Lucene search
+L

9 matches found

CNVD
CNVD
added 2026/03/02 12:0 a.m.3 views

XML External Entity Injection Vulnerability in IBM Db2

IBM Db2 is the United States International Business Machines IBM company developed a set of relational database management system, it is the main operating environment for UNIX including IBM's own AIX, Linux, IBM i formerly known as OS/400, z/OS, and Windows server versions. An XML external entit...

8.2CVSS6.5AI score0.00296EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/02/17 5:13 p.m.9 views

CVE-2025-36247 IBM Db2 XML External Entity Reference

IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server 11.5.0 through 11.5.9 and 12.1.0 through 12.1.3 is vulnerable to an XML external entity injection XXE attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memo...

7.1CVSS5.7AI score0.00296EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/02/17 12:0 a.m.15 views

PT-2026-20227

Name of the Vulnerable Software and Affected Versions IBM Db2 versions 11.5.0 through 11.5.9 IBM Db2 versions 12.1.0 through 12.1.3 Description An authenticated user may be able to cause a denial of service due to improper neutralization of special elements in data query logic. Recommendations...

6.5CVSS5.4AI score0.00233EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/11/07 12:0 a.m.6 views

IBM Db2 安全漏洞

IBM Db2 is a relational database management system from International Business Machines IBM. The system executes on UNIX, Linux, IBMi, z/OS, and Windows server versions. A security vulnerability exists in IBM Db2 versions 12.1.0 through 12.1.3, which stems from performing an unnecessarily...

7.8CVSS6.3AI score0.00121EPSS
Exploits0References2
OSV
OSV
added 2021/04/22 10:15 p.m.6 views

CVE-2021-2156

Vulnerability in the Oracle Customers Online product of Oracle E-Business Suite component: Customer Tab. Supported versions that are affected are 12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Customers...

8.1CVSS6.8AI score0.01015EPSS
Exploits0References1
CNVD
CNVD
added 2020/07/15 12:0 a.m.4 views

Unspecified Vulnerability in Oracle E-Business Suite (CNVD-2020-44270)

Oracle E-Business Suite E-Business Suite is the United States Oracle Oracle company's set of fully integrated global business management software. The software provides customer relationship management, service management, financial management and other functions. CRM Technical Foundation is one ...

8.2CVSS9.2AI score0.01256EPSS
Exploits0References1
CNVD
CNVD
added 2020/07/15 12:0 a.m.4 views

Unspecified Vulnerability in Oracle E-Business Suite (CNVD-2020-44278)

Oracle E-Business Suite E-Business Suite is a set of fully integrated global business management software from Oracle Oracle. The software provides customer relationship management, service management, financial management and other functions. A security vulnerability exists in the Setup of Mobil...

9.1CVSS9.2AI score0.01641EPSS
Exploits0References1
CNVD
CNVD
added 2016/07/21 12:0 a.m.3 views

Unspecified Vulnerability in Oracle E-Business Suite Marketing

Oracle E-Business Suite is a comprehensive suite of enterprise-class business applications. Oracle E-Business Suite versions 12.1.1, 12.1.2, 12.1.3 contain a security vulnerability in the Marketing component, which can be exploited by remote attackers to compromise confidentiality, integrity...

8.2CVSS6.9AI score0.02093EPSS
Exploits0References1
OSV
OSV
added 2016/04/21 10:59 a.m.8 views

CVE-2016-0675

Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6, 12.1.2, and 12.1.3 allows remote attackers to affect confidentiality and integrity via vectors related to Console, a different vulnerability than CVE-2016-0700...

6.1CVSS7.3AI score0.01907EPSS
Exploits0References3
Rows per page
Query Builder