Ibm

Db2

301 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2024-27254

  • EPSS 0.05%
  • Veröffentlicht 03.04.2024 13:16:02
  • Zuletzt bearbeitet 31.01.2025 15:02:40

IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) 10.5, 11.1, and 11.5 federated server is vulnerable to denial of service with a specially crafted query under certain conditions. IBM X-Force ID: 283813.

6.5

CVE-2024-22360

  • EPSS 0.07%
  • Veröffentlicht 03.04.2024 13:16:01
  • Zuletzt bearbeitet 31.01.2025 17:20:19

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 is vulnerable to a denial of service with a specially crafted query on certain columnar tables. IBM X-Force ID: 280905.

5.5

CVE-2024-25030

  • EPSS 0.02%
  • Veröffentlicht 03.04.2024 13:16:01
  • Zuletzt bearbeitet 31.01.2025 17:45:39

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.1 stores potentially sensitive information in log files that could be read by a local user. IBM X-Force ID: 281677.

6.5

CVE-2024-25046

  • EPSS 0.07%
  • Veröffentlicht 03.04.2024 13:16:01
  • Zuletzt bearbeitet 31.01.2025 17:52:39

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.1 and 11.5 is vulnerable to a denial of service by an authenticated user using a specially crafted query. IBM X-Force ID: 282953.

6.5

CVE-2023-38729

  • EPSS 0.07%
  • Veröffentlicht 03.04.2024 13:16:00
  • Zuletzt bearbeitet 31.01.2025 15:42:01

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to sensitive information disclosure when using ADMIN_CMD with IMPORT or EXPORT.

5.3

CVE-2023-52296

  • EPSS 0.05%
  • Veröffentlicht 03.04.2024 13:16:00
  • Zuletzt bearbeitet 31.01.2025 17:17:35

IBM DB2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 is vulnerable to denial of service when querying a specific UDF built-in function concurrently. IBM X-Force ID: 278547.

6.5

CVE-2023-47141

  • EPSS 0.04%
  • Veröffentlicht 22.01.2024 21:15:09
  • Zuletzt bearbeitet 21.11.2024 08:29:51

IIBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 could allow an authenticated user with CONNECT privileges to cause a denial of service using a specially crafted query. IBM X-Force ID: 270264.

6.5

CVE-2023-47158

  • EPSS 0.04%
  • Veröffentlicht 22.01.2024 20:15:47
  • Zuletzt bearbeitet 21.11.2024 08:29:52

IBM DB2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1 and 11.5 could allow an authenticated user with CONNECT privileges to cause a denial of service using a specially crafted query. IBM X-Force ID: 270750.

6.5

CVE-2023-47747

  • EPSS 0.04%
  • Veröffentlicht 22.01.2024 20:15:47
  • Zuletzt bearbeitet 21.11.2024 08:30:45

IBM DB2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.1, 10.5, and 11.1 could allow an authenticated user with CONNECT privileges to cause a denial of service using a specially crafted query. IBM X-Force ID: 272646.

6.5

CVE-2023-27859

  • EPSS 0.09%
  • Veröffentlicht 22.01.2024 20:15:46
  • Zuletzt bearbeitet 20.06.2025 19:15:21

IBM Db2 10.1, 10.5, and 11.1 could allow a remote user to execute arbitrary code caused by installing like named jar files across multiple databases. A user could exploit this by installing a malicious jar file that overwrites the existing like name...