Software Hub (August 2025 - Part 2 of 2)

Summary Multiple vulnerabilities have been addressed in Data Virtualization on IBM Software Hub. Note that Data Virtualization was named Watson Query on IBM Cloud Pak for Data version 4.8. Vulnerability Details CVEID:CVE-2025-33092 DESCRIPTION: IBM Db2 for Linux 12.1.0, 12.1.1, and 12.1.2 is...

CVE-2025-33092

IBM Db2 for Linux 12.1.0, 12.1.1, and 12.1.2 is vulnerable to a stack-based buffer overflow in db2fm, caused by improper bounds checking. A local user could overflow the buffer and execute arbitrary code on the system...

CVE-2025-2533

IBM Db2 for Linux 12.1.0, 12.1.1, and 12.1.2 is vulnerable to a denial of service as the server may crash under certain conditions with a specially crafted query...

CVE-2025-2518

IBM Db2 for Linux, UNIX and Windows includes DB2 Connect Server 11.5.0 through 11.5.9 and 12.1.0 through 12.1.1 is vulnerable to a denial of service as the server may crash under certain conditions with a specially crafted query...

CVE-2024-37071

IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server 10.5, 11.1, and 11.5 could allow an authenticated user to cause a denial of service with a specially crafted query due to improper memory allocation...

PT-2024-24265 · Ibm · Ibm Db2

Name of the Vulnerable Software and Affected Versions: IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server versions 11.1 and 11.5 Description: The issue is a denial of service under specific non-default configurations, where the server may crash when using a specially crafted SQL...

PT-2024-21775 · Ibm · Ibm Db2

Name of the Vulnerable Software and Affected Versions: IBM Db2 for Linux, UNIX and Windows includes DB2 Connect Server versions 10.5, 11.1, and 11.5 Description: The issue is related to a denial of service condition that can be triggered with a specially crafted query under certain conditions...

PT-2023-5539 · Ibm · Ibm Db2

Name of the Vulnerable Software and Affected Versions: IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server versions 10.5, 11.1, and 11.5 Description: The issue is related to insufficient input validation in the database management system, which can be exploited by a remote attacker to...

CVE-2021-29703

Db2 for Linux, UNIX and Windows includes Db2 Connect Server is vulnerable to a denial of service as the server terminates abnormally when executing a specially crafted SELECT statement. IBM X-Force ID: 200659...