Ibm

Db2

319 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.2

CVE-2023-29257

  • EPSS 0.17%
  • Veröffentlicht 26.04.2023 13:15:08
  • Zuletzt bearbeitet 21.11.2024 07:56:45

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to remote code execution as a database administrator of one database may execute code or read/write files from another database within the same insta...

7.5

CVE-2022-43930

  • EPSS 0.1%
  • Veröffentlicht 17.02.2023 18:15:11
  • Zuletzt bearbeitet 21.11.2024 07:27:22

IBM Db2 for Linux, UNIX and Windows 10.5, 11.1, and 11.5 is vulnerable to an Information Disclosure as sensitive information may be included in a log file. IBM X-Force ID: 241677.

7.5

CVE-2022-43927

  • EPSS 0.15%
  • Veröffentlicht 17.02.2023 17:15:11
  • Zuletzt bearbeitet 21.11.2024 07:27:22

IBM Db2 for Linux, UNIX and Windows 10.5, 11.1, and 11.5 is vulnerable to information Disclosure due to improper privilege management when a specially crafted table access is used. IBM X-Force ID: 241671.

7.5

CVE-2022-43929

  • EPSS 0.1%
  • Veröffentlicht 17.02.2023 17:15:11
  • Zuletzt bearbeitet 21.11.2024 07:27:22

IBM Db2 for Linux, UNIX and Windows 11.1 and 11.5 may be vulnerable to a Denial of Service when executing a specially crafted 'Load' command. IBM X-Force ID: 241676.

8.8

CVE-2022-41296

  • EPSS 0.17%
  • Veröffentlicht 12.12.2022 09:15:12
  • Zuletzt bearbeitet 21.11.2024 07:22:59

IBM Db2U 3.5, 4.0, and 4.5 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 237210.

6.5

CVE-2022-22483

  • EPSS 0.3%
  • Veröffentlicht 13.09.2022 21:15:09
  • Zuletzt bearbeitet 21.11.2024 06:46:52

IBM Db2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, 11.1, and 11.5 is vulnerable to an information disclosure in some scenarios due to unauthorized access caused by improper privilege management when CREATE OR REPLACE command is used. IBM X-Force ID...

6.5

CVE-2022-35637

  • EPSS 0.67%
  • Veröffentlicht 13.09.2022 21:15:09
  • Zuletzt bearbeitet 21.11.2024 07:11:24

IBM Db2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, 11.1, and 11.5 is vulnerable to a denial of service after entering a malformed SQL statement into the Db2expln tool. IBM X-Force ID: 230823.

6.5

CVE-2022-22389

  • EPSS 0.12%
  • Veröffentlicht 24.06.2022 17:15:08
  • Zuletzt bearbeitet 21.11.2024 06:46:44

IBM Db2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, 11.1, and 11.5 is vulnerable to a denial of service as the server may terminate abnormally when executing specially crafted SQL statements by an authenticated user. IBM X-Force ID: 2219740.

7.5

CVE-2022-22390

  • EPSS 0.09%
  • Veröffentlicht 24.06.2022 17:15:08
  • Zuletzt bearbeitet 21.11.2024 06:46:44

IBM Db2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, 11.1, and 11.5 may be vulnerable to an information disclosure caused by improper privilege management when table function is used. IBM X-Force ID: 221973.

7.5

CVE-2021-20373

  • EPSS 0.3%
  • Veröffentlicht 09.12.2021 17:15:07
  • Zuletzt bearbeitet 21.11.2024 05:46:29

IBM Db2 9.7, 10.1, 10.5, 11.1, and 11.5 may be vulnerable to an Information Disclosure when using the LOAD utility as under certain circumstances the LOAD utility does not enforce directory restrictions. IBM X-Force ID: 199521.