Lucene search
K

310 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2026/07/06 2:58 p.m.3 views

Security Bulletin: IBM® Db2® could disclose sensitive information to an authenticated user from the monitoring and event tables (CVE-2025-36372)

Summary IBM® Db2® could disclose sensitive information such as access keys to an authenticated user from the monitoring and event tables. CVE-2025-36372 Vulnerability Details CVEID:CVE-2025-36372 DESCRIPTION: IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 for Linux, UNIX and Windows...

6.5CVSS5.8AI score0.00303EPSS
Exploits0Affected Software1
CVE
CVE
added 2026/06/30 8:3 p.m.22 views

CVE-2025-36372

CVE-2025-36372 affects IBM Db2 for Linux, UNIX and Windows (including Db2 Connect Server) versions 11.5.0–11.5.9 and 12.1.0–12.1.4. The issue allows an authenticated user to disclose sensitive information from the monitoring and event tables due to a vulnerability in access to those tables. Publi...

6.5CVSS5.7AI score0.00303EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2026/06/30 8:2 p.m.8 views

EUVD-2026-40406

IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 is vulnerable to remote code execution due to improper pre-auth DRDA handshake handling...

9.8CVSS6.4AI score0.0086EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.11 views

PT-2026-53953

Name of the Vulnerable Software and Affected Versions IBM Db2 versions 11.5.0 through 11.5.9 IBM Db2 versions 12.1.0 through 12.1.4 Description An authenticated user can obtain sensitive information from the monitoring and event tables in IBM Db2 for Linux, UNIX, and Windows, including Db2 Connec...

6.5CVSS5.9AI score0.00303EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.12 views

PT-2026-53954

Name of the Vulnerable Software and Affected Versions IBM Db2 versions 11.5.0 through 11.5.9 IBM Db2 versions 12.1.0 through 12.1.4 Description Remote code execution is possible due to improper handling of the pre-authentication DRDA Distributed Relational Database Architecture handshake. This fl...

9.8CVSS6.3AI score0.0086EPSS
Exploits0References3
NVD
NVD
added 2026/06/22 2:16 p.m.13 views

CVE-2025-2669

IBM Db2 on Cloud Pak for Data and Db2 Warehouse on Cloud Pak for Data versions 4.8, 5.0, 5.1, 5.2, 5.3 could allow a privileged user to perform operations and obtain sensitive information outside of their authority due to improper token validation...

6.5CVSS0.00197EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/22 1:18 p.m.3 views

CVE-2025-2669

IBM Db2 on Cloud Pak for Data and Db2 Warehouse on Cloud Pak for Data versions 4.8, 5.0, 5.1, 5.2, 5.3 could allow a privileged user to perform operations and obtain sensitive information outside of their authority due to improper token validation...

6CVSS5.8AI score0.00197EPSS
Exploits0References2Affected Software1
RedhatCVE
RedhatCVE
added 2026/06/05 7:31 p.m.12 views

CVE-2026-6938

IBM Db2 12.1.0 through 12.1.4 is vulnerable to authorization bypass when uploading to a remote object storage path with a special query...

7.5CVSS5.5AI score0.00185EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:19 p.m.10 views

CVE-2026-1718

IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 is vulnerable to a denial of service with a specially crafted query when autonomous transactions are enabled...

7.5CVSS5.4AI score0.00362EPSS
Exploits0References1
NVD
NVD
added 2026/05/27 2:17 p.m.16 views

CVE-2026-6052

IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 is vulnerable to running out of memory when executing certain queries with MDC tables...

7.5CVSS0.00243EPSS
Exploits0References1
NVD
NVD
added 2026/05/27 2:16 p.m.19 views

CVE-2026-1718

IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 is vulnerable to a denial of service with a specially crafted query when autonomous transactions are enabled...

7.5CVSS0.00362EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/27 1:10 p.m.10 views

CVE-2026-6053 IBM® Db2® is vulnerable to a denial of service when a specially crafted query is run with range partitioned tables

IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 is vulnerable to a denial of service when a specially crafted query is run with range partitioned tables...

5.5CVSS5.8AI score0.00098EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/27 1:10 p.m.14 views

EUVD-2026-32490

IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 is vulnerable to a denial of service when a specially crafted query is run with range partitioned tables...

5.5CVSS5.8AI score0.00098EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/27 1:9 p.m.39 views

CVE-2026-6052 IBM® Db2® is vulnerable to running out of memory when executing certain queries with MDC tables

IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 is vulnerable to running out of memory when executing certain queries with MDC tables...

6.5CVSS0.00243EPSS
Exploits0References1
CVE
CVE
added 2026/05/27 1:7 p.m.21 views

CVE-2026-6051

CVE-2026-6051 affects IBM Db2 11.5.0–11.5.9 and 12.1.0–12.1.4. The vulnerability is a denial of service caused by executing a specially crafted query that consumes the statement heap. Impact is a high availability concern for affected Db2 client and server installations. IBM’s bulletin confirms a...

7.5CVSS5.8AI score0.00177EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/27 1:7 p.m.14 views

CVE-2026-6051 IBM® Db2® is vulnerable to a denial of service when executing a specially crafted query with a small statement heap

IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 is vulnerable to a denial of service when executing a specially crafted query with a small statement heap...

5.5CVSS5.8AI score0.00177EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.21 views

PT-2026-43695

Name of the Vulnerable Software and Affected Versions IBM Db2 versions 11.5.0 through 11.5.9 IBM Db2 versions 12.1.0 through 12.1.4 Description A denial of service can occur when autonomous transactions are enabled. This is triggered by the execution of a specially crafted query. Recommendations ...

7.5CVSS5.6AI score0.00362EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.15 views

IBM Db2 授权问题漏洞

IBM Db2 is a relational database management system developed by IBM Corporation. Versions 12.1.0 to 12.1.4 of IBM Db2 contain an authorization vulnerability. This vulnerability arises from an authorization bypass that occurs when data is uploaded to a remote object storage path...

7.5CVSS5.8AI score0.00185EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/26 3:46 p.m.17 views

CVE-2025-13755

IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 for Linux, UNIX and Windows includes DB2 Connect Server stores potentially sensitive information in log files that could be read by a local user...

5.5CVSS5.8AI score0.00108EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/05/26 3:46 p.m.48 views

CVE-2025-13755

CVE-2025-13755 affects IBM Db2 11.5.0–11.5.9 and 12.1.0–12.1.4 (Linux/UNIX/Windows, including Db2 Connect Server). The root cause is that the system can store potentially sensitive information in log files, which could be read by a local user, constituting a credential exposure (CWE-532). Impact ...

5.5CVSS5.8AI score0.00108EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder