Security Bulletin: IBM® Db2® is vulnerable to a denial of service as the server may crash under certain conditions with a specially crafted query when lock event monitor is activated (CVE-2024-52894)

Summary IBM® Db2® is vulnerable to a denial of service as the server may crash under certain conditions with a specially crafted query when lock event monitor is activated. Vulnerability Details CVEID:CVE-2024-52894 DESCRIPTION: IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server is...

Deserialization of Untrusted Data

Overview Affected versions of this package are vulnerable to Deserialization of Untrusted Data via the ImportSQLTable process of the IBMDB2 JDBC Driver component when handling the connectionurl argument. An attacker can execute arbitrary code by supplying crafted serialized data remotely. Details...

CVE-2025-10768

A flaw has been found in h2oai h2o-3 up to 3.46.08. The impacted element is an unknown function of the file /99/ImportSQLTable of the component IBMDB2 JDBC Driver. This manipulation of the argument connectionurl causes deserialization. The attack may be initiated remotely. The exploit has been...

IBM DB2 DoS (7175943) (Unix)

According to its self-reported version number, IBM Db2 on Unix is vulnerable to a denial of service when querying certain tables using a specially crafted statement. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number...

Default password 'ibmdb2' for account 'db2as' (SSH/Telnet)

The account SPDX-FileCopyrightText: 2003 Chris Foster Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.11863";...