Lucene search

K

70 matches found

CVE
CVE
added 2023/04/26 8:15 p.m.133 views

CVE-2023-27559

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to a denial of service as the server may crash when using a specially crafted subquery. IBM X-Force ID: 249196.

7.5CVSS5.8AI score0.00096EPSS
CVE
CVE
added 2024/01/07 7:15 p.m.99 views

CVE-2023-47145

IBM Db2 for Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 could allow a local user to escalate their privileges to the SYSTEM user using the MSI repair functionality. IBM X-Force ID: 270402.

8.4CVSS7.3AI score0.00015EPSS
CVE
CVE
added 2024/01/22 8:15 p.m.96 views

CVE-2023-47158

IBM DB2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1 and 11.5 could allow an authenticated user with CONNECT privileges to cause a denial of service using a specially crafted query. IBM X-Force ID: 270750.

6.5CVSS6.1AI score0.00036EPSS
CVE
CVE
added 2023/10/16 11:15 p.m.93 views

CVE-2023-30991

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.1 and 11.5 is vulnerable to denial of service with a specially crafted query. IBM X-Force ID: 254037.

7.5CVSS7.2AI score0.00042EPSS
CVE
CVE
added 2024/10/23 2:15 a.m.93 views

CVE-2024-31880

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to a denial of service, under specific configurations, as the server may crash when using a specially crafted SQL statement by an authenticated user.

6.5CVSS5.6AI score0.00172EPSS
CVE
CVE
added 2024/01/22 7:15 p.m.91 views

CVE-2023-50308

IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.5 under certain circumstances could allow an authenticated user to the database to cause a denial of service when a statement is run on columnar tables. IBM X-Force ID: 273393.

6.5CVSS6.2AI score0.00035EPSS
CVE
CVE
added 2023/10/16 9:15 p.m.87 views

CVE-2023-30987

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted query on certain databases. IBM X-Force ID: 253440.

7.5CVSS6AI score0.00052EPSS
CVE
CVE
added 2023/04/28 7:15 p.m.84 views

CVE-2023-26021

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.1 and 11.5 is vulnerable to a denial of service as the server may crash when compiling a specially crafted SQL query using a LIMIT clause. IBM X-Force ID: 247864.

7.5CVSS7.4AI score0.00079EPSS
CVE
CVE
added 2023/04/26 1:15 p.m.84 views

CVE-2023-29257

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to remote code execution as a database administrator of one database may execute code or read/write files from another database within the same instance. IBM X-Force ID: 252011.

7.2CVSS7.2AI score0.00124EPSS
CVE
CVE
added 2024/01/22 7:15 p.m.84 views

CVE-2023-47746

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 could allow an authenticated user with CONNECT privileges to cause a denial of service using a specially crafted query. IBM X-Force ID: 272644.

6.5CVSS6.2AI score0.00043EPSS
CVE
CVE
added 2024/01/22 8:15 p.m.83 views

CVE-2023-47747

IBM DB2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.1, 10.5, and 11.1 could allow an authenticated user with CONNECT privileges to cause a denial of service using a specially crafted query. IBM X-Force ID: 272646.

6.5CVSS6.2AI score0.00037EPSS
CVE
CVE
added 2020/11/20 2:15 p.m.81 views

CVE-2020-4739

IBM DB2 Accessories Suite for Linux, UNIX, and Windows, DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 could allow a local authenticated attacker to execute arbitrary code on the system, caused by DLL search order hijacking vulnerability in Microsoft W...

7.8CVSS7.6AI score0.0007EPSS
CVE
CVE
added 2023/04/28 6:15 p.m.80 views

CVE-2023-25930

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.1, 11.1, and 11.5 is vulnerable to a denial of service. Under rare conditions, setting a special register may cause the Db2 server to terminate abnormally. IBM X-Force ID: 247862.

5.9CVSS5.5AI score0.00095EPSS
CVE
CVE
added 2023/10/16 11:15 p.m.79 views

CVE-2023-40374

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 is vulnerable to denial of service with a specially crafted query statement. IBM X-Force ID: 263575.

7.5CVSS6AI score0.00035EPSS
CVE
CVE
added 2023/10/16 9:15 p.m.78 views

CVE-2023-38720

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 and 11.5 is vulnerable to denial of service with a specially crafted ALTER TABLE statement. IBM X-Force ID: 261616.

7.5CVSS6AI score0.00051EPSS
CVE
CVE
added 2023/10/16 10:15 p.m.78 views

CVE-2023-38728

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted XML query statement. IBM X-Force ID: 262258.

7.5CVSS6AI score0.00037EPSS
CVE
CVE
added 2023/10/17 12:15 a.m.76 views

CVE-2023-40373

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) is vulnerable to denial of service with a specially crafted query containing common table expressions. IBM X-Force ID: 263574.

7.5CVSS6AI score0.00035EPSS
CVE
CVE
added 2024/01/22 9:15 p.m.75 views

CVE-2023-47141

IIBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 could allow an authenticated user with CONNECT privileges to cause a denial of service using a specially crafted query. IBM X-Force ID: 270264.

