NotCVE - vendor:"Ibm" product:"Db2" version:"11.1"

Page 10 of 127 results (0.008 seconds)

CVSS: 8.4EPSS: 0%CPEs: 6EXPL: 0

CVE-2018-1802

https://notcve.org/view.php?id=CVE-2018-1802

09 Nov 2018 — IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 binaries load shared libraries from an untrusted path potentially giving low privilege user full access to the DB2 instance account by loading a malicious shared library. IBM X-Force ID: 149640. En IBM DB2 para Linux, UNIX y Windows (incluido DB2 Connect Server) 9.7, 10.1, 10.5 y 11.1, los binarios cargaban librerías compartidas de una ruta no fiable, dando a un usuario de bajos privilegios acceso total a la cuenta d... • http://www.ibm.com/support/docview.wss?uid=ibm10733122 • CWE-426: Untrusted Search Path •

CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0

CVE-2018-1834

https://notcve.org/view.php?id=CVE-2018-1834

09 Nov 2018 — IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 contains a vulnerability that could allow a local user to escalate their privileges to root through a symbolic link attack. IBM X-Force ID: 150511. IBM DB2 para Linux, UNIX y Windows 9.7, 10.1, 10.5 y 11.1 (incluido DB2 Connect Server) contiene una vulnerabilidad que podría permitir a un usuario local escalar sus privilegios a root a través de un ataque de enlace simbólico. IBM X-Force ID: 150511. • http://www.ibm.com/support/docview.wss?uid=ibm10733939 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •

CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0

CVE-2018-1857

https://notcve.org/view.php?id=CVE-2018-1857

09 Nov 2018 — IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.1 could allow a user to bypass FGAC control and gain access to data they shouldn't be able to see. IBM X-Force ID: 151155. IBM DB2 para Linux, UNIX y Windows (incluido DB2 Connect Server) 11.1 podría permitir que un usuario omita el control FGAC y obtenga acceso a datos que no deberían ser visibles. IBM X-Force ID: 151155. • http://www.ibm.com/support/docview.wss?uid=ibm10734059 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0

CVE-2018-1780

https://notcve.org/view.php?id=CVE-2018-1780

09 Nov 2018 — IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 could allow a local db2 instance owner to obtain root access by exploiting a symbolic link attack to read/write/corrupt a file that they originally did not have permission to access. IBM X-Force ID: 148803. IBM DB2 para Linux, UNIX y Windows (incluido DB2 Connect Server) 9.7, 10.1, 10.5 y 11.1 podría permitir que un propietario local de instancias db2 obtenga acceso root explotando un ataque de enlace simbólico para ... • http://www.ibm.com/support/docview.wss?uid=ibm10733939 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •

CVSS: 8.4EPSS: 0%CPEs: 6EXPL: 0

CVE-2018-1781

https://notcve.org/view.php?id=CVE-2018-1781

09 Nov 2018 — IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 could allow a local user to obtain root access by exploiting a symbolic link attack to read/write/corrupt a file that they originally did not have permission to access. IBM X-Force ID: 148804. IBM DB2 para Linux, UNIX y Windows (incluido DB2 Connect Server) 9.7, 10.1, 10.5 y 11.1 podría permitir que un usuario local obtenga acceso root explotando un ataque de enlace simbólico para leer/escribir/corromper un archivo a... • http://www.ibm.com/support/docview.wss?uid=ibm10733939 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •

CVSS: 8.4EPSS: 0%CPEs: 5EXPL: 0

CVE-2018-1710

https://notcve.org/view.php?id=CVE-2018-1710

21 Sep 2018 — IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 10.1, 10.5, and 11.1 tool db2licm is affected by buffer overflow vulnerability that can potentially result in arbitrary code execution. IBM X-Force ID: 146364. En IBM DB2 para Linux, UNIX y Windows (incluye DB2 Connect Server) 10.1, 10.5 y 11.1, la herramienta db2licm se ve afectada por una vulnerabilidad de desbordamiento de búfer que podría resultar en la ejecución de código arbitrario. IBM X-Force ID: 146364. • http://www.securityfocus.com/bid/105391 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 8.4EPSS: 0%CPEs: 6EXPL: 0

CVE-2018-1711

https://notcve.org/view.php?id=CVE-2018-1711

21 Sep 2018 — IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 could allow a local user to to gain privileges due to allowing modification of columns of existing tasks. IBM X-Force ID: 146369. IBM DB2 para Linux, UNIX y Windows (incluye DB2 Connect Server) 9.7, 10.1, 10.5 y 11.1 podría permitir a un usuario local obtener privilegios debido a que se permite la modificación de columnas en tareas existentes. IBM X-Force ID: 146369. • http://www.securityfocus.com/bid/105390 • CWE-732: Incorrect Permission Assignment for Critical Resource •

CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0

CVE-2018-1685

https://notcve.org/view.php?id=CVE-2018-1685

21 Sep 2018 — IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 contains a vulnerability in db2cacpy that could allow a local user to read any file on the system. IBM X-Force ID: 145502. IBM DB2 para Linux, UNIX y Windows (incluye DB2 Connect Server) 9.7, 10.1, 10.5 y 11.1 contiene una vulnerabilidad en db2cacpy que podría permitir que un usuario local lea cualquier archivo en el sistema. IBM X-Force ID: 145502. • http://www.securityfocus.com/bid/105395 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 7.8EPSS: 0%CPEs: 10EXPL: 0

CVE-2018-1458

https://notcve.org/view.php?id=CVE-2018-1458

10 Jul 2018 — IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10,1, 10.5 and 11.1 could allow a local user to execute arbitrary code and conduct DLL hijacking attacks. IBM X-Force ID: 140209. IBM DB2 para Linux, UNIX y Windows 9.7, 10.1, 10.5 y 11.1 (incluido DB2 Connect Server) podría permitir a un usuario local ejecutar código arbitrario y llevar a cabo ataques de secuestro de DLL. IBM X-Force ID: 140209. • http://www.securitytracker.com/id/1041230 • CWE-426: Untrusted Search Path •

CVSS: 8.4EPSS: 0%CPEs: 10EXPL: 0

CVE-2018-1487

https://notcve.org/view.php?id=CVE-2018-1487

10 Jul 2018 — IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5 and 11.1 binaries load shared libraries from an untrusted path potentially giving low privilege users full access to the DB2 instance account by loading a malicious shared library. IBM X-Force ID: 140972. Los binarios IBM DB2 para Linux, UNIX y Windows (incluye DB2 Connect Server) 9.7, 10.1, 10.5 y 11.1 cargan bibliotecas compartidas de una ruta no fiable que puede otorgar a usuarios con pocos privilegios acceso total a la cue... • http://www.ibm.com/support/docview.wss?uid=swg22016505 • CWE-426: Untrusted Search Path •

1...8 9 10 11 12