CVE-2026-6051 IBM® Db2® is vulnerable to a denial of service when executing a specially crafted query with a small statement heap

IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 is vulnerable to a denial of service when executing a specially crafted query with a small statement heap...

CVE-2026-6051

IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 is vulnerable to a denial of service when executing a specially crafted query with a small statement heap...

CVE-2025-36407

IBM® Db2® is vulnerable to a denial of service with a specially crafted query that uses ALTER TABLE operations...

CVE-2025-36387 IBM Db2 Denial of Service

IBM Db2 for Linux, UNIX and Windows includes DB2 Connect Server 11.5.0 - 11.5.9 could allow an authenticated user to cause a denial of service when given specially crafted query...

EUVD-2024-39341

Malicious code in bioql PyPI...

EUVD-2024-22408

Malicious code in bioql PyPI...

CVE-2024-49828

IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server 10.5.0.0 through 10.5.0.11, 11.1.0 through 11.1.4.7, 11.5.0 through 11.5.9, and 12.1.0 through 12.1.2 is vulnerable to a denial of service as the server may crash under certain conditions with a specially crafted query...

CVE-2024-49828 IBM Db2 for Linux, UNIX and Windows denial of service

IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server 10.5.0.0 through 10.5.0.11, 11.1.0 through 11.1.4.7, 11.5.0 through 11.5.9, and 12.1.0 through 12.1.2 is vulnerable to a denial of service as the server may crash under certain conditions with a specially crafted query...

CVE-2025-2518

CVE-2025-2518 affects IBM Db2 for Linux, UNIX and Windows (including Db2 Connect Server) in releases 11.5.0–11.5.9 and 12.1.0–12.1.1, where a specially crafted query may cause the server to crash (DoS). IBM/Security Bulletin notes an interim fix: special build 58840 for V11.5 and V12.1. Upgrading...

Security Bulletin: IBM® Db2® is vulnerable to denial of service under specific conditions (CVE-2024-45663)

Summary IBM® Db2® is vulnerable to denial of service as the server may crash under certain conditions with a specially crafted query. Vulnerability Details CVEID:CVE-2024-45663 DESCRIPTION: IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server is vulnerable to a denial of service as the...

CVE-2024-41762 IBM Db2 denial of service

IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server 10.5, 11.1, and 11.5 is vulnerable to a denial of service as the server may crash under certain conditions with a specially crafted query...

CVE-2024-37071 IBM Db2 denial of service

IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server 10.5, 11.1, and 11.5 could allow an authenticated user to cause a denial of service with a specially crafted query due to improper memory allocation...

CVE-2024-51164

Multiple parameters have SQL injection vulnerability in JEPaaS 7.2.8 via /je/login/btnLog/insertBtnLog, which could allow a remote user to submit a specially crafted query, allowing an attacker to retrieve all the information stored in the DB...

CVE-2024-51164

Multiple parameters have SQL injection vulnerability in JEPaaS 7.2.8 via /je/login/btnLog/insertBtnLog, which could allow a remote user to submit a specially crafted query, allowing an attacker to retrieve all the information stored in the DB...

CVE-2024-51164

CVE-2024-51164 (JEPaaS 7.2.8) is a SQL injection in the endpoint “/je/login/btnLog/insertBtnLog” that could allow a remote attacker to submit a crafted query and retrieve all information stored in the database. Affected product: JEPaaS 7.2.8. The public documents consistently describe the vulnera...

CVE-2024-10287

Cross-Site Scripting XSS vulnerability affecting LocalServer 1.0.9 that could allow a remote user to send a specially crafted query to an authenticated user and steal their session details through /mlss/ForgotPassword, parameter ListName...

CVE-2024-10288 Cross-Site Scripting (XSS) vulnerability in LocalServer

Cross-Site Scripting XSS vulnerability affecting LocalServer 1.0.9 that could allow a remote user to send a specially crafted query to an authenticated user and steal their session details through /mlss/SubscribeToList, parameter ListName...

CVE-2024-10287 Cross-Site Scripting (XSS) vulnerability in LocalServer

Cross-Site Scripting XSS vulnerability affecting LocalServer 1.0.9 that could allow a remote user to send a specially crafted query to an authenticated user and steal their session details through /mlss/ForgotPassword, parameter ListName...

CVE-2024-10287

CVE-2024-10287 describes a Cross-Site Scripting (XSS) vulnerability affecting LocalServer 1.0.9. A remote attacker can craft a query to an authenticated user via the /mlss/ForgotPassword endpoint, abusing the ListName parameter to steal session details. The CVSS v3.1 base score is 6.1 (Medium), w...

CVE-2024-10287 Cross-Site Scripting (XSS) vulnerability in LocalServer

Cross-Site Scripting XSS vulnerability affecting LocalServer 1.0.9 that could allow a remote user to send a specially crafted query to an authenticated user and steal their session details through /mlss/ForgotPassword, parameter ListName...