Security Bulletin: IBM Data Server Driver for JDBC and SQLJ is affected by a vulnerability in org.lz4 1.8.0 (CVE-2025-12183)

Summary IBM Data Server Driver for JDBC and SQLJ is affected by a vulnerability in org.lz4 1.8.0 CVE-2025-12183 Vulnerability Details CVEID:CVE-2025-12183 DESCRIPTION: Out-of-bounds memory operations in org.lz4:lz4-java 1.8.0 and earlier allow remote attackers to cause denial of service and read...

EUVD-2017-10693

Malware in sbrugna...

Security Bulletin: Multiple vulnerabilities in IBM® Db2® affects IBM Security Key Lifecycle Manager.

Summary There are multiple vulnerabiltities in the IBM® Db2® that is shipped with IBM Security Key Lifecycle Manager. These issues were disclosed as part of the IBM® Db2® updates published. These may affect some configurations of IBM Security Key Lifecycle Manager. Vulnerability Details Please...

Security Bulletin: IBM Data Server Driver for JDBC and SQLJ is affected by a 3RD PARTY Unsafe deserialization

Summary Unsafe deserialization in DB2 JDBC driver Vulnerability Details The Db2 JDBC driver deserializes the contents of /tmp/connlicj.bin default path, this is configurable, which leads to object injection and potentially arbitrary code execution depending on the classpath. CVEID: CVE-2017-1677...

Security Bulletin: Vulnerabilities in open source zlib library affect IBM Data Server Driver Package and IBM Data Server Driver for ODBC and CLI

Summary Vulnerabilities have been addressed in the open source zlib library component of IBM Data Server Driver Package and IBM Data Server Driver for ODBC and CLI. Vulnerability Details CVEID: CVE-2016-9840 DESCRIPTION: zlib is vulnerable to a denial of service, caused by an out-of-bounds pointe...

Security Bulletin: Vulnerabilities in Flexera InstallShield and InstallAnywhere affect IBM Data Server Driver packages (CVE-2016-2542, CVE-2016-4560)

Summary Vulnerabilities have been addressed in the Flexera InstallShield and InstallAnywhere componenst of IBM Data Server Driver packages. Vulnerability Details CVEID: CVE-2016-2542 DESCRIPTION: Flexera InstallShield could allow a local attacker to gain elevated privileges on the system, caused ...

Security Bulletin: Vulnerabilities in GSKit affect IBM Data Server Client and Driver packages(CVE-2016-0201, CVE-2015-7420 and CVE-2015-7421)

Summary Vulnerabilities have been addressed in the GSKit component of IBM Data Server Client and Driver packages Vulnerability Details CVEID: CVE-2016-0201 DESCRIPTION: IBM GSKit could allow a remote attacker to obtain sensitive information, caused by a MD5 collision. An attacker could exploit th...

IBM DB2 Data Server Driver for JDBC and SQLJ Injection Vulnerabilities

IBM DB2 is a relational database management system from IBM in the United States. The system's execution environments are mainly UNIX, Linux, IBM i, z/OS, and Windows server versions.Data Server Driver for JDBC and SQLJ is one of the data server drivers. A security vulnerability exists in Data...

Design/Logic Flaw

IBM Data Server Driver for JDBC and SQLJ IBM DB2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, and 11.1 deserializes the contents of /tmp/connlicj.bin which leads to object injection and potentially arbitrary code execution depending on the classpath. IBM X-Force ID: 133999...

CVE-2017-1677

CVE-2017-1677 affects IBM DB2 family via unsafe deserialization in the Data Server Driver for JDBC/SQLJ. The vulnerability occurs when the driver deserializes /tmp/connlicj.bin, enabling object injection and potentially arbitrary code execution depending on the classpath. Affected products/versio...

CVE-2017-1677

IBM Data Server Driver for JDBC and SQLJ IBM DB2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, and 11.1 deserializes the contents of /tmp/connlicj.bin which leads to object injection and potentially arbitrary code execution depending on the classpath. IBM X-Force ID: 133999...