Lucene search
K

310 matches found

RedhatCVE
RedhatCVE
added 2026/02/19 1:28 a.m.11 views

CVE-2025-27899

IBM DB2 Recovery Expert for LUW 5.5 Interim Fix 002 discloses sensitive information in an environment variable that could aid in further attacks against the system...

5.3CVSS5.4AI score0.00197EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2026/02/18 10:25 p.m.9 views

Security Bulletin: IBM Database Operator for FoundationDB is affected by zlib vulnerability (CVE-2018-25032)

Summary Foundation DB will ship an updated zlib to address this CVE. Though zlib is used for internal communication and vulnerability dislcoed here does not impact Foundation DB. Vulnerability Details CVEID:CVE-2018-25032 DESCRIPTION: Zlib is vulnerable to a denial of service, caused by a memory...

7.5CVSS8.6AI score0.52063EPSS
Exploits1Affected Software1
RedhatCVE
RedhatCVE
added 2026/02/18 7:30 p.m.6 views

CVE-2025-33130

IBM DB2 Merge Backup for Linux, UNIX and Windows 12.1.0.0 could allow an authenticated user to cause the program to crash due to a buffer being overwritten when it is allocated on the stack...

6.5CVSS5.8AI score0.0024EPSS
Exploits0References1
NVD
NVD
added 2026/02/17 8:22 p.m.6 views

CVE-2025-27900

IBM DB2 Recovery Expert for LUW 5.5 Interim Fix 002 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a...

6.8CVSS0.00137EPSS
Exploits0References1
NVD
NVD
added 2026/02/17 8:22 p.m.6 views

CVE-2025-27904

IBM DB2 Recovery Expert for LUW 5.5 Interim Fix 002 IBM Db2 Recovery Expert for Linux, UNIX and Windows is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts...

6.5CVSS0.00112EPSS
Exploits0References1
NVD
NVD
added 2026/02/17 8:22 p.m.11 views

CVE-2025-27898

IBM DB2 Recovery Expert for LUW 5.5 Interim Fix 002 does not invalidate session after a timeout which could allow an authenticated user to impersonate another user on the system...

6.3CVSS0.00154EPSS
Exploits0References1
CVE
CVE
added 2026/02/17 7:11 p.m.21 views

CVE-2025-13108

CVE-2025-13108 affects IBM Db2 Merge Backup for Linux, UNIX and Windows, version 12.1.0.0. The root cause is a buffer not properly cleared, which could allow an attacker to access sensitive information stored in memory. The vulnerability is documented across multiple sources (IBM, Red Hat, NVD, e...

7.5CVSS5.7AI score0.0018EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2026/02/17 6:20 p.m.3 views

CVE-2025-13867

IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server 11.5.0 through 11.5.9 and 12.1.0 through 12.1.3 could allow an authenticated user to cause a denial of service due to improper neutralization of special elements in data query logic...

6.5CVSS5.8AI score0.00233EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/02/17 5:13 p.m.9 views

CVE-2025-36247 IBM Db2 XML External Entity Reference

IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server 11.5.0 through 11.5.9 and 12.1.0 through 12.1.3 is vulnerable to an XML external entity injection XXE attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memo...

7.1CVSS5.7AI score0.00296EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/02/17 5:13 p.m.5 views

CVE-2025-36425

IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server 11.5.0 through 11.5.9 and 12.1.0 through 12.1.3 could allow an authenticated user to obtain sensitive information under specific HADR configuration...

5.3CVSS5.4AI score0.00174EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/02/17 5:13 p.m.25 views

CVE-2025-36425

CVE-2025-36425 is an IBM Db2 information-disclosure issue affecting IBM Db2 for Linux, UNIX and Windows (including Db2 Connect Server) versions 11.5.0–11.5.9 and 12.1.0–12.1.3. The vulnerability allows an authenticated user to obtain sensitive information under specific HADR configurations, per I...

6.5CVSS5.4AI score0.00174EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/02/17 5:13 p.m.26 views

CVE-2025-13867 IBM Db2 Denial of Service

IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server 11.5.0 through 11.5.9 and 12.1.0 through 12.1.3 could allow an authenticated user to cause a denial of service due to improper neutralization of special elements in data query logic...

6.5CVSS0.00233EPSS
Exploits0References1
CVE
CVE
added 2026/02/17 5:13 p.m.18 views

CVE-2025-13867

CVE-2025-13867 affects IBM Db2 for Linux, UNIX and Windows (incl. Db2 Connect Server) 11.5.0–11.5.9 and 12.1.0–12.1.3. An authenticated user can trigger a denial of service due to improper neutralization of special elements in data query logic. The connected IBM bulletins confirm DoS risk (and re...

6.5CVSS5.5AI score0.00233EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/02/17 5:12 p.m.24 views

CVE-2025-14689 IBM Db2 Denial of Service

IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server 12.1.0 through 12.1.3 could allow an authenticated user to cause a denial of service due to improper neutralization of special elements in data query logic with federated objects...

6.5CVSS0.0024EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/02/17 5:12 p.m.4 views

CVE-2025-14689 IBM Db2 Denial of Service

IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server 12.1.0 through 12.1.3 could allow an authenticated user to cause a denial of service due to improper neutralization of special elements in data query logic with federated objects...

6.5CVSS5.5AI score0.0024EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2026/02/17 8:0 a.m.14 views

Security Bulletin: IBM® Db2® is vulnerable to a denial of service with a specially crafted query that uses ALTER TABLE operations.(CVE-2025-36407)

Summary IBM® Db2® is vulnerable to a denial of service due to improper neutralization of special elements in data query logic. Vulnerability Details CVEID:CVE-2025-36407 DESCRIPTION: IBM® Db2® is vulnerable to a denial of service with a specially crafted query that uses ALTER TABLE operations...

6.5CVSS5.5AI score0.00275EPSS
Exploits0Affected Software1
CNNVD
CNNVD
added 2026/02/17 12:0 a.m.9 views

IBM DB2 Merge Backup 安全漏洞

IBM DB2 Merge Backup is a database-assisted backup tool developed by IBM. Version 12.1.0.0 of IBM DB2 Merge Backup contains a security vulnerability. This vulnerability stems from an error in calculating buffer sizes, which could allow authenticated users to cause the program to crash...

6.5CVSS5.9AI score0.0024EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/02/17 12:0 a.m.6 views

PT-2026-20224

Name of the Vulnerable Software and Affected Versions IBM DB2 Merge Backup for Linux, UNIX and Windows version 12.1.0.0 Description A flaw exists in IBM DB2 Merge Backup for Linux, UNIX and Windows version 12.1.0.0 where a buffer does not properly clear resources, potentially allowing an attacker...

7.5CVSS6.1AI score0.0018EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/02/17 12:0 a.m.9 views

IBM Db2 代码问题漏洞

IBM Db2 is the United States International Business Machines IBM company developed a set of relational database management system, it is the main operating environment for UNIX including IBM's own AIX, Linux, IBM i formerly known as OS/400, z/OS, and Windows server versions. An XML external entit...

8.2CVSS5.8AI score0.00296EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/02/17 12:0 a.m.6 views

IBM Db2 输入验证错误漏洞

IBM DB2 is a relational database management system developed by IBM. The system can run on various operating systems such as UNIX, Linux, IBMi, z/OS, and Windows server versions. Version 5.5 Interim Fix 002 of IBM DB2 Recovery Expert for LUW contains a vulnerability related to input validation...

6.8CVSS5.8AI score0.00137EPSS
Exploits0References1
Rows per page
Query Builder