CVSS: 7.5EPSS: 0%CPEs: 23EXPL: 0CVE-2023-26022 – IBM Db2 denial of service
https://notcve.org/view.php?id=CVE-2023-26022
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) is vulnerable to a denial of service as the server may crash when an Out of Memory occurs using the DBMS_OUTPUT module. IBM X-Force ID: 247868. • https://exchange.xforce.ibmcloud.com/vulnerabilities/247868 https://security.netapp.com/advisory/ntap-20230511-0010 https://www.ibm.com/support/pages/node/6985669 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 11EXPL: 0CVE-2023-26021 – IBM Db2 denial of service
https://notcve.org/view.php?id=CVE-2023-26021
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.1 and 11.5 is vulnerable to a denial of service as the server may crash when compiling a specially crafted SQL query using a LIMIT clause. IBM X-Force ID: 247864. • https://exchange.xforce.ibmcloud.com/vulnerabilities/247864 https://security.netapp.com/advisory/ntap-20230511-0010 https://www.ibm.com/support/pages/node/6985681 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 23EXPL: 0CVE-2023-27555 – IBM Db2 denial of service
https://notcve.org/view.php?id=CVE-2023-27555
IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.5 is vulnerable to a denial of service when attempting to use ACR client affinity for unfenced DRDA federation wrappers. IBM X-Force ID: 249187. • https://exchange.xforce.ibmcloud.com/vulnerabilities/249187 https://security.netapp.com/advisory/ntap-20230511-0010 https://www.ibm.com/support/pages/node/6985683 • CWE-20: Improper Input Validation •
CVSS: 5.9EPSS: 0%CPEs: 23EXPL: 0CVE-2023-25930 – IBM Db2 denial of service
https://notcve.org/view.php?id=CVE-2023-25930
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.1, 11.1, and 11.5 is vulnerable to a denial of service. Under rare conditions, setting a special register may cause the Db2 server to terminate abnormally. IBM X-Force ID: 247862. • https://exchange.xforce.ibmcloud.com/vulnerabilities/247862 https://security.netapp.com/advisory/ntap-20230511-0010 https://www.ibm.com/support/pages/node/6985677 • CWE-20: Improper Input Validation •
CVSS: 5.4EPSS: 0%CPEs: 2EXPL: 0CVE-2023-27864 – IBM Maximo Asset Management HTML injection
https://notcve.org/view.php?id=CVE-2023-27864
IBM Maximo Asset Management 7.6.1.2 and 7.6.1.3 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site. IBM X-Force ID: 249327. • https://exchange.xforce.ibmcloud.com/vulnerabilities/249327 https://www.ibm.com/support/pages/node/6983460 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •