CVE-2025-36098 IBM Db2 Denial of Service

IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server 11.5.0 - 11.5.9 and 12.1.0 - 12.1.3 could allow an authenticated user to cause a denial of service due to improper allocation of resources...

CVE-2022-23878

seacms V11.5 is affected by an arbitrary code execution vulnerability in adminconfig.php...

EUVD-2022-28803

Malicious code in bioql PyPI...

Security Bulletin: IBM® Db2® could disclose sensitive information when using ADMIN_CMD with LOAD or BACKUP. (CVE-2021-29825)

Summary IBM® Db2® could disclose sensitive information when using ADMINCMD with LOAD or BACKUP. Note: In addition to applying Special Build, registry variable DB2LOADRESTRICTEDIOPATH needs to be set to USEEXTBLLOCATION 11.1 or later, or one or more semi-colon separated paths. When using...

Security Bulletin: IBM® Db2® is vulnerable to a denial of service when a specially crafted request is used via CLI. (CVE-2023-45178)

Summary IBM® Db2® is vulnerable to a denial of service when a specially crafted request is used via CLI. Vulnerability Details CVEID:CVE-2023-45178 DESCRIPTION: IBM Db2 for Linux, UNIX and Windows includes DB2 Connect Server CLI is vulnerable to a denial of service when a specially crafted reques...

Security Bulletin: IBM DB2 used by IBM Security Verify Governance has multiple vulnerabilities

Summary Information about security vulnerabilities affecting IBM DB2 has been published in security bulletins. IBM Security Verify Governance components Verify Governance, Identity Manager - Software, Identity Manager - Virtual Appliance, and Identity Manager - Container ship with IBM DB2...

Security Bulletin: IBM® Db2® is vulnerable to a denial of service with a specially crafted SQL statement (CVE-2023-38740)

Summary IBM® Db2® is vulnerable to a denial of service with a specially crafted SQL statement. Vulnerability Details CVEID:CVE-2023-38740 DESCRIPTION: IBM Db2 for Linux, UNIX, and Windows includes Db2 Connect Server is vulnerable to a denial of service with a specially crafted SQL statement. CVSS...

Security Bulletin: IBM® Db2® is vulnerable to insufficient audit logging. (CVE-2023-23487)

Summary IBM® Db2® is vulnerable to insufficient audit logging. Vulnerability Details CVEID: CVE-2023-23487 DESCRIPTION: IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server is vulnerable to insufficient audit logging. CVSS Base score: 4.3 CVSS Temporal Score: See:...

Security Bulletin: IBM® Db2® is vulnerable to remote code execution as a database administrator of one database may execute code or read/write files from another database within the same instance. (CVE-2023-29257)

Summary IBM® Db2® is vulnerable to remote code execution as a database administrator of one database may execute code or read/write files from another database within the same instance. Vulnerability Details CVEID:CVE-2023-29257 DESCRIPTION: IBM Db2 is vulnerable to remote code execution as a...

Security Bulletin: IBM® Db2® is vulnerable to an information disclosure vulnerabilitiy due to improper privilege management when a specially crafted table access is used. (CVE-2022-43927)

Summary IBM® Db2® is vulnerable to an information disclosure vulnerability due to improper privilege management when a specially crafted table access is used. Vulnerability Details CVEID:CVE-2022-43927 DESCRIPTION: IBM Db2 is vulnerable to information Disclosure due to improper privilege manageme...

Security Bulletin: Multiple vulnerabilities in Apache Log4j affects some features of IBM® Db2® (CVE-2021-45046, CVE-2021-45105)

Summary Apache Log4j open source library used by IBM® Db2® is affected by multiple vulnerabilities that could allow a remote attacker to execute arbitrary code on the system or cause a denial of service. This library is used by the Db2 Federation feature. The fix for the vulnerability is to updat...

Security Bulletin: Security vulnerabilities have been identified in IBM DB2 used by IBM Security Verify Governance, Identity Manager virtual appliance component

Summary Information about security vulnerabilities affecting IBM DB2 have been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions Affected Products| Versions ---|--- IBM Security Verify...

Security Bulletin: IBM® Db2® is vulnerable to a denial of service (CVE-2022-22389)

Summary IBM® Db2® is vulnerable to a denial of service as the server may terminate abnormally when executing specially crafted SQL statements by an authenticated user. Vulnerability Details CVEID: CVE-2022-22389 DESCRIPTION: IBM Db2 is vulnerable to a denial of service as the server may terminate...

seacms arbitrary code execution vulnerability

seacms Ocean Video Management System is a video-on-demand system designed for webmasters with different needs. seacms V11.5 has an arbitrary code execution vulnerability, which can be exploited by attackers to write malicious files to the site and execute commands...

CVE-2022-23878

seacms V11.5 is affected by an arbitrary code execution vulnerability in adminconfig.php...

Remote code execution

seacms V11.5 is affected by an arbitrary code execution vulnerability in adminconfig.php...

CVE-2022-23878

seacms V11.5 is affected by an arbitrary code execution vulnerability in adminconfig.php...

CVE-2022-23878

CVE-2022-23878 affects seacms V11.5 with an arbitrary code execution vulnerability in admin_config.php. Multiple connected sources confirm that an attacker can write malicious files to the site and execute commands, leading to full impact on affected installations. CVSS data from NVD indicates hi...

Security Bulletin: IBM® Db2® is vulnerable to an information disclosure, exposing remote storage credentials to privileged users under specific conditions.(CVE-2021-29752)

Summary IBM® Db2® is vulnerable to an information disclosure, exposing remote storage credentials to privileged users under specific conditions.CVE-2021-29752 Vulnerability Details CVEID: CVE-2021-29752 DESCRIPTION: IBM Db2 contains an information disclosure vulnerability, exposing remote storage...

CVE-2021-40313

Piwigo v11.5 was discovered to contain a SQL injection vulnerability via the parameter pwgtoken in /admin/batchmanagerglobal.php...