CVSS: 8.4EPSS: 0%CPEs: 8EXPL: 0CVE-2020-4204
https://notcve.org/view.php?id=CVE-2020-4204
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 is vulnerable to a buffer overflow, caused by improper bounds checking which could allow a local attacker to execute arbitrary code on the system with root privileges. IBM X-Force ID: 174960. IBM DB2 para Linux, UNIX y Windows (incluye DB2 Connect Server) versiones 9.7, 10.1, 10.5, 11.1 y 11.5, son vulnerables a un desbordamiento del búfer, causado por una comprobación de límites inapropiada que podría permitir a un atacante local ejecutar código arbitrario en el sistema con privilegios root. ID de IBM X-Force: 174960. • https://exchange.xforce.ibmcloud.com/vulnerabilities/174960 https://www.ibm.com/support/pages/node/2875875 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 6.5EPSS: 0%CPEs: 6EXPL: 0CVE-2020-4200
https://notcve.org/view.php?id=CVE-2020-4200
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 10.5, 11.1, and 11.5 could allow an authenticated attacker to send specially crafted commands to cause a denial of service. IBM X-Force ID: 174914. IBM DB2 para Linux, UNIX y Windows (incluye DB2 Connect Server) versiones 10.5, 11.1 y 11.5, podría permitir a atacantes autenticados enviar comandos especialmente diseñados para causar una denegación de servicio. ID de IBM X-Force: 174914. • https://exchange.xforce.ibmcloud.com/vulnerabilities/174914 https://www.ibm.com/support/pages/node/2875251 •
CVSS: 7.5EPSS: 0%CPEs: 9EXPL: 0CVE-2020-4135
https://notcve.org/view.php?id=CVE-2020-4135
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 could allow an unauthenticated user to send specially crafted packets to cause a denial of service from excessive memory usage. IBM DB2 para Linux, UNIX y Windows (incluye DB2 Connect Server) versiones 9.7, 10.1, 10.5, 11.1 y 11.5, podría permitir a un usuario no autenticado enviar paquetes especialmente diseñados para causar una denegación de servicio debido a un uso excesivo de memoria. • https://exchange.xforce.ibmcloud.com/vulnerabilities/173806 https://security.netapp.com/advisory/ntap-20210108-0001 https://www.ibm.com/support/pages/node/2876307 •
CVSS: 8.4EPSS: 0%CPEs: 9EXPL: 0CVE-2019-4322
https://notcve.org/view.php?id=CVE-2019-4322
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 is vulnerable to a buffer overflow, which could allow an authenticated local attacker to execute arbitrary code on the system as root. IBM X-Force ID: 161202. IBM DB2 para Linux, UNIX y Windows (incluye DB2 Connect Server) versiones 9.7, 10.1, 10.5, y 11.1 es vulnerable a un desbordamiento de búfer, lo que podría permitir que un atacante local autenticado ejecute código arbitrario en el sistema como root. IBM X-Force ID: 161202. • http://www.securityfocus.com/bid/109002 https://exchange.xforce.ibmcloud.com/vulnerabilities/161202 https://www.ibm.com/support/docview.wss?uid=ibm10884444 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.4EPSS: 0%CPEs: 39EXPL: 0CVE-2019-4154
https://notcve.org/view.php?id=CVE-2019-4154
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 is vulnerable to a buffer overflow, which could allow an authenticated local attacker to execute arbitrary code on the system as root. IBM X-Force ID: 158519. IBM DB2 para Linux, UNIX y Windows (incluye DB2 Connect Server) versiones 9.7, 10.1, 10.5, y 11.1 es vulnerable a un desbordamiento de búfer, lo que podría permitir que un atacante local autenticado ejecute código arbitrario en el sistema como root. IBM X-Force ID: 158519. • http://www.securityfocus.com/bid/109024 https://exchange.xforce.ibmcloud.com/vulnerabilities/158519 https://www.ibm.com/support/docview.wss?uid=ibm10880737 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •