7 matches found
IBM DB2 Multiple Vulnerabilities (7257697, 7257698) (Windows)
According to its self-reported version number, IBM Db2 on Windows may be affected by a multiple vulnerabilities: - IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server 11.5.0 - 11.5.9 and 12.1.0 - 12.1.3 could allow an authenticated user to cause a denial of service due to improper...
CVE-2025-36442
IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server 11.5.0 - 11.5.9 and 12.1.0 - 12.1.3 is vulnerable to a denial of service as the server may crash under certain conditions with a specially crafted query with XML columns...
CVE-2025-36442 IBM Db2 Denial of Service
IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server 11.5.0 - 11.5.9 and 12.1.0 - 12.1.3 is vulnerable to a denial of service as the server may crash under certain conditions with a specially crafted query with XML columns...
CVE-2025-54251
Adobe Experience Manager versions 6.5.23.0 and earlier are affected by an XML Injection vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to manipulate XML queries and gain limited unauthorized write access...
The vulnerability of the query_to_xml_and_xmlschema/table_to_xml/table_to_xml_and_xmlschema function in the Apache Superset data visualization software allows a hacker to execute arbitrary SQL code.
The vulnerability of the querytoxmlandxmlschema/tabletoxml/tabletoxmlandxmlschema function exists due to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL code remotely...
Security Bulletin: IBM® DB2® XML Query Will Cause Excessive CPU Usage (CVE-2014-8901)
Summary IBM DB2 contains a security vulnerability which could allow a remote, authenticated user to exploit a vulnerability in DB2's XML library to cause a disruption of service. Vulnerability Details CVE ID: CVE-2014-8901 DESCRIPTION: IBM DB2 contains a disruption of service vulnerability. A...
Microsoft SQL Server 2000 - SQLXML Script Injection
Microsoft SQL Server 2000 - SQLXML Script Injection source: https://www.securityfocus.com/bid/5005/info SQLXML is a component of SQL Server 2000, which enables SQL servers to receive and send database queries via XML Extensible Markup Language format. Such queries can be sent using various method...