CVSS: 6.8EPSS: 0%CPEs: 4EXPL: 0CVE-2025-36006 – IBM Db2 denial of service
https://notcve.org/view.php?id=CVE-2025-36006
07 Nov 2025 — IBM Db2 10.5.0 through 10.5.11, 11.1.0 through 11.1.4.7, 11.5.0 through 11.5.9, and 12.1.0 through 12.1.3 for Linux, UNIX and Windows (includes Db2 Connect Server) could allow an authenticated user to cause a denial due to the improper release of resources after use. • https://www.ibm.com/support/pages/node/7250479 • CWE-404: Improper Resource Shutdown or Release •
CVSS: 6.8EPSS: 0%CPEs: 2EXPL: 0CVE-2025-36008 – IBM Db2 denial of service
https://notcve.org/view.php?id=CVE-2025-36008
07 Nov 2025 — IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.3 for Linux, UNIX and Windows (includes Db2 Connect Server) could allow an authenticated user to cause a denial of service due to improper allocation of resources. • https://www.ibm.com/support/pages/node/7250482 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 4.9EPSS: 0%CPEs: 3EXPL: 0CVE-2025-36131 – IBM Db2 information disclosure
https://notcve.org/view.php?id=CVE-2025-36131
07 Nov 2025 — IBM Db2 11.1.0 through 11.1.4.7, 11.5.0 through 11.5.9, and 12.1.0 through 12.1.3 for Linux, UNIX and Windows (includes Db2 Connect Server) clpplus command exposes user credentials to the terminal which could be obtained by a third party with physical access to the system. • https://www.ibm.com/support/pages/node/7250484 • CWE-359: Exposure of Private Personal Information to an Unauthorized Actor •
CVSS: 5.1EPSS: 0%CPEs: 2EXPL: 0CVE-2025-36136 – IBM denial of service
https://notcve.org/view.php?id=CVE-2025-36136
07 Nov 2025 — IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.3 for Linux, UNIX and Windows (includes DB2 Connect Server) could allow a local user to cause a denial of service due to the database monitor script incorrectly detecting that the instance is still starting under specific conditions. • https://www.ibm.com/support/pages/node/7250485 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 6.2EPSS: 0%CPEs: 1EXPL: 0CVE-2025-36185 – IBM Db2 denial of service
https://notcve.org/view.php?id=CVE-2025-36185
07 Nov 2025 — IBM Db2 12.1.0 through 12.1.2 for Linux, UNIX and Windows (includes Db2 Connect Server) could allow a local user to cause a denial of service due to improper neutralization of special elements in data query logic. • https://www.ibm.com/support/pages/node/7250487 • CWE-943: Improper Neutralization of Special Elements in Data Query Logic •
CVSS: 7.4EPSS: 0%CPEs: 1EXPL: 0CVE-2025-36186 – IBM Db2 privilege escalation
https://notcve.org/view.php?id=CVE-2025-36186
07 Nov 2025 — IBM Db2 12.1.0 through 12.1.3 for Linux, UNIX and Windows (includes Db2 Connect Server) under specific configurations could allow a local user to execute malicious code that escalate their privileges to root due to execution of unnecessary privileges operated at a higher than minimum level. • https://www.ibm.com/support/pages/node/7250486 • CWE-250: Execution with Unnecessary Privileges •
CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0CVE-2025-33012 – IBM Db2 improper account lockout
https://notcve.org/view.php?id=CVE-2025-33012
07 Nov 2025 — IBM Db2 10.5.0 through 10.5.11, 11.1.0 through 11.1.4.7, 11.5.0 through 11.5.9, and 12.1.0 through 12.1.3 for Linux could allow an authenticated user to regain access after account lockout due to password use after expiration date. • https://www.ibm.com/support/pages/node/7250469 • CWE-324: Use of a Key Past its Expiration Date •
CVSS: 5.3EPSS: 0%CPEs: 3EXPL: 0CVE-2025-2534 – IBM Db2 denial of service
https://notcve.org/view.php?id=CVE-2025-2534
07 Nov 2025 — IBM Db2 11.1.0 through 11.1.4.7, 11.5.0 through 11.5.9, and 12.1.0 through 12.1.3 for Linux, UNIX and Windows (includes Db2 Connect Server) is vulnerable to a denial of service as the server may crash under certain conditions with a specially crafted query. • https://www.ibm.com/support/pages/node/7250472 • CWE-789: Memory Allocation with Excessive Size Value •
CVSS: 6.8EPSS: 0%CPEs: 4EXPL: 0CVE-2024-47118 – IBM Db2 is vulnerable to a denial of service as the server may crash under certain conditions with a specially crafted query
https://notcve.org/view.php?id=CVE-2024-47118
07 Nov 2025 — IBM Db2 10.5.0 through 10.5.11, 11.1.0 through 11.1.4.7, 11.5.0 through 11.5.9, and 12.1.0 through 12.1.3 for Linux, UNIX and Windows (includes Db2 Connect Server) is vulnerable to a denial of service as the server may crash under certain conditions with a specially crafted query. • https://www.ibm.com/support/pages/node/7250473 • CWE-121: Stack-based Buffer Overflow •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-12779
https://notcve.org/view.php?id=CVE-2025-12779
05 Nov 2025 — Improper handling of the authentication token in the Amazon WorkSpaces client for Linux, versions 2023.0 through 2024.8, may expose the authentication token for DCV-based WorkSpaces to other local users on the same client machine. ... To mitigate this issue, users should upgrade to the Amazon WorkSpaces client for Linux version 2025.0 or later. • https://docs.aws.amazon.com/workspaces/latest/userguide/amazon-workspaces-linux-client.html#linux-release-notes • CWE-497: Exposure of Sensitive System Information to an Unauthorized Control Sphere •