310 matches found
IBM Db2 日志信息泄露漏洞
IBM Db2 is a relational database management system developed by IBM. Versions 11.5.0 to 11.5.9 and 12.1.0 to 12.1.4 of IBM Db2 contain a vulnerability related to log information leakage. This vulnerability stems from the storage of potentially sensitive information in log files, which may allow...
Security Bulletin: There are multiple vulnerabilities in IBM DB2 bundled with IBM Application Performance Management products.
Summary IBM Application Performance Management is vulnerable to denial of service, remote code execution, information disclosures and other vulnerabilities due to bundled product IBM ® Db2. This bulletin identifies the steps to address the vulnerabilities. Vulnerability Details CVEID:CVE-2025-361...
Security Bulletin: Multiple vulnerabilities affect IBM Db2® on Cloud Pak for Data, and Db2 Warehouse on Cloud Pak for Data
Summary IBM has released the below fix for IBM Db2® on Cloud Pak for Data and Db2 Warehouse on Cloud Pak for Data in response to multiple vulnerabilities found in multiple components. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details...
CVE-2026-1577
IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 for Linux, UNIX and Windows includes Db2 Connect Server could allow an authenticated user to cause a denial of service due to improper neutralization of special elements in data query logic...
EUVD-2026-26439
IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 for Linux, UNIX and Windows includes Db2 Connect Server could allow an authenticated user to cause a denial of service due to improper neutralization of special elements in data query logic...
CVE-2025-36122 IBM® Db2® is vulnerable to a denial of service with a specially crafted query when stmtheap is set to automatic
IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.3 for Linux, UNIX and Windows includes DB2 Connect Server could allow an authenticated user to cause a denial of service using a specially crafted SQL query due to improper allocation of system resources...
EUVD-2025-209600
IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.3 for Linux, UNIX and Windows includes Db2 Connect Server could allow an authenticated user to cause a denial of service due to improper neutralization of special elements in data query logic when certain configurations exist...
CVE-2025-14688
CVE-2025-14688 affects IBM Db2 Server on Linux, UNIX, and Windows (V11.5.0–11.5.9; V12.1.0–12.1.3; includes Db2 Connect Server) where an authenticated user can trigger a denial of service due to improper neutralization of special elements in data query logic under specific configuration condition...
CVE-2025-14688
IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.3 for Linux, UNIX and Windows includes Db2 Connect Server could allow an authenticated user to cause a denial of service due to improper neutralization of special elements in data query logic when certain configurations exist...
CVE-2025-14688 IBM® Db2® is vulnerable to a denial of service when fetching from certain tables under specific configurations
IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.3 for Linux, UNIX and Windows includes Db2 Connect Server could allow an authenticated user to cause a denial of service due to improper neutralization of special elements in data query logic when certain configurations exist...
IBM Db2 安全漏洞
IBM Db2 is a relational database management system developed by IBM. Versions 11.5.0 to 11.5.9 and 12.1.0 to 12.1.3 of IBM Db2 contain security vulnerabilities. These vulnerabilities stem from improper allocation of system resources, which may allow authenticated users to cause denial-of-service...
IBM Db2 安全漏洞
IBM Db2 is a relational database management system developed by IBM. Versions 11.5.0 to 11.5.9 and 12.1.0 to 12.1.4 of IBM Db2 contain security vulnerabilities. These vulnerabilities stem from improper neutralization of special elements in the data query logic, which may cause denial-of-service...
IBM DB2 Multiple DoS (7269433, 7269434, 7269424, 7267642) (Windows)
According to its self-reported version number, IBM Db2 is affected by multiple denial of service vulnerabilities: - IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server could allow an authenticated user to cause a denial of service due to improper neutralization of special elements in...
EUVD-2026-25125
IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 for Linux, UNIX and Windows includes Db2 Connect Server could allow an authenticated user to cause a denial of service due to improper neutralization of special elements in data query logic...
CVE-2026-1352 IBM® Db2® is vulnerable to a trap or return SQLCODE -901 when compiling a specially crafted query with a defined index
IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 for Linux, UNIX and Windows includes Db2 Connect Server could allow an authenticated user to cause a denial of service due to improper neutralization of special elements in data query logic...
PT-2026-34577
IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 for Linux, UNIX and Windows includes Db2 Connect Server could allow an authenticated user to cause a denial of service due to improper neutralization of special elements in data query logic...
Security Bulletin: IBM® Db2® is vulnerable to a denial of service with a specially crafted query when stmtheap is set to automatic (CVE-2025-36122)
Summary IBM® Db2® is vulnerable to a denial of service with a specially crafted query when stmtheap is set to AUTOMATIClimit. Vulnerability Details CVEID:CVE-2025-36122 DESCRIPTION: IBM Db2 for Linux, UNIX and Windows includes DB2 Connect Server could allow an authenticated user to cause a denial...
Security Bulletin: IBM® Db2® is vulnerable to a denial of service when fetching from certain tables under specific configurations (CVE-2025-14688)
Summary IBM® Db2® is vulnerable to a denial of service when fetching from certain tables when the following configurations are set: DB2WORKLOAD=ANALYTICS or intraparallel is set to YES, as well as DB2EXTENDEDOPTIMIZATION=NLJNOFLOW ON. Vulnerability Details CVEID:CVE-2025-14688 DESCRIPTION: IBM Db...
Linux Distros Unpatched Vulnerability : CVE-2026-3856
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - IBM Db2 Recovery Expert for Linux, UNIX and Windows 5.5 IF 2 could allow an attacker to modify or corrupt data due to an insecure mechanism used for verifying t...
Security Bulletin: There are multiple vulnerabilities in IBM DB2 bundled with IBM Application Performance Management products.
Summary IBM Application Performance Management is vulnerable to denial of service, remote code execution, information disclosures and other vulnerabilities due to bundled product IBM ® Db2. This bulletin identifies the steps to address the vulnerabilities. Vulnerability Details CVEID:CVE-2025-362...