Db2@11.5 Security Vulnerabilities and Issues — Db2@11.5 CVE List

Lucene search

IbmDb211.5

11 matches found

CVE•added 2024/12/19 2:15 a.m.•126 views

CVE-2023-30443

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted query.

6.5CVSS5AI score0.00044EPSS

CVE•added 2024/01/07 7:15 p.m.•99 views

CVE-2023-47145

IBM Db2 for Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 could allow a local user to escalate their privileges to the SYSTEM user using the MSI repair functionality. IBM X-Force ID: 270402.

8.4CVSS7.3AI score0.00015EPSS

CVE•added 2024/04/03 1:16 p.m.•84 views

CVE-2024-27254

IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) 10.5, 11.1, and 11.5 federated server is vulnerable to denial of service with a specially crafted query under certain conditions. IBM X-Force ID: 283813.

6.5CVSS5.2AI score0.0005EPSS

CVE•added 2024/04/03 1:16 p.m.•70 views

CVE-2024-25046

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.1 and 11.5 is vulnerable to a denial of service by an authenticated user using a specially crafted query. IBM X-Force ID: 282953.

6.5CVSS5AI score0.00074EPSS

CVE•added 2024/04/03 1:16 p.m.•69 views

CVE-2023-38729

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to sensitive information disclosure when using ADMIN_CMD with IMPORT or EXPORT.

6.8CVSS6.5AI score0.0006EPSS

CVE•added 2024/04/03 1:16 p.m.•68 views

CVE-2024-22360

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 is vulnerable to a denial of service with a specially crafted query on certain columnar tables. IBM X-Force ID: 280905.

6.5CVSS5.1AI score0.00074EPSS

CVE•added 2024/04/03 1:16 p.m.•62 views

CVE-2023-52296

IBM DB2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 is vulnerable to denial of service when querying a specific UDF built-in function concurrently. IBM X-Force ID: 278547.

5.3CVSS5AI score0.00052EPSS

CVE•added 2024/06/12 7:15 p.m.•59 views

CVE-2023-29267

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5is vulnerable to a denial of service, under specific configurations, as the server may crash when using a specially crafted SQL statement by an authenticated user. IBM X-Force ID: 287612.

6.5CVSS5.6AI score0.00091EPSS

CVE•added 2024/11/23 3:15 a.m.•58 views

CVE-2024-41761

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to a denial of service as the server may crash under certain conditions with a specially crafted query.

5.3CVSS5.2AI score0.00088EPSS

CVE•added 2024/06/12 7:15 p.m.•56 views

CVE-2024-31881

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to a denial of service as the server may crash when using a specially crafted query on certain columnar tables by an authenticated user. IBM X-Force ID: 287613.

6.5CVSS6.2AI score0.00096EPSS

CVE•added 2024/06/12 6:15 p.m.•55 views

CVE-2024-28762

IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted query under certain conditions. IBM X-Force ID: 285246.

6.5CVSS5.3AI score0.00064EPSS