Ibm ≫ Db2

327 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.

6.5

CVE-2026-1577

EPSS 0.05%
Veröffentlicht 30.04.2026 21:49:24
Zuletzt bearbeitet 10.05.2026 14:16:46

IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 for Linux, UNIX and Windows (includes Db2 Connect Server) could allow an authenticated user to cause a denial of service due to improper neutralization of special elements in data query logic.

6.5

CVE-2025-36122

EPSS 0.05%
Veröffentlicht 30.04.2026 21:48:49
Zuletzt bearbeitet 01.05.2026 17:52:18

IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.3 for Linux, UNIX and Windows (includes DB2 Connect Server) could allow an authenticated user to cause a denial of service using a specially crafted SQL query due to improper allocation of system...

5.3

CVE-2025-14688

EPSS 0.05%
Veröffentlicht 30.04.2026 21:48:11
Zuletzt bearbeitet 01.05.2026 17:52:29

IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.3 for Linux, UNIX and Windows (includes Db2 Connect Server) could allow an authenticated user to cause a denial of service due to improper neutralization of special elements in data query logic w...

6.5

CVE-2026-1352

EPSS 0.05%
Veröffentlicht 22.04.2026 23:37:35
Zuletzt bearbeitet 27.04.2026 18:22:20

8.2

CVE-2025-36247

EPSS 0.24%
Veröffentlicht 17.02.2026 17:13:06
Zuletzt bearbeitet 18.02.2026 19:23:13

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5.0 through 11.5.9 and 12.1.0 through 12.1.3 is vulnerable to an XML external entity injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerabil...

6.5

CVE-2025-36425

EPSS 0.04%
Veröffentlicht 17.02.2026 17:13:03
Zuletzt bearbeitet 18.02.2026 19:22:45

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5.0 through 11.5.9 and 12.1.0 through 12.1.3 could allow an authenticated user to obtain sensitive information under specific HADR configuration.

6.5

CVE-2025-13867

EPSS 0.05%
Veröffentlicht 17.02.2026 17:13:00
Zuletzt bearbeitet 18.02.2026 19:30:10

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5.0 through 11.5.9 and 12.1.0 through 12.1.3 could allow an authenticated user to cause a denial of service due to improper neutralization of special elements in data query logic

6.5

CVE-2025-14689

EPSS 0.07%
Veröffentlicht 17.02.2026 17:12:56
Zuletzt bearbeitet 18.02.2026 19:23:44

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 12.1.0 through 12.1.3 could allow an authenticated user to cause a denial of service due to improper neutralization of special elements in data query logic with federated objects.

6.5

CVE-2025-2668

Medienbericht

EPSS 0.02%
Veröffentlicht 30.01.2026 21:28:18
Zuletzt bearbeitet 05.02.2026 20:03:12

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5.0 - 11.5.9 is vulnerable to a denial of service as the server may crash when an authenticated user creates a specially crafted query.

6.5

CVE-2025-36001