CVE-2009-4326

The RAND scalar function in the Common Code Infrastructure component in IBM DB2 9.5 before FP5 and 9.7 before FP1, when the Database Partitioning Feature DPF is used, produces "repeating" return values, which might allow attackers to defeat protection mechanisms based on randomization by predicti...

EUVD-2019-13708

Malware in sbrugna...

EUVD-2019-13664

Malware in sbrugna...

EUVD-2014-8728

Malware in sbrugna...

EUVD-2010-3717

Malware in sbrugna...

EUVD-2018-12360

Malware in sbrugna...

EUVD-2003-0888

Malware in sbrugna...

EUVD-2019-14195

Malware in sbrugna...

EUVD-2024-35203

Malicious code in bioql PyPI...

CVE-2025-36117

IBM Db2 Mirror for i 7.4, 7.5, and 7.6 does not disallow the session id after use which could allow an authenticated user to impersonate another user on the system...

CVE-2025-36116

Summary: CVE-2025-36116 affects IBM Db2 Mirror for i GUI versions 7.4, 7.5, and 7.6. The vulnerability is a cross-site WebSocket hijacking flaw that could allow an unauthenticated attacker to sniff an existing WebSocket connection and remotely perform operations the user is not allowed to perform...

CVE-2025-3050

IBM Db2 for Linux, UNIX and Windows includes DB2 Connect Server 11.5.0 through 11.5.9 and 12.1.0 through 12.1.1 could allow an authenticated user to cause a denial of service when using Q replication due to the improper allocation of CPU resources...

CVE-2024-25030

IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server 11.1 stores potentially sensitive information in log files that could be read by a local user. IBM X-Force ID: 281677...

Security Bulletin: Multiple IBM® Db2® security vulnerability fixes

Summary If you use IBM® Db2® as your database in your IBM Datacap deployment, please follow the Db2 security bulletins referred here to remedy the vulnerabilities. IBM® Db2® is vulnerable to denial of service under specific conditions CVE-2024-45663, CVE-2024-41761, CVE-2024-41762, CVE-2024-37071...

CVE-2023-29257 IBM Db2 code execution

IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server 10.5, 11.1, and 11.5 is vulnerable to remote code execution as a database administrator of one database may execute code or read/write files from another database within the same instance. IBM X-Force ID: 252011...

CVE-2004-1372

Multiple stack-based buffer overflows in IBM DB2 7.x and 8.1 allow local users to execute arbitrary code via 1 a long third argument to the rec2xml function or 2 a long filename argument to the generatedistfile procedure...

CVE-2003-1050

Multiple buffer overflows in IBM DB2 Universal Database 8.1 may allow local users to execute arbitrary code via long command line arguments to 1 db2start, 2 db2stop, or 3 db2govd...

SRT2003-11-06-0710 - IBM DB2 Multiple local security issues

Secure Network Operations, Inc. http://www.secnetops.com/research Strategic Reconnaissance Team [email protected] Team Lead Contact [email protected] Our Mission: Secure Network Operations offers expertise in Networking, Intrusion Detection Systems IDS, Software Security Validation, and...

IBM DB2 - 'db2stop' Command Line Argument Local Overflow

source: https://www.securityfocus.com/bid/8990/info IBM DB2 has been reported to be prone to multiple buffer overflow vulnerabilities that present themselves in binaries that are shipped with DB2. The vulnerabilities are likely caused due to a lack of sufficient boundary checks performed on user...

CVE-2001-0051

IBM DB2 Universal Database version 6.1 creates an account with a default user name and password, which allows remote attackers to gain access to the database...