18 matches found
CVE-2026-6938
IBM Db2 12.1.0 through 12.1.4 is vulnerable to authorization bypass when uploading to a remote object storage path with a special query...
CVE-2026-6938
IBM Db2 12.1.0–12.1.4 is vulnerable to an authorization bypass when uploading to a remote object storage path using a special query. The root cause is improper authorization (CWE-285). Affected products/versions: IBM Db2 Server 12.1.0–12.1.4 on Linux/Unix. Impact: authorization bypass potential d...
EUVD-2026-32492
IBM Db2 12.1.0 through 12.1.4 is vulnerable to authorization bypass when uploading to a remote object storage path with a special query...
CVE-2026-6938 IBM® Db2® is vulnerable to authorization bypass when uploading to a remote object storage path with a special query
IBM Db2 12.1.0 through 12.1.4 is vulnerable to authorization bypass when uploading to a remote object storage path with a special query...
CVE-2026-6938 IBM® Db2® is vulnerable to authorization bypass when uploading to a remote object storage path with a special query
IBM Db2 12.1.0 through 12.1.4 is vulnerable to authorization bypass when uploading to a remote object storage path with a special query...
CVE-2026-6938
IBM Db2 12.1.0 through 12.1.4 is vulnerable to authorization bypass when uploading to a remote object storage path with a special query...
PT-2026-43981
Name of the Vulnerable Software and Affected Versions IBM Db2 versions 12.1.0 through 12.1.4 Description An authorization bypass occurs when uploading to a remote object storage path using a special query. Recommendations At the moment, there is no information about a newer version that contains ...
Security Bulletin: IBM® Db2® is vulnerable to authorization bypass when uploading to a remote object storage path with a special query (CVE-2026-6938)
Summary IBM® Db2® is vulnerable to authorization bypass when uploading to a remote object storage path with a special query Vulnerability Details CVEID:CVE-2026-6938 DESCRIPTION: IBM Db2 is vulnerable to authorization bypass when uploading to a remote object storage path with a special query...
CVE-2024-49350
IBM Db2 for Linux, UNIX and Windows includes DB2 Connect Server 11.1.0 through 11.1.4.7, 11.5.0 through 11.5.9 and 12.1.0 through 12.1.1 is vulnerable to a denial of service as the server may crash under certain conditions with a specially crafted query...
Information Disclosure
directmailteam/direct-mail is vulnerable to information disclosure. The extension fails to check if an authenticated backend user has access to pages with newsletter subscriber data when using the "Special query" feature...
GHSA-QWMJ-72MP-Q3M2 Missing Authorization in TYPO3 extension
The directmail extension through 5.2.3 for TYPO3 allows Information Disclosure via a newsletter subscriber data Special Query...
Redash 注入漏洞
Redash is a suite of data integration and analysis solutions from Redash Israel. The product supports data integration, data visualization, query editing and data sharing. A security vulnerability exists in Redash version 8.0.0, which stems from the design of a special query that can bypass...
Design/Logic Flaw
A flaw was found in PostgreSQL in versions before 13.2. This flaw allows a user with SELECT privilege on one column to craft a special query that returns all columns of the table. The highest threat from this vulnerability is to confidentiality...
Red Hat Undertow 资源管理错误漏洞
Red Hat Undertow is a U.S. Red Hat Red Hat, a Java-based embedded Web server, is the default Web server Wildfly Java application server. Red Hat Undertow suffers from a denial of service vulnerability that originates from an input validation error to a user, which can be exploited by an attacker ...
MongoDB Code Issues Vulnerabilities
MongoDB is a document-oriented database management system from the American company MongoDB. A code issue vulnerability exists in MongoDB versions v4.2 through 4.2.2. The vulnerability originates from a denial of service in which a user authorized to perform database queries can trigger an...
CVE-2020-12700
The directmail extension through 5.2.3 for TYPO3 allows Information Disclosure via a newsletter subscriber data Special Query...
CVE-2020-12700
The directmail extension through 5.2.3 for TYPO3 allows Information Disclosure via a newsletter subscriber data Special Query...
Information disclosure
The directmail extension through 5.2.3 for TYPO3 allows Information Disclosure via a newsletter subscriber data Special Query...