Lucene search
K

4 matches found

CNVD
CNVD
added 2026/03/02 12:0 a.m.3 views

XML External Entity Injection Vulnerability in IBM Db2

IBM Db2 is the United States International Business Machines IBM company developed a set of relational database management system, it is the main operating environment for UNIX including IBM's own AIX, Linux, IBM i formerly known as OS/400, z/OS, and Windows server versions. An XML external entit...

8.2CVSS6.5AI score0.00296EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/02/17 5:13 p.m.9 views

CVE-2025-36247 IBM Db2 XML External Entity Reference

IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server 11.5.0 through 11.5.9 and 12.1.0 through 12.1.3 is vulnerable to an XML external entity injection XXE attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memo...

7.1CVSS5.7AI score0.00296EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/02/17 12:0 a.m.14 views

PT-2026-20227

Name of the Vulnerable Software and Affected Versions IBM Db2 versions 11.5.0 through 11.5.9 IBM Db2 versions 12.1.0 through 12.1.3 Description An authenticated user may be able to cause a denial of service due to improper neutralization of special elements in data query logic. Recommendations...

6.5CVSS5.4AI score0.00233EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/01/30 12:0 a.m.6 views

IBM Db2 security vulnerabilities

IBM Db2 is a relational database management system developed by IBM. The system can run on various operating systems such as UNIX, Linux, IBMi, z/OS, and Windows servers. Versions 11.5.0 to 11.5.9 of IBM Db2 contain security vulnerabilities. These vulnerabilities allow instance owners to execute...

7.2CVSS5.9AI score0.00471EPSS
Exploits0References3
Rows per page
Query Builder