Lucene search

K

85 matches found

CVE
CVE
added 2018/07/10 4:29 p.m.45 views

CVE-2018-1487

IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5 and 11.1 binaries load shared libraries from an untrusted path potentially giving low privilege users full access to the DB2 instance account by loading a malicious shared library. IBM X-Force ID: 140972.

8.4CVSS7.4AI score0.00077EPSS
CVE
CVE
added 2018/09/21 1:29 p.m.45 views

CVE-2018-1685

IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 contains a vulnerability in db2cacpy that could allow a local user to read any file on the system. IBM X-Force ID: 145502.

5.5CVSS5.8AI score0.00073EPSS
CVE
CVE
added 2018/11/09 1:29 a.m.45 views

CVE-2018-1802

IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 binaries load shared libraries from an untrusted path potentially giving low privilege user full access to the DB2 instance account by loading a malicious shared library. IBM X-Force ID: 149640.

8.4CVSS7.4AI score0.00114EPSS
CVE
CVE
added 2019/04/03 2:29 p.m.45 views

CVE-2018-1936

IBM DB2 9.7, 10.1, 10.5, and 11.1 libdb2e.so.1 is vulnerable to a stack based buffer overflow, caused by improper bounds checking which could allow an attacker to execute arbitrary code. IBM X-Force ID: 153316.

8.4CVSS7.7AI score0.00058EPSS
CVE
CVE
added 2014/11/08 11:55 a.m.44 views

CVE-2014-6159

IBM DB2 9.7 before FP10, 9.8 through FP5, 10.1 through FT4, and 10.5 through FP4 on Linux, UNIX, and Windows, when immediate AUTO_REVAL is enabled, allows remote authenticated users to cause a denial of service (daemon crash) via a crafted ALTER TABLE statement.

3.5CVSS6.2AI score0.01463EPSS
CVE
CVE
added 2018/05/25 2:29 p.m.44 views

CVE-2018-1452

IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 contains a vulnerability that could allow a local user to overwrite arbitrary files owned by the DB2 instance owner. IBM X-Force ID: 140047.

5.5CVSS5.5AI score0.00066EPSS
CVE
CVE
added 2018/05/25 2:29 p.m.44 views

CVE-2018-1565

IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 could allow a local user to overflow a buffer which may result in a privilege escalation to the DB2 instance owner. IBM X-Force ID: 143022.

8.4CVSS7.7AI score0.00061EPSS
CVE
CVE
added 2018/07/10 4:29 p.m.44 views

CVE-2018-1566

IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 could allow a local user to execute arbitrary code due to a format string error. IBM X-Force ID: 143023.

8.4CVSS7.7AI score0.00083EPSS
CVE
CVE
added 2019/03/11 10:29 p.m.44 views

CVE-2019-4015

IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 is vulnerable to a buffer overflow, which could allow an authenticated local attacker to execute arbitrary code on the system as root. IBM X-ForceID: 155893.

8.4CVSS7.7AI score0.00098EPSS
CVE
CVE
added 2021/03/11 4:15 p.m.44 views

CVE-2020-4976

IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 could allow a local user to read and write specific files due to weak file permissions. IBM X-Force ID: 192469.

5.1CVSS5.4AI score0.00086EPSS
CVE
CVE
added 2019/03/11 10:29 p.m.43 views

CVE-2018-1978

IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 is vulnerable to a buffer overflow, which could allow an authenticated local attacker to execute arbitrary code on the system as root. IBM X-ForceID: 154069.

8.4CVSS7.7AI score0.00077EPSS
CVE
CVE
added 2019/03/11 10:29 p.m.43 views

CVE-2018-1980

IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 is vulnerable to a buffer overflow, which could allow an authenticated local attacker to execute arbitrary code on the system as root. IBM X-ForceID: 154078.

8.4CVSS7.7AI score0.00077EPSS
CVE
CVE
added 2014/09/04 10:55 a.m.42 views

CVE-2014-3094

Stack-based buffer overflow in IBM DB2 9.7 through FP9a, 9.8 through FP5, 10.1 through FP4, and 10.5 before FP4 on Linux, UNIX, and Windows allows remote authenticated users to execute arbitrary code via a crafted ALTER MODULE statement.

8.5CVSS7.7AI score0.17886EPSS
CVE
CVE
added 2017/09/12 9:29 p.m.42 views

CVE-2017-1438

IBM DB2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, and 11.1 (includes DB2 Connect Server) could allow a local user with DB2 instance owner privileges to obtain root access. IBM X-Force ID: 128057.

7.2CVSS6.6AI score0.00072EPSS
CVE
CVE
added 2017/09/12 9:29 p.m.42 views

CVE-2017-1439

IBM DB2 for Linux, UNIX and Windows 9.7, 10,1, 10.5, and 11.1 (includes DB2 Connect Server) could allow a local user with DB2 instance owner privileges to obtain root access. IBM X-Force ID: 128058.

7.2CVSS6.6AI score0.00072EPSS
CVE
CVE
added 2019/03/11 10:29 p.m.42 views

CVE-2019-4016

IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 is vulnerable to a buffer overflow, which could allow an authenticated local attacker to execute arbitrary code on the system as root. IBM X-ForceID: 155894.

8.4CVSS7.7AI score0.00098EPSS
CVE
CVE
added 2019/03/21 4:1 p.m.42 views

CVE-2019-4094

IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 binaries load shared libraries from an untrusted path potentially giving low privilege user full access to root by loading a malicious shared library. IBM X-Force ID: 158014.

8.4CVSS7.3AI score0.00044EPSS
CVE
CVE
added 2014/12/18 4:59 p.m.41 views

CVE-2014-8901

IBM DB2 9.5 through FP10, 9.7 through FP10, 9.8 through FP5, 10.1 through FP4, and 10.5 before FP5 allows remote authenticated users to cause a denial of service (CPU consumption) via a crafted XML query.

4CVSS6.2AI score0.01579EPSS
CVE
CVE
added 2018/01/16 7:29 p.m.41 views

CVE-2016-0215

IBM DB2 9.7, 10.1 before FP6, and 10.5 before FP8 on AIX, Linux, HP, Solaris and Windows allow remote authenticated users to cause a denial of service (daemon crash) via a SELECT statement with a subquery containing the AVG OLAP function on an Oracle compatible database.

6.5CVSS5.9AI score0.00538EPSS
CVE
CVE
added 2017/09/12 9:29 p.m.41 views

CVE-2017-1520

IBM DB2 9.7, 10,1, 10.5, and 11.1 is vulnerable to an unauthorized command that allows the database to be activated when authentication type is CLIENT. IBM X-Force ID: 129830.

4.3CVSS5.6AI score0.00199EPSS
CVE
CVE
added 2018/11/09 1:29 a.m.41 views

CVE-2018-1834

IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 contains a vulnerability that could allow a local user to escalate their privileges to root through a symbolic link attack. IBM X-Force ID: 150511.

7.8CVSS7.4AI score0.00041EPSS
CVE
CVE
added 2018/11/30 3:29 p.m.41 views

CVE-2018-1897

IBM DB2 for Linux, UNIX and Windows 9.7, 10.1, 10.5., and 11.1 db2pdcfg is vulnerable to a stack based buffer overflow, caused by improper bounds checking which could allow an attacker to execute arbitrary code. IBM X-Force ID: 152462.

8.4CVSS7.7AI score0.00117EPSS
CVE
CVE
added 2019/03/11 10:29 p.m.41 views

CVE-2018-1923

IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 is affected by buffer overflow vulnerability that can potentially result in arbitrary code execution. IBM X-Force ID: 152859.

8.4CVSS7.8AI score0.0014EPSS
CVE
CVE
added 2018/05/25 2:29 p.m.40 views

CVE-2018-1451

IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 contains a vulnerability that could allow a local user to overwrite arbitrary files owned by the DB2 instance owner. IBM X-Force ID: 140046.

5.5CVSS5.8AI score0.00066EPSS
CVE
CVE
added 2018/07/10 4:29 p.m.40 views

CVE-2018-1458

IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10,1, 10.5 and 11.1 could allow a local user to execute arbitrary code and conduct DLL hijacking attacks. IBM X-Force ID: 140209.

7.8CVSS7.7AI score0.00284EPSS
CVE
CVE
added 2021/05/26 5:15 p.m.40 views

CVE-2019-4588

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 could allow a local user to execute arbitrary code and conduct DLL hijacking attacks.

7.8CVSS7.8AI score0.00116EPSS
CVE
CVE
added 2013/10/02 10:35 a.m.39 views

CVE-2013-4032

The Fast Communications Manager (FCM) in IBM DB2 Enterprise Server Edition and Advanced Enterprise Server Edition 10.1 before FP3 and 10.5, when a multi-node configuration is used, allows remote attackers to cause a denial of service via vectors involving arbitrary data.

5CVSS6.7AI score0.00653EPSS
CVE
CVE
added 2018/09/21 1:29 p.m.39 views

CVE-2018-1711

IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 could allow a local user to to gain privileges due to allowing modification of columns of existing tasks. IBM X-Force ID: 146369.

8.4CVSS7.5AI score0.00087EPSS
CVE
CVE
added 2018/11/09 1:29 a.m.39 views

CVE-2018-1781

IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 could allow a local user to obtain root access by exploiting a symbolic link attack to read/write/corrupt a file that they originally did not have permission to access. IBM X-Force ID: 148804.

8.4CVSS7.2AI score0.00044EPSS
CVE
CVE
added 2018/11/09 1:29 a.m.38 views

CVE-2018-1799

IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 could allow a local unprivileged user to overwrite files on the system which could cause damage to the database. IBM X-Force ID: 149429.

6.2CVSS6AI score0.00075EPSS
CVE
CVE
added 2019/03/11 10:29 p.m.37 views

CVE-2018-1922

IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 is affected by buffer overflow vulnerability that can potentially result in arbitrary code execution. IBM X-Force ID: 152858.

8.4CVSS7.8AI score0.0014EPSS
CVE
CVE
added 2018/05/25 2:29 p.m.36 views

CVE-2018-1450

IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 contains a vulnerability that could allow a local user to overwrite arbitrary files owned by the DB2 instance owner. IBM X-Force ID: 140045.

5.5CVSS5.8AI score0.00066EPSS
CVE
CVE
added 2018/09/21 1:29 p.m.35 views

CVE-2018-1710

IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 10.1, 10.5, and 11.1 tool db2licm is affected by buffer overflow vulnerability that can potentially result in arbitrary code execution. IBM X-Force ID: 146364.

8.4CVSS8AI score0.00122EPSS
CVE
CVE
added 2018/05/25 2:29 p.m.34 views

CVE-2018-1459

IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 is vulnerable to stack based buffer overflow, caused by improper bounds checking which could lead an attacker to execute arbitrary code. IBM X-Force ID: 140210.

7.8CVSS7.8AI score0.00129EPSS
CVE
CVE
added 2018/05/25 2:29 p.m.31 views

CVE-2018-1449

IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 contains a vulnerability that could allow a local user to overwrite arbitrary files owned by the DB2 instance owner. IBM X-Force ID: 140044.

5.5CVSS5.8AI score0.00066EPSS
Total number of security vulnerabilities85