Ibm

Db2

292 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2023-27859

  • EPSS 0.11%
  • Veröffentlicht 22.01.2024 20:15:46
  • Zuletzt bearbeitet 20.06.2025 19:15:21

IBM Db2 10.1, 10.5, and 11.1 could allow a remote user to execute arbitrary code caused by installing like named jar files across multiple databases. A user could exploit this by installing a malicious jar file that overwrites the existing like name...

7.5

CVE-2023-47152

  • EPSS 0.08%
  • Veröffentlicht 22.01.2024 20:15:46
  • Zuletzt bearbeitet 21.11.2024 08:29:52

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 is vulnerable to an insecure cryptographic algorithm and to information disclosure in stack trace under exceptional conditions.

6.5

CVE-2023-50308

  • EPSS 0.04%
  • Veröffentlicht 22.01.2024 19:15:09
  • Zuletzt bearbeitet 21.11.2024 08:36:50

IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.5 under certain circumstances could allow an authenticated user to the database to cause a denial of service when a statement is run on columnar tables. IBM X-Force ID: 273393.

7.5

CVE-2023-45193

  • EPSS 0.04%
  • Veröffentlicht 22.01.2024 19:15:08
  • Zuletzt bearbeitet 21.11.2024 08:26:31

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 federated server is vulnerable to a denial of service when a specially crafted cursor is used. IBM X-Force ID: 268759.

6.5

CVE-2023-47746

  • EPSS 0.04%
  • Veröffentlicht 22.01.2024 19:15:08
  • Zuletzt bearbeitet 21.11.2024 08:30:45

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 could allow an authenticated user with CONNECT privileges to cause a denial of service using a specially crafted query. IBM X-Force ID: 272644.

7.8

CVE-2023-47145

  • EPSS 0.02%
  • Veröffentlicht 07.01.2024 19:15:08
  • Zuletzt bearbeitet 11.06.2025 17:15:34

IBM Db2 for Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 could allow a local user to escalate their privileges to the SYSTEM user using the MSI repair functionality. IBM X-Force ID: 270402.

7.5

CVE-2023-40687

  • EPSS 0.05%
  • Veröffentlicht 04.12.2023 02:15:07
  • Zuletzt bearbeitet 21.11.2024 08:19:58

IBM DB2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted RUNSTATS command on an 8TB table. IBM X-Force ID: 264809.

7.5

CVE-2023-29258

  • EPSS 0.05%
  • Veröffentlicht 04.12.2023 02:15:06
  • Zuletzt bearbeitet 21.11.2024 07:56:45

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.1, and 11.5 is vulnerable to a denial of service through a specially crafted federated query on specific federation objects. IBM X-Force ID: 252048.

7.5

CVE-2023-38727

  • EPSS 0.05%
  • Veröffentlicht 04.12.2023 02:15:06
  • Zuletzt bearbeitet 21.11.2024 08:14:07

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted SQL statement. IBM X-Force ID: 262257.

7.5

CVE-2023-46167

  • EPSS 0.06%
  • Veröffentlicht 04.12.2023 01:15:12
  • Zuletzt bearbeitet 21.11.2024 08:28:00

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 federated server is vulnerable to a denial of service when a specially crafted cursor is used. IBM X-Force ID: 269367.