89 matches found
CVE-2026-6938
IBM Db2 12.1.0 through 12.1.4 is vulnerable to authorization bypass when uploading to a remote object storage path with a special query...
CVE-2026-6938
IBM Db2 12.1.0–12.1.4 is vulnerable to an authorization bypass when uploading to a remote object storage path using a special query. The root cause is improper authorization (CWE-285). Affected products/versions: IBM Db2 Server 12.1.0–12.1.4 on Linux/Unix. Impact: authorization bypass potential d...
EUVD-2026-32492
IBM Db2 12.1.0 through 12.1.4 is vulnerable to authorization bypass when uploading to a remote object storage path with a special query...
CVE-2026-6938
IBM Db2 12.1.0 through 12.1.4 is vulnerable to authorization bypass when uploading to a remote object storage path with a special query...
IBM Db2 授权问题漏洞
IBM Db2 is a relational database management system developed by IBM Corporation. Versions 12.1.0 to 12.1.4 of IBM Db2 contain an authorization vulnerability. This vulnerability arises from an authorization bypass that occurs when data is uploaded to a remote object storage path...
Memory Allocation with Excessive Size Value
Overview Affected versions of this package are vulnerable to Memory Allocation with Excessive Size Value via the remote read endpoint when processing snappy-compressed request bodies. An attacker can cause excessive memory allocation and crash the process by sending specially crafted payloads...
[SECURITY] Fedora 44 Update: rust-sccache-0.14.0-2.fc44
Sccache is a ccache-like tool. It is used as a compiler wrapper and avoids compilation when possible. Sccache has the capability to utilize caching in remote storage environments, including various cloud storage options, or alternatively, in local storage...
[SECURITY] Fedora 43 Update: rust-sccache-0.14.0-2.fc43
Sccache is a ccache-like tool. It is used as a compiler wrapper and avoids compilation when possible. Sccache has the capability to utilize caching in remote storage environments, including various cloud storage options, or alternatively, in local storage...
FreePBX filestore authenticated command injection
This module exploits an authenticated command injection vulnerability CVE-2025-64328 in the FreePBX filestore module. The filestore module allows administrators to configure remote file storage backends SSH, FTP, etc. for backup and file management purposes. The vulnerability exists in the SSH...
Rucio WebUI has a Stored Cross-site Scripting (XSS) Vulnerability in its Custom RSE Attribute
Summary A stored Cross-site Scripting XSS vulnerability was identified in the Custom RSE Attribute of the WebUI where attacker-controlled input is persisted by the backend and later rendered in the WebUI without proper output encoding. This allows arbitrary JavaScript execution in the context of...
EUVD-2026-8727
Rucio WebUI has Stored Cross-site Scripting XSS in RSE Metadata...
[SECURITY] Fedora 42 Update: rust-sccache-0.12.0-3.fc42
Sccache is a ccache-like tool. It is used as a compiler wrapper and avoids compilation when possible. Sccache has the capability to utilize caching in remote storage environments, including various cloud storage options, or alternatively, in local storage...
CVE-2025-36365
IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server 11.5.0 - 11.5.9 and 12.1.0 - 12.1.3 under specific configuration of cataloged remote storage aliases could allow an authenticated user to execute unauthorized commands due to an authorization bypass vulnerability using a...
EUVD-2025-206558
IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server 11.5.0 - 11.5.9 and 12.1.0 - 12.1.3 under specific configuration of cataloged remote storage aliases could allow an authenticated user to execute unauthorized commands due to an authorization bypass vulnerability using a...
CVE-2025-36365
IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server 11.5.0 - 11.5.9 and 12.1.0 - 12.1.3 under specific configuration of cataloged remote storage aliases could allow an authenticated user to execute unauthorized commands due to an authorization bypass vulnerability using a...
CVE-2025-36365
IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server 11.5.0 - 11.5.9 and 12.1.0 - 12.1.3 under specific configuration of cataloged remote storage aliases could allow an authenticated user to execute unauthorized commands due to an authorization bypass vulnerability using a...
CVE-2025-36365
IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server 11.5.0 - 11.5.9 and 12.1.0 - 12.1.3 under specific configuration of cataloged remote storage aliases could allow an authenticated user to execute unauthorized commands due to an authorization bypass vulnerability using a...
CVE-2025-36365
IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server 11.5.0 - 11.5.9 and 12.1.0 - 12.1.3 under specific configuration of cataloged remote storage aliases could allow an authenticated user to execute unauthorized commands due to an authorization bypass vulnerability using a...
CVE-2025-36365 IBM Db2 Privilege Escalation
IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server 11.5.0 - 11.5.9 and 12.1.0 - 12.1.3 under specific configuration of cataloged remote storage aliases could allow an authenticated user to execute unauthorized commands due to an authorization bypass vulnerability using a...
CVE-2025-36365
IBM Db2 for Linux, UNIX and Windows (including Db2 Connect Server) versions 11.5.0–11.5.9 and 12.1.0–12.1.3 are affected by an authorization bypass via a user-controlled key when cataloged remote storage aliases are configured. An authenticated user could execute unauthorized commands. Remediatio...