Ibm

Db2

323 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.2

CVE-2025-36247

  • EPSS 0.2%
  • Veröffentlicht 17.02.2026 17:13:06
  • Zuletzt bearbeitet 18.02.2026 19:23:13

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5.0 through 11.5.9 and 12.1.0 through 12.1.3 is vulnerable to an XML external entity injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerabil...

6.5

CVE-2025-36425

  • EPSS 0.03%
  • Veröffentlicht 17.02.2026 17:13:03
  • Zuletzt bearbeitet 18.02.2026 19:22:45

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5.0 through 11.5.9 and 12.1.0 through 12.1.3 could allow an authenticated user to obtain sensitive information under specific HADR configuration.

6.5

CVE-2025-13867

  • EPSS 0.04%
  • Veröffentlicht 17.02.2026 17:13:00
  • Zuletzt bearbeitet 18.02.2026 19:30:10

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5.0 through 11.5.9 and 12.1.0 through 12.1.3 could allow an authenticated user to cause a denial of service due to improper neutralization of special elements in data query logic

6.5

CVE-2025-14689

  • EPSS 0.06%
  • Veröffentlicht 17.02.2026 17:12:56
  • Zuletzt bearbeitet 18.02.2026 19:23:44

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 12.1.0 through 12.1.3 could allow an authenticated user to cause a denial of service due to improper neutralization of special elements in data query logic with federated objects.

6.5

CVE-2025-2668

Medienbericht
  • EPSS 0.02%
  • Veröffentlicht 30.01.2026 21:28:18
  • Zuletzt bearbeitet 05.02.2026 20:03:12

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5.0 - 11.5.9 is vulnerable to a denial of service as the server may crash when an authenticated user creates a specially crafted query.

6.5

CVE-2025-36001

Medienbericht
  • EPSS 0.02%
  • Veröffentlicht 30.01.2026 21:28:15
  • Zuletzt bearbeitet 05.02.2026 20:03:19

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5.0 - 11.5.9 and 12.1.0 - 12.1.3 could allow an authenticated user to cause a denial of service using a specially crafted SQL statement including XML that performs uncontrolled recu...

6.5

CVE-2025-36009

Medienbericht
  • EPSS 0.02%
  • Veröffentlicht 30.01.2026 21:28:12
  • Zuletzt bearbeitet 11.02.2026 20:57:37

IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) could allow an authenticated user to cause a denial of service due to excessive use of a global variable.

7.5

CVE-2025-36070

Medienbericht
  • EPSS 0.02%
  • Veröffentlicht 30.01.2026 21:28:09
  • Zuletzt bearbeitet 05.02.2026 20:03:25

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5.0 - 11.5.9 and 12.1.0 - 12.1.3 is vulnerable to a denial of service as a trap may occur when selecting from certain types of tables.

6.5

CVE-2025-36098

Medienbericht
  • EPSS 0.02%
  • Veröffentlicht 30.01.2026 21:28:06
  • Zuletzt bearbeitet 05.02.2026 20:03:31

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5.0 - 11.5.9 and 12.1.0 - 12.1.3 could allow an authenticated user to cause a denial of service due to improper allocation of resources.

5.5

CVE-2025-36123

Medienbericht
  • EPSS 0.01%
  • Veröffentlicht 30.01.2026 21:28:03
  • Zuletzt bearbeitet 05.02.2026 20:03:37

IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.5.0 - 11.5.9 and 12.1.0 - 12.1.3 could allow a local user to cause a denial of service when copying large table containing XML data due to improper allocation of system resources.