Ibm

Db2

292 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.7

CVE-2020-4885

  • EPSS 0.15%
  • Veröffentlicht 24.06.2021 19:15:08
  • Zuletzt bearbeitet 21.11.2024 05:33:22

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 could allow a local user to access and change the configuration of Db2 due to a race condition of a symbolic link,. IBM X-Force ID: 190909.

8.1

CVE-2020-4945

  • EPSS 0.16%
  • Veröffentlicht 24.06.2021 19:15:08
  • Zuletzt bearbeitet 21.11.2024 05:33:27

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 could allow an authenticated user to overwrite arbirary files due to improper group permissions. IBM X-Force ID: 191945.

6.5

CVE-2021-20579

  • EPSS 0.36%
  • Veröffentlicht 24.06.2021 19:15:08
  • Zuletzt bearbeitet 21.11.2024 05:46:48

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 could allow a user who can create a view or inline SQL function to obtain sensitive information when AUTO_REVAL is set to DEFFERED_FORCE. IBM X-Force ID...

7.5

CVE-2021-29703

  • EPSS 0.64%
  • Veröffentlicht 24.06.2021 19:15:08
  • Zuletzt bearbeitet 21.11.2024 06:01:40

Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) is vulnerable to a denial of service as the server terminates abnormally when executing a specially crafted SELECT statement. IBM X-Force ID: 200659.

6.5

CVE-2021-29777

  • EPSS 0.41%
  • Veröffentlicht 24.06.2021 19:15:08
  • Zuletzt bearbeitet 21.11.2024 06:01:47

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5, under specific circumstance of a table being dropped while being accessed in another session, could allow an authenticated user to cause a denial of sr...

7.5

CVE-2021-29702

  • EPSS 0.76%
  • Veröffentlicht 16.06.2021 17:15:07
  • Zuletzt bearbeitet 21.11.2024 06:01:40

Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.1.4 and 11.5.5 is vulnerable to a denial of service as the server terminates abnormally when executing a specially crafted SELECT statement. IBM X-Force ID: 200658.

7.8

CVE-2019-4588

  • EPSS 0.12%
  • Veröffentlicht 26.05.2021 17:15:14
  • Zuletzt bearbeitet 21.11.2024 04:43:46

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 could allow a local user to execute arbitrary code and conduct DLL hijacking attacks.

4.4

CVE-2020-4976

  • EPSS 0.09%
  • Veröffentlicht 11.03.2021 16:15:12
  • Zuletzt bearbeitet 21.11.2024 05:33:29

IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 could allow a local user to read and write specific files due to weak file permissions. IBM X-Force ID: 192469.

7.5

CVE-2020-5024

  • EPSS 1.61%
  • Veröffentlicht 11.03.2021 16:15:12
  • Zuletzt bearbeitet 21.11.2024 05:33:34

IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 could allow an unauthenticated attacker to cause a denial of service due a hang in the SSL handshake response. IBM X-Force ID: 193660.

7.8

CVE-2020-5025

  • EPSS 0.31%
  • Veröffentlicht 11.03.2021 16:15:12
  • Zuletzt bearbeitet 21.11.2024 05:33:34

IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 db2fm is vulnerable to a buffer overflow, caused by improper bounds checking which could allow a local attacker to execute arbitrary code on the system ...