Ibm

Db2

301 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2025-36006

Medienbericht
  • EPSS 0.05%
  • Veröffentlicht 07.11.2025 19:16:23
  • Zuletzt bearbeitet 19.11.2025 16:31:34

IBM Db2 10.5.0 through 10.5.11, 11.1.0 through 11.1.4.7, 11.5.0 through 11.5.9, and 12.1.0 through 12.1.3 for Linux, UNIX and Windows (includes Db2 Connect Server) could allow an authenticated user to cause a denial due to the improper release of res...

6.5

CVE-2025-36008

Medienbericht
  • EPSS 0.05%
  • Veröffentlicht 07.11.2025 19:16:23
  • Zuletzt bearbeitet 19.11.2025 16:28:54

IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.3 for Linux, UNIX and Windows (includes Db2 Connect Server) could allow an authenticated user to cause a denial of service due to improper allocation of resources.

4.6

CVE-2025-36131

Medienbericht
  • EPSS 0.02%
  • Veröffentlicht 07.11.2025 18:53:45
  • Zuletzt bearbeitet 19.11.2025 16:28:26

IBM Db2 11.1.0 through 11.1.4.7, 11.5.0 through 11.5.9, and 12.1.0 through 12.1.3 for Linux, UNIX and Windows (includes Db2 Connect Server) clpplus command exposes user credentials to the terminal which could be obtained by a third party with physica...

5.5

CVE-2025-36136

Medienbericht
  • EPSS 0.02%
  • Veröffentlicht 07.11.2025 18:45:46
  • Zuletzt bearbeitet 19.11.2025 16:27:55

IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.3 for Linux, UNIX and Windows (includes DB2 Connect Server) could allow a local user to cause a denial of service due to the database monitor script incorrectly detecting that the instance is sti...

5.5

CVE-2025-36185

Medienbericht
  • EPSS 0.03%
  • Veröffentlicht 07.11.2025 18:40:59
  • Zuletzt bearbeitet 18.11.2025 19:03:37

IBM Db2 12.1.0 through 12.1.2 for Linux, UNIX and Windows (includes Db2 Connect Server) could allow a local user to cause a denial of service due to improper neutralization of special elements in data query logic.

7.8

CVE-2025-36186

Medienbericht
  • EPSS 0.02%
  • Veröffentlicht 07.11.2025 18:40:32
  • Zuletzt bearbeitet 18.11.2025 19:08:25

IBM Db2 12.1.0 through 12.1.3 for Linux, UNIX and Windows (includes Db2 Connect Server) under specific configurations could allow a local user to execute malicious code that escalate their privileges to root due to execution of unnecessary privileges...

8.8

CVE-2025-33012

Medienbericht
  • EPSS 0.02%
  • Veröffentlicht 07.11.2025 18:38:29
  • Zuletzt bearbeitet 19.11.2025 16:37:54

IBM Db2 10.5.0 through 10.5.11, 11.1.0 through 11.1.4.7, 11.5.0 through 11.5.9, and 12.1.0 through 12.1.3 for Linux could allow an authenticated user to regain access after account lockout due to password use after expiration date.

7.5

CVE-2025-2534

Medienbericht
  • EPSS 0.05%
  • Veröffentlicht 07.11.2025 18:36:49
  • Zuletzt bearbeitet 19.11.2025 16:44:35

IBM Db2 11.1.0 through 11.1.4.7, 11.5.0 through 11.5.9, and 12.1.0 through 12.1.3 for Linux, UNIX and Windows (includes Db2 Connect Server) is vulnerable to a denial of service as the server may crash under certain conditions with a specially crafted...

7.5

CVE-2024-47118

Medienbericht
  • EPSS 0.05%
  • Veröffentlicht 07.11.2025 18:23:07
  • Zuletzt bearbeitet 19.11.2025 16:49:17

IBM Db2 10.5.0 through 10.5.11, 11.1.0 through 11.1.4.7, 11.5.0 through 11.5.9, and 12.1.0 through 12.1.3 for Linux, UNIX and Windows (includes Db2 Connect Server) is vulnerable to a denial of service as the server may crash under certain conditions ...

7.5

CVE-2024-49828

Medienbericht
  • EPSS 0.14%
  • Veröffentlicht 29.07.2025 19:04:20
  • Zuletzt bearbeitet 13.08.2025 19:20:09

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5.0.0 through 10.5.0.11, 11.1.0 through 11.1.4.7, 11.5.0 through 11.5.9, and 12.1.0 through 12.1.2 is vulnerable to a denial of service as the server may crash under certain conditi...