Lucene search
K

64 matches found

EUVD
EUVD
added 6 days ago6 views

EUVD-2026-40393

IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 for Linux, UNIX and Windows includes Db2 Connect Server could allow an authenticated user to cause a denial of service due to improper neutralization of special elements in the data query logic of XMLTable-derived columns...

6.5CVSS5.8AI score0.0042EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/10 12:43 p.m.6 views

CVE-2026-52759 Ghidra < 12.1.1 - Denial of Service via Uncontrolled Memory Allocation in Mach-O Parser

Ghidra before 12.1.1 contains an uncontrolled memory allocation vulnerability in the Mach-O binary parser that allows attackers to cause denial of service. An attacker can supply a crafted Mach-O binary with an arbitrarily large ncmds load command count value, forcing the parser to allocate...

6.7CVSS5.5AI score0.00151EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/05/27 1:11 p.m.42 views

CVE-2026-6938 IBM® Db2® is vulnerable to authorization bypass when uploading to a remote object storage path with a special query

IBM Db2 12.1.0 through 12.1.4 is vulnerable to authorization bypass when uploading to a remote object storage path with a special query...

6.5CVSS0.00185EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/27 1:9 p.m.10 views

CVE-2026-6052 IBM® Db2® is vulnerable to running out of memory when executing certain queries with MDC tables

IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 is vulnerable to running out of memory when executing certain queries with MDC tables...

6.5CVSS5.8AI score0.00243EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/27 1:9 p.m.11 views

EUVD-2026-32489

IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 is vulnerable to running out of memory when executing certain queries with MDC tables...

6.5CVSS5.8AI score0.00243EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/27 1:7 p.m.38 views

CVE-2026-6051 IBM® Db2® is vulnerable to a denial of service when executing a specially crafted query with a small statement heap

IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 is vulnerable to a denial of service when executing a specially crafted query with a small statement heap...

5.5CVSS0.00177EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.18 views

PT-2026-43981

Name of the Vulnerable Software and Affected Versions IBM Db2 versions 12.1.0 through 12.1.4 Description An authorization bypass occurs when uploading to a remote object storage path using a special query. Recommendations At the moment, there is no information about a newer version that contains ...

7.5CVSS5.8AI score0.00185EPSS
Exploits0References3
CVE
CVE
added 2026/04/30 9:48 p.m.69 views

CVE-2025-36122

CVE-2025-36122 affects IBM Db2 11.5.0–11.5.9 and 12.1.0–12.1.3 for Linux, UNIX and Windows (including DB2 Connect Server). An authenticated user can cause a denial of service via a specially crafted SQL query due to improper allocation of system resources when stmtheap is set to AUTOMATIC. CVSS v...

6.5CVSS5.5AI score0.00245EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2026/04/30 9:48 p.m.6 views

EUVD-2025-209601

IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.3 for Linux, UNIX and Windows includes DB2 Connect Server could allow an authenticated user to cause a denial of service using a specially crafted SQL query due to improper allocation of system resources...

6.5CVSS5.5AI score0.00245EPSS
Exploits0References1
CVE
CVE
added 2026/04/30 9:48 p.m.29 views

CVE-2025-14688

CVE-2025-14688 affects IBM Db2 Server on Linux, UNIX, and Windows (V11.5.0–11.5.9; V12.1.0–12.1.3; includes Db2 Connect Server) where an authenticated user can trigger a denial of service due to improper neutralization of special elements in data query logic under specific configuration condition...

5.3CVSS5.2AI score0.00221EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2026/04/23 12:0 a.m.9 views

IBM Guardium Data Protection 跨站脚本漏洞

IBM Guardium Data Protection is a comprehensive data security platform developed by the American company International Business Machines IBM. Version 12.1 of IBM Guardium Data Protection contains a cross-site scripting vulnerability. This vulnerability stems from stored-cross-site scripts, which...

5.5CVSS5.8AI score0.00142EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/04/22 11:30 p.m.4 views

CVE-2026-1274 IBM Guardium Data Protection is affected by multiple vulnerabilities

IBM Guardium Data Protection 12.0, 12.1, and 12.2 is vulnerable to a Bypass Business Logic vulnerability in the access management control panel...

4.9CVSS5.8AI score0.003EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/30 12:38 p.m.20 views

CVE-2026-4266 WatchGuard Firebox Insecure Deserialization in Fireware Access Portal

An Insecure Deserialization vulnerability in WatchGuard Fireware OS allows an attacker that has obtained write access to the local filesystem through another vulnerability to execute arbitrary code in the context of the portald user.This issue affects Fireware OS: 12.1 through 12.11.8 and 2025.1...

8.4CVSS0.00286EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/03/19 12:0 a.m.5 views

PT-2026-26260

A Stored cross-site scripting XSS vulnerability affects HCL Unica Marketing Operations v12.1.8 and lower. Stored cross-site scripting also known as second-order or persistent XSS arises when an application receives data from an untrusted source and includes that data within its later HTTP...

7.6CVSS5.6AI score0.0017EPSS
Exploits0References3
CNVD
CNVD
added 2026/03/02 12:0 a.m.3 views

XML External Entity Injection Vulnerability in IBM Db2

IBM Db2 is the United States International Business Machines IBM company developed a set of relational database management system, it is the main operating environment for UNIX including IBM's own AIX, Linux, IBM i formerly known as OS/400, z/OS, and Windows server versions. An XML external entit...

8.2CVSS6.5AI score0.00296EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/02/17 5:13 p.m.9 views

CVE-2025-36247 IBM Db2 XML External Entity Reference

IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server 11.5.0 through 11.5.9 and 12.1.0 through 12.1.3 is vulnerable to an XML external entity injection XXE attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memo...

7.1CVSS5.7AI score0.00296EPSS
Exploits0References1
CVE
CVE
added 2026/02/17 5:13 p.m.21 views

CVE-2025-36425

CVE-2025-36425 is an IBM Db2 information-disclosure issue affecting IBM Db2 for Linux, UNIX and Windows (including Db2 Connect Server) versions 11.5.0–11.5.9 and 12.1.0–12.1.3. The vulnerability allows an authenticated user to obtain sensitive information under specific HADR configurations, per I...

6.5CVSS5.4AI score0.00174EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/02/17 5:13 p.m.5 views

CVE-2025-36425

IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server 11.5.0 through 11.5.9 and 12.1.0 through 12.1.3 could allow an authenticated user to obtain sensitive information under specific HADR configuration...

5.3CVSS5.4AI score0.00174EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/02/17 12:0 a.m.11 views

PT-2026-20227

Name of the Vulnerable Software and Affected Versions IBM Db2 versions 11.5.0 through 11.5.9 IBM Db2 versions 12.1.0 through 12.1.3 Description An authenticated user may be able to cause a denial of service due to improper neutralization of special elements in data query logic. Recommendations...

6.5CVSS5.4AI score0.00233EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/02/01 3:14 a.m.11 views

CVE-2025-36424

IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server could allow a user to cause a denial of service due to improper neutralization of special elements in data query logic...

6.5CVSS5.3AI score0.00328EPSS
Exploits0References1
Rows per page
Query Builder