CVE-2025-36131

CVE-2025-36131 : IBM Db2 (and Db2 Connect Server) clpplus can expose user credentials in the terminal when there is physical access. The connected IBM bulletin for Cloud Pak for Data indicates remediation via upgrading IBM Db2 Big SQL to version 8.3 or later on Cloud Pak for Data 5.3+ (upgrade pa...

CVE-2025-36185 IBM Db2 denial of service

IBM Db2 12.1.0 through 12.1.2 for Linux, UNIX and Windows includes Db2 Connect Server could allow a local user to cause a denial of service due to improper neutralization of special elements in data query logic...

CVE-2025-36186 IBM Db2 privilege escalation

IBM Db2 12.1.0 through 12.1.3 for Linux, UNIX and Windows includes Db2 Connect Server under specific configurations could allow a local user to execute malicious code that escalate their privileges to root due to execution of unnecessary privileges operated at a higher than minimum level...

CVE-2025-2534 IBM Db2 denial of service

IBM Db2 11.1.0 through 11.1.4.7, 11.5.0 through 11.5.9, and 12.1.0 through 12.1.3 for Linux, UNIX and Windows includes Db2 Connect Server is vulnerable to a denial of service as the server may crash under certain conditions with a specially crafted query...

CVE-2024-47118 IBM Db2 is vulnerable to a denial of service as the server may crash under certain conditions with a specially crafted query

IBM Db2 10.5.0 through 10.5.11, 11.1.0 through 11.1.4.7, 11.5.0 through 11.5.9, and 12.1.0 through 12.1.3 for Linux, UNIX and Windows includes Db2 Connect Server is vulnerable to a denial of service as the server may crash under certain conditions with a specially crafted query...

PT-2025-45494

Name of the Vulnerable Software and Affected Versions IBM Db2 versions 11.1.0 through 11.1.4.7 IBM Db2 versions 11.5.0 through 11.5.9 IBM Db2 versions 12.1.0 through 12.1.3 Description The clpplus command in IBM Db2 can reveal user credentials on the terminal, potentially allowing a third party...

EUVD-2014-6045

Malware in sbrugna...

EUVD-2014-5983

Malware in sbrugna...

EUVD-2011-0744

Malware in sbrugna...

EUVD-2021-16177

Malware in sbrugna...

EUVD-2011-0769

Malware in sbrugna...

EUVD-2023-34865

Malicious code in bioql PyPI...

CVE-2024-49828

IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server 10.5.0.0 through 10.5.0.11, 11.1.0 through 11.1.4.7, 11.5.0 through 11.5.9, and 12.1.0 through 12.1.2 is vulnerable to a denial of service as the server may crash under certain conditions with a specially crafted query...

CVE-2024-49350 IBM Db2 denial of service

IBM Db2 for Linux, UNIX and Windows includes DB2 Connect Server 11.1.0 through 11.1.4.7, 11.5.0 through 11.5.9 and 12.1.0 through 12.1.1 is vulnerable to a denial of service as the server may crash under certain conditions with a specially crafted query...

CVE-2024-28762

IBM Db2 for Linux, UNIX and Windows includes DB2 Connect Server 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted query under certain conditions. IBM X-Force ID: 285246...

CVE-2024-35152

IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server 11.5 could allow an authenticated user to cause a denial of service with a specially crafted query due to improper memory allocation. IBM X-Force ID: 292639...

CVE-2023-30991

IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server 11.1 and 11.5 is vulnerable to denial of service with a specially crafted query. IBM X-Force ID: 254037...

CVE-2023-30442

IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server 11.1 and 11.5 federated server is vulnerable to a denial of service as the server may crash when using a specially crafted wrapper using certain options. IBM X-Force ID: 253202...

CVE-2023-30431

IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server 10.5, 11.1, and 11.5 db2set is vulnerable to a buffer overflow, caused by improper bounds checking. An attacker could overflow the buffer and execute arbitrary code. IBM X-Force ID: 252184...

CVE-2023-27559

IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server 10.5, 11.1, and 11.5 is vulnerable to a denial of service as the server may crash when using a specially crafted subquery. IBM X-Force ID: 249196...