1624 matches found
Linux Distros Unpatched Vulnerability : CVE-2025-11935
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - With TLS 1.3 pre-shared key PSK a malicious or faulty server could ignore the request for PFS perfect forward secrecy and the client would continue on with the...
Linux Distros Unpatched Vulnerability : CVE-2025-13223
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Type Confusion in V8 in Google Chrome prior to 142.0.7444.175 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium...
Linux Distros Unpatched Vulnerability : CVE-2025-40111
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/vmwgfx: Fix Use-after-free in validation Nodes stored in the validation duplicates hashtable come from an arena allocator that is cleared at the end of...
CVE-2025-40138
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid NULL pointer dereference in f2fscheckquotaconsistency syzbot reported a f2fs bug as below: Oops: gen 107.736417 T5848 Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 ...
Linux Distros Unpatched Vulnerability : CVE-2025-40148
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add NULL pointer checks in dcstream cursor attribute functions The function...
Linux Distros Unpatched Vulnerability : CVE-2025-40120
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: usb: asix: hold PM usage ref to avoid PM/MDIO + RTNL deadlock Prevent USB runtime PM autosuspend for AX88772 in bind. usbnet enables runtime PM autosuspend...
Linux Distros Unpatched Vulnerability : CVE-2025-13022
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Incorrect boundary conditions in the Graphics: WebGPU component. This vulnerability was fixed in Firefox 145 and Thunderbird 145. CVE-2025-13022 Note that Nessu...
CVE-2025-36006
IBM Db2 10.5.0 through 10.5.11, 11.1.0 through 11.1.4.7, 11.5.0 through 11.5.9, and 12.1.0 through 12.1.3 for Linux, UNIX and Windows includes Db2 Connect Server could allow an authenticated user to cause a denial due to the improper release of resources after use...
CVE-2025-36186
IBM Db2 12.1.0 through 12.1.3 for Linux, UNIX and Windows includes Db2 Connect Server under specific configurations could allow a local user to execute malicious code that escalate their privileges to root due to execution of unnecessary privileges operated at a higher than minimum level...
CVE-2025-36136
IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.3 for Linux, UNIX and Windows includes DB2 Connect Server could allow a local user to cause a denial of service due to the database monitor script incorrectly detecting that the instance is still starting under specific conditions...
CVE-2025-2534
IBM Db2 11.1.0 through 11.1.4.7, 11.5.0 through 11.5.9, and 12.1.0 through 12.1.3 for Linux, UNIX and Windows includes Db2 Connect Server is vulnerable to a denial of service as the server may crash under certain conditions with a specially crafted query...
EUVD-2025-38314
IBM Db2 11.1.0 through 11.1.4.7, 11.5.0 through 11.5.9, and 12.1.0 through 12.1.3 for Linux, UNIX and Windows includes Db2 Connect Server clpplus command exposes user credentials to the terminal which could be obtained by a third party with physical access to the system...
EUVD-2025-38309
IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.3 for Linux, UNIX and Windows includes Db2 Connect Server could allow an authenticated user to cause a denial of service due to improper allocation of resources...
EUVD-2025-38305
IBM Db2 12.1.0 through 12.1.3 for Linux, UNIX and Windows includes Db2 Connect Server under specific configurations could allow a local user to execute malicious code that escalate their privileges to root due to execution of unnecessary privileges operated at a higher than minimum level...
CVE-2025-36185
IBM Db2 12.1.0 through 12.1.2 for Linux, UNIX and Windows includes Db2 Connect Server could allow a local user to cause a denial of service due to improper neutralization of special elements in data query logic...
CVE-2025-36186
IBM Db2 12.1.0 through 12.1.3 for Linux, UNIX and Windows includes Db2 Connect Server under specific configurations could allow a local user to execute malicious code that escalate their privileges to root due to execution of unnecessary privileges operated at a higher than minimum level...
CVE-2025-36136
IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.3 for Linux, UNIX and Windows includes DB2 Connect Server could allow a local user to cause a denial of service due to the database monitor script incorrectly detecting that the instance is still starting under specific conditions...
CVE-2025-36131
IBM Db2 11.1.0 through 11.1.4.7, 11.5.0 through 11.5.9, and 12.1.0 through 12.1.3 for Linux, UNIX and Windows includes Db2 Connect Server clpplus command exposes user credentials to the terminal which could be obtained by a third party with physical access to the system...
CVE-2025-36006
IBM Db2 10.5.0 through 10.5.11, 11.1.0 through 11.1.4.7, 11.5.0 through 11.5.9, and 12.1.0 through 12.1.3 for Linux, UNIX and Windows includes Db2 Connect Server could allow an authenticated user to cause a denial due to the improper release of resources after use...
CVE-2025-36006
CVE-2025-36006 affects IBM Db2 and Db2 Connect Server across Linux/Unix/Windows (as listed in the IBM/DB2 Cloud Pak for Data bulletins). The issue is an authenticated-denial of-service caused by improper resource shutdown/release after use. Connected IBM bulletin details show remediation by upgra...