EUVD-2021-16299

Malware in sbrugna...

EUVD-2023-42504

Malicious code in bioql PyPI...

CVE-2023-38729

IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server 10.5, 11.1, and 11.5 is vulnerable to sensitive information disclosure when using ADMINCMD with IMPORT or EXPORT...

Security Bulletin: IBM® Db2® is vulnerable to sensitive information disclosure when using ADMIN_CMD with IMPORT or EXPORT (CVE-2023-38729)

Summary IBM® Db2® is vulnerable to sensitive information disclosure when using ADMINCMD with IMPORT or EXPORT. Note: In addition to applying Special Build, registry variable DB2LOADRESTRICTEDIOPATH needs to be set to USEEXTBLLOCATION 11.1 or later, or one or more semi-colon separated paths. When...

Security Bulletin: IBM® Db2® could disclose sensitive information when using ADMIN_CMD with LOAD or BACKUP. (CVE-2021-29825)

Summary IBM® Db2® could disclose sensitive information when using ADMINCMD with LOAD or BACKUP. Note: In addition to applying Special Build, registry variable DB2LOADRESTRICTEDIOPATH needs to be set to USEEXTBLLOCATION 11.1 or later, or one or more semi-colon separated paths. When using...

IBM DB2 Information Disclosure (7145721) (Unix)

According to it self-reported version number, IBM Db2 is affected by an information disclosure vulnerability when using ADMINCMD with IMPORT or EXPORT. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. %NASLMINLEVEL 80900...

CVE-2023-38729 IBM Db2 information disclosure

IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server 10.5, 11.1, and 11.5 is vulnerable to sensitive information disclosure when using ADMINCMD with IMPORT or EXPORT...

Security Bulletin: Multiple security vulnerabilities may affect IBM DB2 shipped with Predictive Maintenance and Quality and Predictive Maintenance Insights On-Premises

Summary IBM DB2 is shipped with IBM Predictive Maintenance and Quality and Predictive Maintenance Insights On-Premises. Information about security vulnerabilities affecting DB2 has been published in multiple security bulletins as below. The recommended solution is to upgrade to Fix Pack version...

CVE-2021-29825

IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server could disclose sensitive information when using ADMINCMD with LOAD or BACKUP. IBM X-Force ID: 204470...

Design/Logic Flaw

IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server could disclose sensitive information when using ADMINCMD with LOAD or BACKUP. IBM X-Force ID: 204470...

CVE-2021-29825

CVE-2021-29825 affects IBM Db2 for Linux, UNIX and Windows (including Db2 Connect Server). The vulnerability could disclose sensitive information when using ADMIN_CMD with LOAD or BACKUP. IBM’s Security Bulletin for CVE-2021-29825 notes affected Db2 LUW versions include 11.1.x and 11.5.x; remedia...

Security Bulletin: IBM® Db2® is vulnerable to information disclosure (CVE-2019-4524)

Summary Db2 contains an information disclosure vulnerability, exposing remote storage credentials to privileged users, after running LOAD or UPDATE ALERT CFG through the ADMINCMD stored procedure. Vulnerability Details CVEID: CVE-2019-4524 DESCRIPTION: IBM DB2 for Linux, UNIX and Windows includes...