CVSS: 7.8EPSS: 0%CPEs: 23EXPL: 0CVE-2023-26022 – IBM Db2 denial of service
https://notcve.org/view.php?id=CVE-2023-26022
28 Apr 2023 — IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) is vulnerable to a denial of service as the server may crash when an Out of Memory occurs using the DBMS_OUTPUT module. IBM X-Force ID: 247868. • https://exchange.xforce.ibmcloud.com/vulnerabilities/247868 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 11EXPL: 0CVE-2023-26021 – IBM Db2 denial of service
https://notcve.org/view.php?id=CVE-2023-26021
28 Apr 2023 — IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.1 and 11.5 is vulnerable to a denial of service as the server may crash when compiling a specially crafted SQL query using a LIMIT clause. IBM X-Force ID: 247864. • https://exchange.xforce.ibmcloud.com/vulnerabilities/247864 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 23EXPL: 0CVE-2023-27555 – IBM Db2 denial of service
https://notcve.org/view.php?id=CVE-2023-27555
28 Apr 2023 — IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.5 is vulnerable to a denial of service when attempting to use ACR client affinity for unfenced DRDA federation wrappers. IBM X-Force ID: 249187. • https://exchange.xforce.ibmcloud.com/vulnerabilities/249187 • CWE-20: Improper Input Validation •
CVSS: 5.9EPSS: 0%CPEs: 23EXPL: 0CVE-2023-25930 – IBM Db2 denial of service
https://notcve.org/view.php?id=CVE-2023-25930
28 Apr 2023 — IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.1, 11.1, and 11.5 is vulnerable to a denial of service. Under rare conditions, setting a special register may cause the Db2 server to terminate abnormally. IBM X-Force ID: 247862. • https://exchange.xforce.ibmcloud.com/vulnerabilities/247862 • CWE-20: Improper Input Validation •
CVSS: 8.1EPSS: 0%CPEs: 16EXPL: 0CVE-2023-21712 – Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-21712
27 Apr 2023 — Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21712 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 7.8EPSS: 0%CPEs: 23EXPL: 0CVE-2023-29255 – IBM DB2 for Linux, UNIX and Windows denial of service
https://notcve.org/view.php?id=CVE-2023-29255
27 Apr 2023 — IBM DB2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to a denial of service as it may trap when compiling a variation of an anonymous block. IBM X-Force ID: 251991. • https://exchange.xforce.ibmcloud.com/vulnerabilities/251991 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2022-45456
https://notcve.org/view.php?id=CVE-2022-45456
26 Apr 2023 — Denial of service due to unauthenticated API endpoint. The following products are affected: Acronis Agent (Windows, macOS, Linux) before build 30161. • https://security-advisory.acronis.com/advisories/SEC-4149 • CWE-287: Improper Authentication •
CVSS: 7.8EPSS: 0%CPEs: 23EXPL: 0CVE-2023-27559 – IBM Db2 denial of service
https://notcve.org/view.php?id=CVE-2023-27559
26 Apr 2023 — IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to a denial of service as the server may crash when using a specially crafted subquery. IBM X-Force ID: 249196. • https://exchange.xforce.ibmcloud.com/vulnerabilities/249196 • CWE-20: Improper Input Validation •
CVSS: 8.3EPSS: 0%CPEs: 23EXPL: 0CVE-2023-29257 – IBM Db2 code execution
https://notcve.org/view.php?id=CVE-2023-29257
26 Apr 2023 — IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to remote code execution as a database administrator of one database may execute code or read/write files from another database within the same instance. IBM X-Force ID: 252011. • https://exchange.xforce.ibmcloud.com/vulnerabilities/252011 •
CVSS: 6.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-2282
https://notcve.org/view.php?id=CVE-2023-2282
25 Apr 2023 — Improper access control in the Web Login listener in Devolutions Remote Desktop Manager 2023.1.22 and earlier on Windows allows an authenticated user to bypass administrator-enforced Web Login restrictions and gain access to entries via an unexpected vector. • https://devolutions.net/security/advisories/DEVO-2023-0012 •