Ibm

Db2

319 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.4

CVE-2025-36384

Medienbericht
  • EPSS 0.01%
  • Veröffentlicht 30.01.2026 21:27:48
  • Zuletzt bearbeitet 04.02.2026 16:34:21

IBM Db2 for Windows 12.1.0 - 12.1.3 could allow a local user with filesystem access to escalate their privileges due to the use of an unquoted search path element.

6.5

CVE-2025-36387

Medienbericht
  • EPSS 0.04%
  • Veröffentlicht 30.01.2026 21:27:45
  • Zuletzt bearbeitet 04.02.2026 16:34:21

IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.5.0 - 11.5.9 could allow an authenticated user to cause a denial of service when given specially crafted query.

6.5

CVE-2025-36407

  • EPSS 0.04%
  • Veröffentlicht 30.01.2026 21:27:41
  • Zuletzt bearbeitet 04.02.2026 16:34:21

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5.0 - 11.5.9 and 12.1.0 - 12.1.3 could allow a local user to cause a denial of service due to improper neutralization of special elements in data query logic.

6.5

CVE-2025-36423

Medienbericht
  • EPSS 0.04%
  • Veröffentlicht 30.01.2026 21:27:38
  • Zuletzt bearbeitet 04.02.2026 16:34:21

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 12.1.0 - 12.1.3 could allow a local user to cause a denial of service due to improper neutralization of special elements in data query logic.

6.5

CVE-2025-36424

Medienbericht
  • EPSS 0.04%
  • Veröffentlicht 30.01.2026 21:27:34
  • Zuletzt bearbeitet 04.02.2026 18:16:07

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) could allow a user to cause a denial of service due to improper neutralization of special elements in data query logic.

6.5

CVE-2025-36427

  • EPSS 0.04%
  • Veröffentlicht 30.01.2026 21:27:31
  • Zuletzt bearbeitet 04.02.2026 18:16:07

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) could allow a user to cause a denial of service due to insufficient validation of special elements in data query logic.

5.3

CVE-2025-36428

Medienbericht
  • EPSS 0.04%
  • Veröffentlicht 30.01.2026 21:27:26
  • Zuletzt bearbeitet 04.02.2026 16:34:21

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5.0 - 11.5.9 and 12.1.0 - 12.1.3 could allow an authenticated user to cause a denial of service due to improper neutralization of special elements in data query logic when the RPSCA...

6.5

CVE-2025-36442

Medienbericht
  • EPSS 0.02%
  • Veröffentlicht 30.01.2026 21:18:24
  • Zuletzt bearbeitet 04.02.2026 16:34:21

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5.0 - 11.5.9 and 12.1.0 - 12.1.3 is vulnerable to a denial of service as the server may crash under certain conditions with a specially crafted query with XML columns.

6.5

CVE-2025-36006

Medienbericht
  • EPSS 0.06%
  • Veröffentlicht 07.11.2025 19:16:23
  • Zuletzt bearbeitet 19.11.2025 16:31:34

IBM Db2 10.5.0 through 10.5.11, 11.1.0 through 11.1.4.7, 11.5.0 through 11.5.9, and 12.1.0 through 12.1.3 for Linux, UNIX and Windows (includes Db2 Connect Server) could allow an authenticated user to cause a denial due to the improper release of res...

6.5

CVE-2025-36008

Medienbericht
  • EPSS 0.06%
  • Veröffentlicht 07.11.2025 19:16:23
  • Zuletzt bearbeitet 19.11.2025 16:28:54

IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.3 for Linux, UNIX and Windows (includes Db2 Connect Server) could allow an authenticated user to cause a denial of service due to improper allocation of resources.