Db2@* Security Vulnerabilities and Issues — Db2@* CVE List

Lucene search

IbmDb2*

20 matches found

CVE•added 2023/04/26 8:15 p.m.•133 views

CVE-2023-27559

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to a denial of service as the server may crash when using a specially crafted subquery. IBM X-Force ID: 249196.

7.5CVSS5.8AI score0.00096EPSS

CVE•added 2023/10/16 11:15 p.m.•93 views

CVE-2023-30991

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.1 and 11.5 is vulnerable to denial of service with a specially crafted query. IBM X-Force ID: 254037.

7.5CVSS7.2AI score0.00077EPSS

CVE•added 2023/10/16 9:15 p.m.•87 views

CVE-2023-30987

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted query on certain databases. IBM X-Force ID: 253440.

7.5CVSS6AI score0.00096EPSS

CVE•added 2023/04/28 7:15 p.m.•84 views

CVE-2023-26021

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.1 and 11.5 is vulnerable to a denial of service as the server may crash when compiling a specially crafted SQL query using a LIMIT clause. IBM X-Force ID: 247864.

7.5CVSS7.4AI score0.00079EPSS

CVE•added 2023/04/26 1:15 p.m.•84 views

CVE-2023-29257

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to remote code execution as a database administrator of one database may execute code or read/write files from another database within the same instance. IBM X-Force ID: 252011.

7.2CVSS7.2AI score0.00124EPSS

CVE•added 2023/04/28 6:15 p.m.•80 views

CVE-2023-25930

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.1, 11.1, and 11.5 is vulnerable to a denial of service. Under rare conditions, setting a special register may cause the Db2 server to terminate abnormally. IBM X-Force ID: 247862.

5.9CVSS5.5AI score0.00095EPSS

CVE•added 2023/10/16 11:15 p.m.•79 views

CVE-2023-40374

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 is vulnerable to denial of service with a specially crafted query statement. IBM X-Force ID: 263575.

7.5CVSS6AI score0.00039EPSS

CVE•added 2023/10/16 9:15 p.m.•78 views

CVE-2023-38720

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 and 11.5 is vulnerable to denial of service with a specially crafted ALTER TABLE statement. IBM X-Force ID: 261616.

7.5CVSS6AI score0.00093EPSS

CVE•added 2023/10/16 10:15 p.m.•78 views

CVE-2023-38728

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted XML query statement. IBM X-Force ID: 262258.

7.5CVSS6AI score0.00068EPSS

CVE•added 2023/10/17 12:15 a.m.•76 views

CVE-2023-40373

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) is vulnerable to denial of service with a specially crafted query containing common table expressions. IBM X-Force ID: 263574.

7.5CVSS6AI score0.00039EPSS

CVE•added 2023/10/17 12:15 a.m.•73 views

CVE-2023-40372

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 is vulnerable to denial of service with a specially crafted SQL statement using External Tables. IBM X-Force ID: 263499.

7.5CVSS6.2AI score0.00035EPSS

CVE•added 2023/04/27 1:15 p.m.•72 views

CVE-2023-29255

IBM DB2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to a denial of service as it may trap when compiling a variation of an anonymous block. IBM X-Force ID: 251991.

7.5CVSS7.2AI score0.0008EPSS

CVE•added 2023/10/16 10:15 p.m.•71 views

CVE-2023-38740

IBM Db2 for Linux, UNIX, and Windows (includes Db2 Connect Server) 11.5 is vulnerable to a denial of service with a specially crafted SQL statement. IBM X-Force ID: 262613.

7.5CVSS6.3AI score0.00039EPSS

CVE•added 2023/04/28 6:15 p.m.•69 views

CVE-2023-27555

IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.5 is vulnerable to a denial of service when attempting to use ACR client affinity for unfenced DRDA federation wrappers. IBM X-Force ID: 249187.

7.5CVSS6AI score0.00037EPSS

CVE•added 2023/12/04 2:15 a.m.•67 views

CVE-2023-38727

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted SQL statement. IBM X-Force ID: 262257.

7.5CVSS6.2AI score0.00053EPSS

CVE•added 2023/04/28 7:15 p.m.•65 views

CVE-2023-26022

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) is vulnerable to a denial of service as the server may crash when an Out of Memory occurs using the DBMS_OUTPUT module. IBM X-Force ID: 247868.

7.5CVSS6.3AI score0.00108EPSS

CVE•added 2023/12/04 2:15 a.m.•62 views

CVE-2023-40687

IBM DB2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted RUNSTATS command on an 8TB table. IBM X-Force ID: 264809.

7.5CVSS6.1AI score0.00051EPSS

CVE•added 2023/12/04 1:15 a.m.•54 views

CVE-2023-47701

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted query. IBM X-Force ID: 266166.

7.5CVSS6.6AI score0.00052EPSS

CVE•added 2023/12/04 1:15 a.m.•52 views

CVE-2023-46167

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 federated server is vulnerable to a denial of service when a specially crafted cursor is used. IBM X-Force ID: 269367.

7.5CVSS6.3AI score0.00057EPSS

CVE•added 2023/12/04 2:15 a.m.•45 views

CVE-2023-29258

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.1, and 11.5 is vulnerable to a denial of service through a specially crafted federated query on specific federation objects. IBM X-Force ID: 252048.

7.5CVSS6AI score0.00051EPSS