6.5CVSS6.2AI score0.00036EPSS
CVE
CVE
added 2019/07/01 3:15 p.m.73 views

CVE-2019-4386

IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.1 could allow an authenticated user to execute a function that would cause the server to crash. IBM X-Force ID: 162714.

6.5CVSS6.6AI score0.00326EPSS
CVE
CVE
added 2023/10/17 12:15 a.m.73 views

CVE-2023-40372

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 is vulnerable to denial of service with a specially crafted SQL statement using External Tables. IBM X-Force ID: 263499.

7.5CVSS6.2AI score0.00035EPSS
CVE
CVE
added 2023/04/27 1:15 p.m.72 views

CVE-2023-29255

IBM DB2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to a denial of service as it may trap when compiling a variation of an anonymous block. IBM X-Force ID: 251991.

7.5CVSS7.2AI score0.0008EPSS
CVE
CVE
added 2024/01/22 8:15 p.m.72 views

CVE-2023-47152

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 is vulnerable to an insecure cryptographic algorithm and to information disclosure in stack trace under exceptional conditions.

7.5CVSS6.3AI score0.0008EPSS
CVE
CVE
added 2009/08/19 5:30 p.m.71 views

CVE-2009-2858

Memory leak in the Security component in IBM DB2 8.1 before FP18 on Unix platforms allows attackers to cause a denial of service (memory consumption) via unspecified vectors, related to private memory within the DB2 memory structure.

5CVSS8.8AI score0.00371EPSS
CVE
CVE
added 2023/10/16 10:15 p.m.71 views

CVE-2023-38740

IBM Db2 for Linux, UNIX, and Windows (includes Db2 Connect Server) 11.5 is vulnerable to a denial of service with a specially crafted SQL statement. IBM X-Force ID: 262613.

7.5CVSS6.3AI score0.00036EPSS
CVE
CVE
added 2024/01/22 7:15 p.m.71 views

CVE-2023-45193

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 federated server is vulnerable to a denial of service when a specially crafted cursor is used. IBM X-Force ID: 268759.

7.5CVSS7.2AI score0.00039EPSS
CVE
CVE
added 2023/04/28 6:15 p.m.69 views

CVE-2023-27555

IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.5 is vulnerable to a denial of service when attempting to use ACR client affinity for unfenced DRDA federation wrappers. IBM X-Force ID: 249187.

7.5CVSS6AI score0.00037EPSS
CVE
CVE
added 2007/05/10 12:19 a.m.68 views

CVE-2007-2582

Multiple buffer overflows in the DB2 JDBC Applet Server (DB2JDS) service in IBM DB2 9.x and earlier allow remote attackers to (1) execute arbitrary code via a crafted packet to the DB2JDS service on tcp/6789; and cause a denial of service via (2) an invalid LANG parameter or (2) a long packet that ...

10CVSS9.5AI score0.07326EPSS
CVE
CVE
added 2023/12/04 2:15 a.m.67 views

CVE-2023-38727

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted SQL statement. IBM X-Force ID: 262257.

7.5CVSS6.2AI score0.00053EPSS
CVE
CVE
added 2025/05/05 9:15 p.m.66 views

CVE-2025-1493

IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) 12.1.0 through 12.1.1 could allow an authenticated user to cause a denial of service due to concurrent execution of shared resources.

5.3CVSS5.3AI score0.00072EPSS
CVE
CVE
added 2023/04/28 7:15 p.m.65 views

CVE-2023-26022

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) is vulnerable to a denial of service as the server may crash when an Out of Memory occurs using the DBMS_OUTPUT module. IBM X-Force ID: 247868.

7.5CVSS6.3AI score0.00108EPSS
CVE
CVE
added 2024/01/22 8:15 p.m.65 views

CVE-2023-27859

IBM Db2 10.1, 10.5, and 11.1 could allow a remote user to execute arbitrary code caused by installing like named jar files across multiple databases. A user could exploit this by installing a malicious jar file that overwrites the existing like named jar file in another database. IBM X-Force ID: 24...

6.5CVSS6.7AI score0.00106EPSS
CVE
CVE
added 2024/12/07 2:15 p.m.64 views

CVE-2024-41762

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to a denial of service as the server may crash under certain conditions with a specially crafted query.

6.5CVSS5.3AI score0.00059EPSS
CVE
CVE
added 2023/12/04 2:15 a.m.62 views

CVE-2023-40687

IBM DB2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted RUNSTATS command on an 8TB table. IBM X-Force ID: 264809.

7.5CVSS6.1AI score0.00051EPSS
CVE
CVE
added 2024/08/14 6:15 p.m.62 views

CVE-2024-35136

IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) federated server 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted query under certain non default conditions. IBM X-Force ID: 291307.

6.5CVSS5.8AI score0.00209EPSS
CVE
CVE
added 2025/05/29 8:15 p.m.62 views

CVE-2024-49350

IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.1.0 through 11.1.4.7, 11.5.0 through 11.5.9 and 12.1.0 through 12.1.1 is vulnerable to a denial of service as the server may crash under certain conditions with a specially crafted query.

