Lucene search
+L

1655 matches found

Cvelist
Cvelist
added 2026/05/26 3:46 p.m.45 views

CVE-2025-13755 IBM® Db2® is vulnerable to credential exposure in db2diag when executing specific testcase buckets

IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 for Linux, UNIX and Windows includes DB2 Connect Server stores potentially sensitive information in log files that could be read by a local user...

5.5CVSS0.00108EPSS
Exploits0References1
CVE
CVE
added 2026/05/26 3:46 p.m.50 views

CVE-2025-13755

CVE-2025-13755 affects IBM Db2 11.5.0–11.5.9 and 12.1.0–12.1.4 (Linux/UNIX/Windows, including Db2 Connect Server). The root cause is that the system can store potentially sensitive information in log files, which could be read by a local user, constituting a credential exposure (CWE-532). Impact ...

5.5CVSS5.8AI score0.00108EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/26 12:0 a.m.23 views

PT-2026-43277

Name of the Vulnerable Software and Affected Versions IBM Db2 versions 11.5.0 through 11.5.9 IBM Db2 versions 12.1.0 through 12.1.4 Description IBM Db2 for Linux, UNIX, and Windows, including DB2 Connect Server, stores potentially sensitive information in log files. This data could be accessed an...

5.5CVSS5.8AI score0.00108EPSS
Exploits0References3
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/21 3:38 p.m.8 views

Security Bulletin: IBM® Db2® is vulnerable to authorization bypass when uploading to a remote object storage path with a special query (CVE-2026-6938)

Summary IBM® Db2® is vulnerable to authorization bypass when uploading to a remote object storage path with a special query Vulnerability Details CVEID:CVE-2026-6938 DESCRIPTION: IBM Db2 is vulnerable to authorization bypass when uploading to a remote object storage path with a special query...

7.5CVSS5.8AI score0.00185EPSS
Exploits0Affected Software1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in exiv2

Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. A out-of-bounds read vulnerability was discovered in Exiv2 versions v0.27.4 and earlier. This vulnerability occurs when Exiv2 is used to read the metadata of a specially...

5.5CVSS6.5AI score0.01051EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/05/20 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2026-5089

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - YAML::Syck versions before 1.38 for Perl has an out-of-bounds read. The base60 sexagesimal parsing code in perlsyck.h has a buffer underflow bug in both intbase...

7.3CVSS6.1AI score0.00333EPSS
Exploits0References4
CVE
CVE
added 2026/05/19 6:42 p.m.51 views

CVE-2026-8370

The CVE describes an "Execution with unnecessary privileges" vulnerability in Broadcom Automic Automation Agent Unix, affecting multiple platforms (Linux x64, Linux Power 64 BE/LE, zLinux, AIX, Solaris x64, Solaris SPARC 64) and enabling privilege escalation when running with elevated privileges....

8.5CVSS5.8AI score0.00146EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/05/14 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-8571

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient policy enforcement in GPU in Google Chrome on Android prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to...

8.3CVSS6.2AI score0.00214EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/05/07 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-7997

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient validation of untrusted input in Updater in Google Chrome on Mac prior to 148.0.7778.96 allowed a local attacker to perform OS-level privilege...

7.8CVSS7AI score0.0008EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/05/06 11:27 a.m.10 views

CVE-2026-43167

In the Linux kernel, the following vulnerability has been resolved: xfrm: always flush state and policy upon NETDEVUNREGISTER event syzbot is reporting that "struct xfrmstate" refcount is leaking. unregisternetdevice: waiting for netdevsim0 to become free. Usage count = 2 reftracker:...

5.5CVSS5.6AI score0.00127EPSS
Exploits0
EUVD
EUVD
added 2026/04/30 9:49 p.m.12 views

EUVD-2026-26439

IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 for Linux, UNIX and Windows includes Db2 Connect Server could allow an authenticated user to cause a denial of service due to improper neutralization of special elements in data query logic...

6.5CVSS5.2AI score0.00335EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/04/30 9:48 p.m.6 views

CVE-2025-36122

IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.3 for Linux, UNIX and Windows includes DB2 Connect Server could allow an authenticated user to cause a denial of service using a specially crafted SQL query due to improper allocation of system resources...

6.5CVSS5.5AI score0.00245EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/04/30 9:48 p.m.45 views

CVE-2025-14688 IBM® Db2® is vulnerable to a denial of service when fetching from certain tables under specific configurations

IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.3 for Linux, UNIX and Windows includes Db2 Connect Server could allow an authenticated user to cause a denial of service due to improper neutralization of special elements in data query logic when certain configurations exist...

5.3CVSS0.00221EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/04/30 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-7381

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Plack::Middleware::XSendfile versions through 1.0053 for Perl can allow client-controlled path rewriting. Plack::Middleware::XSendfile allows the variation...

9.1CVSS6.1AI score0.00442EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/04/29 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-35249

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. The supported version that is affected is 7.2.6. Easily exploitable...

3.2CVSS7.4AI score0.0011EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/04/24 12:0 a.m.6 views

IBM DB2 Multiple DoS (7269433, 7269434, 7269424, 7267642) (Unix)

According to its self-reported version number, IBM Db2 is affected by multiple denial of service vulnerabilities: - IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server could allow an authenticated user to cause a denial of service due to improper neutralization of special elements in...

6.5CVSS5.8AI score0.00335EPSS
Exploits0References8
Vulnrichment
Vulnrichment
added 2026/04/22 4:8 p.m.6 views

CVE-2026-35362 uutils coreutils Missing TOCTOU Protection on Non-Linux Unix Platforms in Safe Traversal Module

The safetraversal module in uutils coreutils, which provides protection against Time-of-Check to Time-of-Use TOCTOU symlink races using file-descriptor-relative syscalls, is incorrectly limited to Linux targets. On other Unix-like systems such as macOS and FreeBSD, the utility fails to utilize...

3.6CVSS5.8AI score0.0018EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/04/22 4:8 p.m.35 views

CVE-2026-35362 uutils coreutils Missing TOCTOU Protection on Non-Linux Unix Platforms in Safe Traversal Module

The safetraversal module in uutils coreutils, which provides protection against Time-of-Check to Time-of-Use TOCTOU symlink races using file-descriptor-relative syscalls, is incorrectly limited to Linux targets. On other Unix-like systems such as macOS and FreeBSD, the utility fails to utilize...

3.6CVSS0.0018EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/04/22 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2026-31499

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Bluetooth: L2CAP: Fix deadlock in l2capconndel l2capconndel calls canceldelayedworksync for both infotimer and idaddrtimer while holding conn-lock. However, the...

5.5CVSS6.2AI score0.00094EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/04/17 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2026-40200

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in musl libc 0.7.10 through 1.2.6. Stack-based memory corruption can occur during qsort of very large arrays, due to incorrectly...

8.1CVSS6.1AI score0.00128EPSS
Exploits0References3
Rows per page
Query Builder