Ibm

Db2

292 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2023-27555

  • EPSS 0.04%
  • Published 28.04.2023 18:15:26
  • Last modified 21.11.2024 07:53:08

IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.5 is vulnerable to a denial of service when attempting to use ACR client affinity for unfenced DRDA federation wrappers. IBM X-Force ID: 249187.

7.5

CVE-2023-29255

  • EPSS 0.08%
  • Published 27.04.2023 13:15:09
  • Last modified 21.11.2024 07:56:45

IBM DB2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to a denial of service as it may trap when compiling a variation of an anonymous block. IBM X-Force ID: 251991.

7.5

CVE-2023-27559

  • EPSS 0.1%
  • Published 26.04.2023 20:15:09
  • Last modified 21.11.2024 07:53:08

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to a denial of service as the server may crash when using a specially crafted subquery. IBM X-Force ID: 249196.

7.2

CVE-2023-29257

  • EPSS 0.12%
  • Published 26.04.2023 13:15:08
  • Last modified 21.11.2024 07:56:45

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to remote code execution as a database administrator of one database may execute code or read/write files from another database within the same insta...

7.5

CVE-2022-43930

  • EPSS 0.04%
  • Published 17.02.2023 18:15:11
  • Last modified 21.11.2024 07:27:22

IBM Db2 for Linux, UNIX and Windows 10.5, 11.1, and 11.5 is vulnerable to an Information Disclosure as sensitive information may be included in a log file. IBM X-Force ID: 241677.

7.5

CVE-2022-43927

  • EPSS 0.05%
  • Published 17.02.2023 17:15:11
  • Last modified 21.11.2024 07:27:22

IBM Db2 for Linux, UNIX and Windows 10.5, 11.1, and 11.5 is vulnerable to information Disclosure due to improper privilege management when a specially crafted table access is used. IBM X-Force ID: 241671.

7.5

CVE-2022-43929

  • EPSS 0.04%
  • Published 17.02.2023 17:15:11
  • Last modified 21.11.2024 07:27:22

IBM Db2 for Linux, UNIX and Windows 11.1 and 11.5 may be vulnerable to a Denial of Service when executing a specially crafted 'Load' command. IBM X-Force ID: 241676.

8.8

CVE-2022-41296

  • EPSS 0.09%
  • Published 12.12.2022 09:15:12
  • Last modified 21.11.2024 07:22:59

IBM Db2U 3.5, 4.0, and 4.5 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 237210.

6.5

CVE-2022-22483

  • EPSS 0.1%
  • Published 13.09.2022 21:15:09
  • Last modified 21.11.2024 06:46:52

IBM Db2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, 11.1, and 11.5 is vulnerable to an information disclosure in some scenarios due to unauthorized access caused by improper privilege management when CREATE OR REPLACE command is used. IBM X-Force ID...

6.5

CVE-2022-35637

  • EPSS 0.13%
  • Published 13.09.2022 21:15:09
  • Last modified 21.11.2024 07:11:24

IBM Db2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, 11.1, and 11.5 is vulnerable to a denial of service after entering a malformed SQL statement into the Db2expln tool. IBM X-Force ID: 230823.