Ibm

Db2

327 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2009-3472

  • EPSS 0.57%
  • Veröffentlicht 29.09.2009 21:30:00
  • Zuletzt bearbeitet 23.04.2026 00:35:47

IBM DB2 8 before FP18, 9.1 before FP8, and 9.5 before FP4 allows remote authenticated users to bypass intended access restrictions, and update, insert, or delete table rows, via unspecified vectors.

10

CVE-2009-3473

  • EPSS 0.57%
  • Veröffentlicht 29.09.2009 21:30:00
  • Zuletzt bearbeitet 23.04.2026 00:35:47

IBM DB2 9.1 before FP8 does not require the SETSESSIONUSER privilege for the SET SESSION AUTHORIZATION statement, which has unspecified impact and remote attack vectors.

5

CVE-2009-2858

  • EPSS 0.37%
  • Veröffentlicht 19.08.2009 17:30:01
  • Zuletzt bearbeitet 23.04.2026 00:35:47

Memory leak in the Security component in IBM DB2 8.1 before FP18 on Unix platforms allows attackers to cause a denial of service (memory consumption) via unspecified vectors, related to private memory within the DB2 memory structure.

4.6

CVE-2009-2859

  • EPSS 0.07%
  • Veröffentlicht 19.08.2009 17:30:01
  • Zuletzt bearbeitet 23.04.2026 00:35:47

IBM DB2 8.1 before FP18 allows attackers to obtain unspecified access via a das command.

5

CVE-2009-2860

  • EPSS 1.07%
  • Veröffentlicht 19.08.2009 17:30:01
  • Zuletzt bearbeitet 23.04.2026 00:35:47

Unspecified vulnerability in db2jds in IBM DB2 8.1 before FP18 allows remote attackers to cause a denial of service (service crash) via "malicious packets."

6

CVE-2008-2154

  • EPSS 0.95%
  • Veröffentlicht 03.06.2009 21:00:00
  • Zuletzt bearbeitet 23.04.2026 00:35:47

IBM DB2 8 before FP17, 9.1 before FP5, and 9.5 before FP2 provides an INSTALL_JAR (aka sqlj.install_jar) procedure, which allows remote authenticated users to create or overwrite arbitrary files via unspecified calls.

10

CVE-2008-6820

  • EPSS 0.75%
  • Veröffentlicht 03.06.2009 21:00:00
  • Zuletzt bearbeitet 23.04.2026 00:35:47

The db2fmp process in IBM DB2 8 before FP17, 9.1 before FP5, and 9.5 before FP2 on Windows runs with "OS privilege," which has unknown impact and attack vectors, a different vulnerability than CVE-2008-3856.

10

CVE-2008-6821

  • EPSS 2.15%
  • Veröffentlicht 03.06.2009 21:00:00
  • Zuletzt bearbeitet 23.04.2026 00:35:47

Buffer overflow in the DAS server in IBM DB2 8 before FP17, 9.1 before FP5, and 9.5 before FP2 might allow attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors, a different vulnerability than CV...

2.6

CVE-2009-1905

  • EPSS 0.5%
  • Veröffentlicht 03.06.2009 21:00:00
  • Zuletzt bearbeitet 23.04.2026 00:35:47

The Common Code Infrastructure component in IBM DB2 8 before FP17, 9.1 before FP7, and 9.5 before FP4, when LDAP security (aka IBMLDAPauthserver) and anonymous bind are enabled, allows remote attackers to bypass password authentication and establish ...

4.3

CVE-2009-1906

Exploit
  • EPSS 1.04%
  • Veröffentlicht 03.06.2009 21:00:00
  • Zuletzt bearbeitet 23.04.2026 00:35:47

The DRDA Services component in IBM DB2 9.1 before FP7 and 9.5 before FP4 allows remote attackers to cause a denial of service (memory corruption and application crash) via an IPv6 address in the correlation token in the APPID string, as demonstrated ...