7.5CVSS6.4AI score0.00062EPSS
CVE
CVE
added 2011/02/01 6:0 p.m.61 views

CVE-2011-0731

Buffer overflow in the DB2 Administration Server (DAS) component in IBM DB2 9.1 before FP10, 9.5 before FP7, and 9.7 before FP3 on Linux, UNIX, and Windows allows remote attackers to execute arbitrary code via unspecified vectors.

7.5CVSS9.6AI score0.09975EPSS
CVE
CVE
added 2021/03/11 4:15 p.m.61 views

CVE-2020-5025

IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 db2fm is vulnerable to a buffer overflow, caused by improper bounds checking which could allow a local attacker to execute arbitrary code on the system with root privileges. IBM X-Force ID: 193661.

8.4CVSS7.9AI score0.00306EPSS
CVE
CVE
added 2008/02/13 12:0 a.m.59 views

CVE-2007-3676

IBM DB2 Universal Database (UDB) Administration Server (DAS) 8 before Fix Pack 16 and 9 before Fix Pack 4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via modified pointer values in unspecified remote administration requests, which triggers memory...

10CVSS9.7AI score0.04548EPSS
CVE
CVE
added 2025/05/05 9:15 p.m.58 views

CVE-2025-0915

IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.5.0 through 11.5.9 and 12.1.0 through 12.1.1 under specific configurations could allow an authenticated user to cause a denial of service due to insufficient release of allocated memory resources.

6.5CVSS6.7AI score0.00062EPSS
CVE
CVE
added 2012/09/25 8:55 p.m.57 views

CVE-2012-3324

Directory traversal vulnerability in the UTL_FILE module in IBM DB2 and DB2 Connect 10.1 before FP1 on Windows allows remote authenticated users to modify, delete, or read arbitrary files via a pathname in the file field.

9CVSS8.5AI score0.00914EPSS
CVE
CVE
added 2024/08/14 6:15 p.m.56 views

CVE-2024-37529

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.1 and 11.5 could allow an authenticated user to cause a denial of service with a specially crafted query due to improper memory allocation. IBM X-Force ID: 294295.

6.5CVSS6.3AI score0.00132EPSS
CVE
CVE
added 2024/08/14 6:15 p.m.55 views

CVE-2024-31882

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.1 and 11.5 is vulnerable to a denial of service, under specific non default configurations, as the server may crash when using a specially crafted SQL statement by an authenticated user. IBM X-Force ID: 287614.

6.5CVSS6.1AI score0.0024EPSS
CVE
CVE
added 2023/12/04 1:15 a.m.54 views

CVE-2023-47701

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted query. IBM X-Force ID: 266166.

7.5CVSS6.6AI score0.00052EPSS
CVE
CVE
added 2025/05/05 9:15 p.m.54 views

CVE-2025-1000

IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.5.0 through 11.5.9 and 12.1.0 through 12.1.1 could allow an authenticated user to cause a denial of service when connecting to a z/OS database due to improper handling of automatic client rerouting.

6.5CVSS6.8AI score0.00062EPSS
CVE
CVE
added 2025/05/29 8:15 p.m.54 views

CVE-2025-3050

IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.5.0 through 11.5.9 and 12.1.0 through 12.1.1 could allow an authenticated user to cause a denial of service when using Q replication due to the improper allocation of CPU resources.

6.5CVSS5.3AI score0.00062EPSS
CVE
CVE
added 2009/08/19 5:30 p.m.53 views

CVE-2009-2860

Unspecified vulnerability in db2jds in IBM DB2 8.1 before FP18 allows remote attackers to cause a denial of service (service crash) via "malicious packets."

5CVSS8.8AI score0.0107EPSS
CVE
CVE
added 2011/02/02 11:0 p.m.53 views

CVE-2011-0757

IBM DB2 9.1 before FP10, 9.5 before FP6a, and 9.7 before FP2 on Linux, UNIX, and Windows does not properly revoke the DBADM authority, which allows remote authenticated users to execute non-DDL statements by leveraging previous possession of this authority.

6.5CVSS8.9AI score0.01049EPSS
CVE
CVE
added 2011/05/03 8:55 p.m.53 views

CVE-2011-1847

IBM DB2 9.5 before FP7 and 9.7 before FP4 on Linux, UNIX, and Windows does not properly enforce privilege requirements for table access, which allows remote authenticated users to modify SYSSTAT.TABLES statistics columns via an UPDATE statement. NOTE: some of these details are obtained from third p...

4.9CVSS8.8AI score0.01241EPSS
CVE
CVE
added 2025/05/29 8:15 p.m.53 views

CVE-2025-2518

IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.5.0 through 11.5.9 and 12.1.0 through 12.1.1 is vulnerable to a denial of service as the server may crash under certain conditions with a specially crafted query.

7.5CVSS5.3AI score0.00062EPSS
CVE
CVE
added 2021/03/11 4:15 p.m.52 views

CVE-2020-5024

IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 could allow an unauthenticated attacker to cause a denial of service due a hang in the SSL handshake response. IBM X-Force ID: 193660.

7.5CVSS7.1AI score0.01607EPSS
Total number of security vulnerabilities70