1655 matches found
CVE-2025-13755 IBM® Db2® is vulnerable to credential exposure in db2diag when executing specific testcase buckets
IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 for Linux, UNIX and Windows includes DB2 Connect Server stores potentially sensitive information in log files that could be read by a local user...
CVE-2025-13755
CVE-2025-13755 affects IBM Db2 11.5.0–11.5.9 and 12.1.0–12.1.4 (Linux/UNIX/Windows, including Db2 Connect Server). The root cause is that the system can store potentially sensitive information in log files, which could be read by a local user, constituting a credential exposure (CWE-532). Impact ...
PT-2026-43277
Name of the Vulnerable Software and Affected Versions IBM Db2 versions 11.5.0 through 11.5.9 IBM Db2 versions 12.1.0 through 12.1.4 Description IBM Db2 for Linux, UNIX, and Windows, including DB2 Connect Server, stores potentially sensitive information in log files. This data could be accessed an...
Security Bulletin: IBM® Db2® is vulnerable to authorization bypass when uploading to a remote object storage path with a special query (CVE-2026-6938)
Summary IBM® Db2® is vulnerable to authorization bypass when uploading to a remote object storage path with a special query Vulnerability Details CVEID:CVE-2026-6938 DESCRIPTION: IBM Db2 is vulnerable to authorization bypass when uploading to a remote object storage path with a special query...
Astra Linux – Vulnerability in exiv2
Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. A out-of-bounds read vulnerability was discovered in Exiv2 versions v0.27.4 and earlier. This vulnerability occurs when Exiv2 is used to read the metadata of a specially...
Linux Distros Unpatched Vulnerability : CVE-2026-5089
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - YAML::Syck versions before 1.38 for Perl has an out-of-bounds read. The base60 sexagesimal parsing code in perlsyck.h has a buffer underflow bug in both intbase...
CVE-2026-8370
The CVE describes an "Execution with unnecessary privileges" vulnerability in Broadcom Automic Automation Agent Unix, affecting multiple platforms (Linux x64, Linux Power 64 BE/LE, zLinux, AIX, Solaris x64, Solaris SPARC 64) and enabling privilege escalation when running with elevated privileges....
Linux Distros Unpatched Vulnerability : CVE-2026-8571
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient policy enforcement in GPU in Google Chrome on Android prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to...
Linux Distros Unpatched Vulnerability : CVE-2026-7997
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient validation of untrusted input in Updater in Google Chrome on Mac prior to 148.0.7778.96 allowed a local attacker to perform OS-level privilege...
CVE-2026-43167
In the Linux kernel, the following vulnerability has been resolved: xfrm: always flush state and policy upon NETDEVUNREGISTER event syzbot is reporting that "struct xfrmstate" refcount is leaking. unregisternetdevice: waiting for netdevsim0 to become free. Usage count = 2 reftracker:...
EUVD-2026-26439
IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 for Linux, UNIX and Windows includes Db2 Connect Server could allow an authenticated user to cause a denial of service due to improper neutralization of special elements in data query logic...
CVE-2025-36122
IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.3 for Linux, UNIX and Windows includes DB2 Connect Server could allow an authenticated user to cause a denial of service using a specially crafted SQL query due to improper allocation of system resources...
CVE-2025-14688 IBM® Db2® is vulnerable to a denial of service when fetching from certain tables under specific configurations
IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.3 for Linux, UNIX and Windows includes Db2 Connect Server could allow an authenticated user to cause a denial of service due to improper neutralization of special elements in data query logic when certain configurations exist...
Linux Distros Unpatched Vulnerability : CVE-2026-7381
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Plack::Middleware::XSendfile versions through 1.0053 for Perl can allow client-controlled path rewriting. Plack::Middleware::XSendfile allows the variation...
Linux Distros Unpatched Vulnerability : CVE-2026-35249
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. The supported version that is affected is 7.2.6. Easily exploitable...
IBM DB2 Multiple DoS (7269433, 7269434, 7269424, 7267642) (Unix)
According to its self-reported version number, IBM Db2 is affected by multiple denial of service vulnerabilities: - IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server could allow an authenticated user to cause a denial of service due to improper neutralization of special elements in...
CVE-2026-35362 uutils coreutils Missing TOCTOU Protection on Non-Linux Unix Platforms in Safe Traversal Module
The safetraversal module in uutils coreutils, which provides protection against Time-of-Check to Time-of-Use TOCTOU symlink races using file-descriptor-relative syscalls, is incorrectly limited to Linux targets. On other Unix-like systems such as macOS and FreeBSD, the utility fails to utilize...
CVE-2026-35362 uutils coreutils Missing TOCTOU Protection on Non-Linux Unix Platforms in Safe Traversal Module
The safetraversal module in uutils coreutils, which provides protection against Time-of-Check to Time-of-Use TOCTOU symlink races using file-descriptor-relative syscalls, is incorrectly limited to Linux targets. On other Unix-like systems such as macOS and FreeBSD, the utility fails to utilize...
Linux Distros Unpatched Vulnerability : CVE-2026-31499
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Bluetooth: L2CAP: Fix deadlock in l2capconndel l2capconndel calls canceldelayedworksync for both infotimer and idaddrtimer while holding conn-lock. However, the...
Linux Distros Unpatched Vulnerability : CVE-2026-40200
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in musl libc 0.7.10 through 1.2.6. Stack-based memory corruption can occur during qsort of very large arrays, due to incorrectly...