CVE-2025-36424

IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server could allow a user to cause a denial of service due to improper neutralization of special elements in data query logic...

CVE-2025-36427

IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server could allow a user to cause a denial of service due to insufficient validation of special elements in data query logic...

CVE-2025-36365

IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server 11.5.0 - 11.5.9 and 12.1.0 - 12.1.3 under specific configuration of cataloged remote storage aliases could allow an authenticated user to execute unauthorized commands due to an authorization bypass vulnerability using a...

CVE-2025-36387

IBM Db2 for Linux, UNIX and Windows includes DB2 Connect Server 11.5.0 - 11.5.9 could allow an authenticated user to cause a denial of service when given specially crafted query...

CVE-2025-36366

IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server could allow a user to cause a denial of service by executing a query that invokes the JSONObject scalar function, which may trigger an unhandled exception leading to abnormal server termination...

CVE-2025-36407

IBM® Db2® is vulnerable to a denial of service with a specially crafted query that uses ALTER TABLE operations...

CVE-2025-36009

IBM Db2 for Linux, UNIX and Windows includes DB2 Connect Server could allow an authenticated user to cause a denial of service due to excessive use of a global variable...

CVE-2025-36098

IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server 11.5.0 - 11.5.9 and 12.1.0 - 12.1.3 could allow an authenticated user to cause a denial of service due to improper allocation of resources...

CVE-2025-36184

IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server 11.5.0 - 11.5.9 could allow an instance owner to execute malicious code that escalate their privileges to root due to execution of unnecessary privileges operated at a higher than minimum level...

CVE-2025-36070

IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server 11.5.0 - 11.5.9 and 12.1.0 - 12.1.3 is vulnerable to a denial of service as a trap may occur when selecting from certain types of tables...

CVE-2025-36123

IBM Db2 for Linux, UNIX and Windows includes DB2 Connect Server 11.5.0 - 11.5.9 and 12.1.0 - 12.1.3 could allow a local user to cause a denial of service when copying large table containing XML data due to improper allocation of system resources...

CVE-2025-36098

IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server 11.5.0 - 11.5.9 and 12.1.0 - 12.1.3 could allow an authenticated user to cause a denial of service due to improper allocation of resources...

CVE-2025-36353

IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server 11.5.0 - 11.5.9 and 12.1.0 - 12.1.3 could allow a local user to cause a denial of service due to improper neutralization of special elements in data query logic...

CVE-2025-36001

IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server 11.5.0 - 11.5.9 and 12.1.0 - 12.1.3 could allow an authenticated user to cause a denial of service using a specially crafted SQL statement including XML that performs uncontrolled recursion...

CVE-2025-36365

IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server 11.5.0 - 11.5.9 and 12.1.0 - 12.1.3 under specific configuration of cataloged remote storage aliases could allow an authenticated user to execute unauthorized commands due to an authorization bypass vulnerability using a...

UBUNTU-CVE-2025-36407

IBM® Db2® is vulnerable to a denial of service with a specially crafted query that uses ALTER TABLE operations...

CVE-2025-36184

IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server 11.5.0 - 11.5.9 could allow an instance owner to execute malicious code that escalate their privileges to root due to execution of unnecessary privileges operated at a higher than minimum level...

CVE-2025-36366

IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server could allow a user to cause a denial of service by executing a query that invokes the JSONObject scalar function, which may trigger an unhandled exception leading to abnormal server termination...

UBUNTU-CVE-2025-36009

IBM Db2 for Linux, UNIX and Windows includes DB2 Connect Server could allow an authenticated user to cause a denial of service due to excessive use of a global variable...

CVE-2025-36070

IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server 11.5.0 - 11.5.9 and 12.1.0 - 12.1.3 is vulnerable to a denial of service as a trap may occur when selecting from certain types of tables...