311 matches found
CVE-2025-36070 IBM Db2 Denial of Service
IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server 11.5.0 - 11.5.9 and 12.1.0 - 12.1.3 is vulnerable to a denial of service as a trap may occur when selecting from certain types of tables...
CVE-2025-36098
IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server 11.5.0 - 11.5.9 and 12.1.0 - 12.1.3 could allow an authenticated user to cause a denial of service due to improper allocation of resources...
CVE-2025-36184 IBM Db2 Privilege Escalation
IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server 11.5.0 - 11.5.9 could allow an instance owner to execute malicious code that escalate their privileges to root due to execution of unnecessary privileges operated at a higher than minimum level...
CVE-2025-36365
IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server 11.5.0 - 11.5.9 and 12.1.0 - 12.1.3 under specific configuration of cataloged remote storage aliases could allow an authenticated user to execute unauthorized commands due to an authorization bypass vulnerability using a...
CVE-2025-36365 IBM Db2 Privilege Escalation
IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server 11.5.0 - 11.5.9 and 12.1.0 - 12.1.3 under specific configuration of cataloged remote storage aliases could allow an authenticated user to execute unauthorized commands due to an authorization bypass vulnerability using a...
CVE-2025-36366
IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server could allow a user to cause a denial of service by executing a query that invokes the JSONObject scalar function, which may trigger an unhandled exception leading to abnormal server termination...
CVE-2025-36407 IBM Db2 Denial of Service
IBM® Db2® is vulnerable to a denial of service with a specially crafted query that uses ALTER TABLE operations...
CVE-2025-36423 IBM Db2 Denial of Service
IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server 12.1.0 - 12.1.3 could allow a local user to cause a denial of service due to improper neutralization of special elements in data query logic...
CVE-2025-36423
IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server 12.1.0 - 12.1.3 could allow a local user to cause a denial of service due to improper neutralization of special elements in data query logic...
CVE-2025-36424 IBM Db2 Denial of Service
IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server could allow a user to cause a denial of service due to improper neutralization of special elements in data query logic...
CVE-2025-36427 IBM Db2 Denial of Service
IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server could allow a user to cause a denial of service due to insufficient validation of special elements in data query logic...
CVE-2025-36428 IBM Db2 Denial of Service
IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server 11.5.0 - 11.5.9 and 12.1.0 - 12.1.3 could allow an authenticated user to cause a denial of service due to improper neutralization of special elements in data query logic when the RPSCAN feature is enabled...
CVE-2025-36428
CVE-2025-36428 affects IBM Db2 for Linux, UNIX and Windows (incl. Db2 Connect Server) versions 11.5.0–11.5.9 and 12.1.0–12.1.3. The issue is a denial of service caused by improper neutralization of special elements in data query logic when the RPSCAN feature is enabled. An authenticated user can ...
CVE-2025-36442
IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server 11.5.0 - 11.5.9 and 12.1.0 - 12.1.3 is vulnerable to a denial of service as the server may crash under certain conditions with a specially crafted query with XML columns...
IBM Db2 security vulnerabilities
IBM Db2 is a relational database management system developed by IBM. The system can run on various operating systems such as UNIX, Linux, IBMi, z/OS, and Windows servers. Versions 11.5.0 to 11.5.9 of IBM Db2 contain security vulnerabilities. These vulnerabilities allow instance owners to execute...
PT-2026-5451
Name of the Vulnerable Software and Affected Versions IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server versions 11.5.0 through 11.5.9 IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server versions 12.1.0 through 12.1.3 Description The software may allow a local user to...
PT-2026-5461
Name of the Vulnerable Software and Affected Versions IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server versions 11.5.0 through 11.5.9 IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server versions 12.1.0 through 12.1.3 Description The software may experience a denial of...
Security Bulletin: IBM® Db2® is vulnerable to a denial of service when copying large tables containing XML data (CVE-2025-36123)
Summary IBM® Db2® could allow a local user to cause a denial of service when copying large table containing XML data due to improper allocation of system resources. Vulnerability Details CVEID:CVE-2025-36123 DESCRIPTION: IBM Db2 for Linux, UNIX and Windows includes DB2 Connect Server could allow ...
Security Bulletin: Multiple vulnerabilities in IBM® Db2® affect IBM® Db2® Big SQL on IBM Cloud Pak for Data
Summary Multiple vulnerabilities in IBM Db2 12.1 affect IBM® Db2® Big SQL 7 and 8 on IBM Cloud Pak for Data 5.2 and earlier. Vulnerability Details CVEID:CVE-2025-33012 DESCRIPTION: IBM Db2 10.5.0 through 10.5.11, 11.1.0 through 11.1.4.7, 11.5.0 through 11.5.9, and 12.1.0 through 12.1.3 for Linux...
IBM DB2 Privilege Escalation (7250486) (Windows)
According to its self-reported version number, IBM Db2 on Windows may be affected by a vulnerability: - IBM Db2 12.1.0 through 12.1.2 for Linux, UNIX and Windows includes Db2 Connect Server could allow a local user to cause a denial of service due to improper neutralization of special elements in...