CVSS: 9.0EPSS: 0%CPEs: 8EXPL: 0CVE-2023-27868 – IBM Db2 code execution
https://notcve.org/view.php?id=CVE-2023-27868
08 Jul 2023 — IBM Db2 JDBC Driver for Db2 for Linux, UNIX and Windows 10.5, 11.1, and 11.5 could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an unchecked class instantiation when providing plugin classes. By sending a specially crafted request using the named pluginClassName class, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 249516. • https://exchange.xforce.ibmcloud.com/vulnerabilities/249516 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.0EPSS: 0%CPEs: 8EXPL: 0CVE-2023-27867 – IBM Db2 code execution
https://notcve.org/view.php?id=CVE-2023-27867
08 Jul 2023 — IBM Db2 JDBC Driver for Db2 for Linux, UNIX and Windows 10.5, 11.1, and 11.5 could allow a remote authenticated attacker to execute arbitrary code via JNDI Injection. By sending a specially crafted request using the property clientRerouteServerListJNDIName, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 249514. • https://exchange.xforce.ibmcloud.com/vulnerabilities/249514 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.0EPSS: 0%CPEs: 8EXPL: 0CVE-2023-27869 – IBM Db2 code execution
https://notcve.org/view.php?id=CVE-2023-27869
08 Jul 2023 — IBM Db2 JDBC Driver for Db2 for Linux, UNIX and Windows 10.5, 11.1, and 11.5 could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an unchecked logger injection. By sending a specially crafted request using the named traceFile property, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 249517. • https://exchange.xforce.ibmcloud.com/vulnerabilities/249517 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2023-30449 – IBM Db2 denial of service
https://notcve.org/view.php?id=CVE-2023-30449
08 Jul 2023 — IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted query. IBM X-Force ID: 253439. • https://exchange.xforce.ibmcloud.com/vulnerabilities/253439 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2023-30445 – IBM Db2 denial of service
https://notcve.org/view.php?id=CVE-2023-30445
08 Jul 2023 — IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted query on certain tables. IBM X-Force ID: 253357. • https://exchange.xforce.ibmcloud.com/vulnerabilities/253357 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2023-30448 – IBM Db2 denial of service
https://notcve.org/view.php?id=CVE-2023-30448
08 Jul 2023 — IBM DB2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted query on certain tables. IBM X-Force ID: 253437. • https://exchange.xforce.ibmcloud.com/vulnerabilities/253437 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2023-30446 – IBM Db2 denial of service
https://notcve.org/view.php?id=CVE-2023-30446
08 Jul 2023 — IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted query on certain tables. IBM X-Force ID: 253361 . • https://exchange.xforce.ibmcloud.com/vulnerabilities/253361 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2023-30447 – IBM Db2 denial of service
https://notcve.org/view.php?id=CVE-2023-30447
08 Jul 2023 — IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted query on certain tables. IBM X-Force ID: 253436. • https://exchange.xforce.ibmcloud.com/vulnerabilities/253436 • CWE-20: Improper Input Validation •
CVSS: 3.3EPSS: 0%CPEs: 3EXPL: 0CVE-2023-25523
https://notcve.org/view.php?id=CVE-2023-25523
03 Jul 2023 — NVIDIA CUDA toolkit for Linux and Windows contains a vulnerability in the nvdisasm binary file, where an attacker may cause a NULL pointer dereference by providing a user with a malformed ELF file. A successful exploit of this vulnerability may lead to a partial denial of service. NVIDIA CUDA toolkit para Linux y Windows contiene una vulnerabilidad en el archivo binario "nvdisasm", donde un atacante puede provocar una desviación del puntero NULL proporcionando al usuario un archivo ELF manipulado. Una explo... • https://nvidia.custhelp.com/app/answers/detail/a_id/5469 • CWE-476: NULL Pointer Dereference •
CVSS: 10.0EPSS: 0%CPEs: 3EXPL: 0CVE-2023-32557
https://notcve.org/view.php?id=CVE-2023-32557
26 Jun 2023 — A path traversal vulnerability in the Trend Micro Apex One and Apex One as a Service could allow an unauthenticated attacker to upload an arbitrary file to the Management Server which could lead to remote code execution with system privileges. • https://success.trendmicro.com/dcx/s/solution/000293108?language=en_US • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •