Db2@10.5 Security Vulnerabilities and Issues — Db2@10.5 CVE List

Lucene search

IbmDb210.5

13 matches found

CVE•added 2023/02/17 5:15 p.m.•133 views

CVE-2022-43927

IBM Db2 for Linux, UNIX and Windows 10.5, 11.1, and 11.5 is vulnerable to information Disclosure due to improper privilege management when a specially crafted table access is used. IBM X-Force ID: 241671.

7.5CVSS6.3AI score0.00053EPSS

CVE•added 2023/04/26 8:15 p.m.•133 views

CVE-2023-27559

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to a denial of service as the server may crash when using a specially crafted subquery. IBM X-Force ID: 249196.

7.5CVSS5.8AI score0.00096EPSS

CVE•added 2023/02/17 6:15 p.m.•111 views

CVE-2022-43930

IBM Db2 for Linux, UNIX and Windows 10.5, 11.1, and 11.5 is vulnerable to an Information Disclosure as sensitive information may be included in a log file. IBM X-Force ID: 241677.

7.5CVSS6.3AI score0.00037EPSS

CVE•added 2023/10/16 9:15 p.m.•87 views

CVE-2023-30987

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted query on certain databases. IBM X-Force ID: 253440.

7.5CVSS6AI score0.00096EPSS

CVE•added 2023/04/26 1:15 p.m.•84 views

CVE-2023-29257

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to remote code execution as a database administrator of one database may execute code or read/write files from another database within the same instance. IBM X-Force ID: 252011.

7.2CVSS7.2AI score0.00124EPSS

CVE•added 2023/04/28 6:15 p.m.•80 views

CVE-2023-25930

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.1, 11.1, and 11.5 is vulnerable to a denial of service. Under rare conditions, setting a special register may cause the Db2 server to terminate abnormally. IBM X-Force ID: 247862.

5.9CVSS5.5AI score0.00095EPSS

CVE•added 2023/10/16 10:15 p.m.•78 views

CVE-2023-38728

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted XML query statement. IBM X-Force ID: 262258.

7.5CVSS6AI score0.00068EPSS

CVE•added 2023/10/17 12:15 a.m.•76 views

CVE-2023-40373

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) is vulnerable to denial of service with a specially crafted query containing common table expressions. IBM X-Force ID: 263574.

7.5CVSS6AI score0.00039EPSS

CVE•added 2023/04/27 1:15 p.m.•72 views

CVE-2023-29255

IBM DB2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to a denial of service as it may trap when compiling a variation of an anonymous block. IBM X-Force ID: 251991.

7.5CVSS7.2AI score0.0008EPSS

CVE•added 2023/04/28 6:15 p.m.•69 views

CVE-2023-27555

IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.5 is vulnerable to a denial of service when attempting to use ACR client affinity for unfenced DRDA federation wrappers. IBM X-Force ID: 249187.

7.5CVSS6AI score0.00037EPSS

CVE•added 2023/04/28 7:15 p.m.•65 views

CVE-2023-26022

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) is vulnerable to a denial of service as the server may crash when an Out of Memory occurs using the DBMS_OUTPUT module. IBM X-Force ID: 247868.

7.5CVSS6.3AI score0.00108EPSS

CVE•added 2023/12/04 1:15 a.m.•61 views

CVE-2023-38003

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 could allow a user with DATAACCESS privileges to execute routines that they should not have access to. IBM X-Force ID: 260214.

7.2CVSS6.8AI score0.00042EPSS

CVE•added 2023/12/04 12:15 a.m.•39 views

CVE-2023-40692

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, 11.5 is vulnerable to denial of service under extreme stress conditions. IBM X-Force ID: 264807.

7.5CVSS6AI score0.00033EPSS