CVE-2025-36070 IBM Db2 Denial of Service

IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server 11.5.0 - 11.5.9 and 12.1.0 - 12.1.3 is vulnerable to a denial of service as a trap may occur when selecting from certain types of tables...

CVE-2025-36098

IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server 11.5.0 - 11.5.9 and 12.1.0 - 12.1.3 could allow an authenticated user to cause a denial of service due to improper allocation of resources...

CVE-2025-36123 IBM Db2 Denial of Service

IBM Db2 for Linux, UNIX and Windows includes DB2 Connect Server 11.5.0 - 11.5.9 and 12.1.0 - 12.1.3 could allow a local user to cause a denial of service when copying large table containing XML data due to improper allocation of system resources...

CVE-2025-36184 IBM Db2 Privilege Escalation

IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server 11.5.0 - 11.5.9 could allow an instance owner to execute malicious code that escalate their privileges to root due to execution of unnecessary privileges operated at a higher than minimum level...

CVE-2025-36353 IBM Db2 Denial of Service

IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server 11.5.0 - 11.5.9 and 12.1.0 - 12.1.3 could allow a local user to cause a denial of service due to improper neutralization of special elements in data query logic...

CVE-2025-36365

IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server 11.5.0 - 11.5.9 and 12.1.0 - 12.1.3 under specific configuration of cataloged remote storage aliases could allow an authenticated user to execute unauthorized commands due to an authorization bypass vulnerability using a...

CVE-2025-36365 IBM Db2 Privilege Escalation

IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server 11.5.0 - 11.5.9 and 12.1.0 - 12.1.3 under specific configuration of cataloged remote storage aliases could allow an authenticated user to execute unauthorized commands due to an authorization bypass vulnerability using a...

CVE-2025-36366

IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server could allow a user to cause a denial of service by executing a query that invokes the JSONObject scalar function, which may trigger an unhandled exception leading to abnormal server termination...

CVE-2025-36387 IBM Db2 Denial of Service

IBM Db2 for Linux, UNIX and Windows includes DB2 Connect Server 11.5.0 - 11.5.9 could allow an authenticated user to cause a denial of service when given specially crafted query...

CVE-2025-36407 IBM Db2 Denial of Service

IBM® Db2® is vulnerable to a denial of service with a specially crafted query that uses ALTER TABLE operations...

CVE-2025-36423

IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server 12.1.0 - 12.1.3 could allow a local user to cause a denial of service due to improper neutralization of special elements in data query logic...

CVE-2025-36423 IBM Db2 Denial of Service

IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server 12.1.0 - 12.1.3 could allow a local user to cause a denial of service due to improper neutralization of special elements in data query logic...

CVE-2025-36424

IBM Db2 for Linux, UNIX and Windows (including Db2 Connect Server) is affected by CVE-2025-36424. The connected IBM security bulletin specifies that vulnerable releases are Db2 Server on platforms; version ranges affected are Db2 11.5.0–11.5.9 and Db2 12.1.0–12.1.3. The issue is a denial-of-servi...

CVE-2025-36424 IBM Db2 Denial of Service

IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server could allow a user to cause a denial of service due to improper neutralization of special elements in data query logic...

CVE-2025-36427 IBM Db2 Denial of Service

IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server could allow a user to cause a denial of service due to insufficient validation of special elements in data query logic...

CVE-2025-36428

CVE-2025-36428 affects IBM Db2 for Linux, UNIX and Windows (incl. Db2 Connect Server) versions 11.5.0–11.5.9 and 12.1.0–12.1.3. The issue is a denial of service caused by improper neutralization of special elements in data query logic when the RPSCAN feature is enabled. An authenticated user can ...

CVE-2025-36428 IBM Db2 Denial of Service

IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server 11.5.0 - 11.5.9 and 12.1.0 - 12.1.3 could allow an authenticated user to cause a denial of service due to improper neutralization of special elements in data query logic when the RPSCAN feature is enabled...

CVE-2025-36442

IBM Db2 on Linux/UNIX/Windows (includes Db2 Connect Server) versions 11.5.0–11.5.9 and 12.1.0–12.1.3 are vulnerable to denial of service. A crafted query involving XML columns may crash the server (CVE-2025-36442). A related issue (CVE-2025-36428) affects RPSCAN-related logic and could also enabl...

CVE-2025-36442

IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server 11.5.0 - 11.5.9 and 12.1.0 - 12.1.3 is vulnerable to a denial of service as the server may crash under certain conditions with a specially crafted query with XML columns...

CVE-2025-69662

SQL injection vulnerability in geopandas before v.1.1.2 allows an attacker to obtain sensitive information via the topostgis function being used to write GeoDataFrames to a PostgreSQL database...