CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-35152 – IBM Db2 denial of service
https://notcve.org/view.php?id=CVE-2024-35152
14 Aug 2024 — IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 could allow an authenticated user to cause a denial of service with a specially crafted query due to improper memory allocation. IBM X-Force ID: 292639. • https://exchange.xforce.ibmcloud.com/vulnerabilities/292639 • CWE-789: Memory Allocation with Excessive Size Value •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-35136 – IBM Db2 denial of service
https://notcve.org/view.php?id=CVE-2024-35136
14 Aug 2024 — IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) federated server 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted query under certain conditions. IBM X-Force ID: 291307. IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) federated server 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted query under certain non default conditions. IBM X-Force ID: 291307. • https://exchange.xforce.ibmcloud.com/vulnerabilities/291307 • CWE-943: Improper Neutralization of Special Elements in Data Query Logic •
CVSS: 3.3EPSS: 0%CPEs: 2EXPL: 0CVE-2024-31870 – IBM i information disclosure
https://notcve.org/view.php?id=CVE-2024-31870
15 Jun 2024 — IBM Db2 for i 7.2, 7.3, 7.4, and 7.5 supplies user defined table function is vulnerable to user enumeration by a local authenticated attacker, without having authority to the related *USRPRF objects. This can be used by a malicious actor to gather information about users that can be targeted in further attacks. IBM X-Force ID: 287174. IBM Db2 para i 7.2, 7.3, 7.4 y 7.5 proporciona una función de tabla definida por el usuario que es vulnerable a la enumeración de usuarios por parte de un atacante local auten... • https://exchange.xforce.ibmcloud.com/vulnerabilities/287174 • CWE-204: Observable Response Discrepancy •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-29267 – IBM Db2 denial of service
https://notcve.org/view.php?id=CVE-2023-29267
12 Jun 2024 — IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5is vulnerable to a denial of service, under specific configurations, as the server may crash when using a specially crafted SQL statement by an authenticated user. IBM X-Force ID: 287612. IBM Db2 para Linux, UNIX y Windows (incluye Db2 Connect Server) 10.5, 11.1 y 11.5 es vulnerable a una denegación de servicio, en configuraciones específicas, ya que el servidor puede fallar cuando se utiliza una declaración SQL especialme... • https://exchange.xforce.ibmcloud.com/vulnerabilities/287612 • CWE-399: Resource Management Errors •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-31881 – IBM Db2 denial of service
https://notcve.org/view.php?id=CVE-2024-31881
12 Jun 2024 — IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to a denial of service as the server may crash when using a specially crafted query on certain columnar tables by an authenticated user. IBM X-Force ID: 287613. IBM Db2 para Linux, UNIX y Windows (incluye Db2 Connect Server) 10.5, 11.1 y 11.5 es vulnerable a una denegación de servicio ya que el servidor puede fallar cuando un usuario autenticado utiliza una consulta especialmente manipulada en ciertas tablas... • https://exchange.xforce.ibmcloud.com/vulnerabilities/287613 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-28762 – IBM Db2 denial of service
https://notcve.org/view.php?id=CVE-2024-28762
12 Jun 2024 — IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted query under certain conditions. IBM X-Force ID: 285246. IBM Db2 para Linux, UNIX y Windows (incluye DB2 Connect Server) 10.5, 11.1 y 11.5 es vulnerable a la denegación de servicio con una consulta especialmente manipulada bajo ciertas condiciones. ID de IBM X-Force: 285246. • https://exchange.xforce.ibmcloud.com/vulnerabilities/285246 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 7.4EPSS: 0%CPEs: 2EXPL: 0CVE-2023-42005 – IBM Db2 on Cloud Pak for Data privilege escalation
https://notcve.org/view.php?id=CVE-2023-42005
29 May 2024 — IBM Db2 on Cloud Pak for Data and Db2 Warehouse on Cloud Pak for Data 3.5, 4.0, 4.5, 4.6, 4.7, and 4.8 could allow a user with access to the Kubernetes pod, to make system calls compromising the security of containers. IBM X-Force ID: 265264. IBM Db2 on Cloud Pak for Data y Db2 Warehouse on Cloud Pak for Data 3.5, 4.0, 4.5, 4.6, 4.7 y 4.8 podrían permitir a un usuario con acceso al pod de Kubernetes realizar llamadas al sistema que comprometan la seguridad de los contenedores. ID de IBM X-Force: 265264. • https://exchange.xforce.ibmcloud.com/vulnerabilities/265264 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-22360 – IBM Db2 for Linux, UNIX and Windows denial of service
https://notcve.org/view.php?id=CVE-2024-22360
03 Apr 2024 — IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 is vulnerable to a denial of service with a specially crafted query on certain columnar tables. IBM X-Force ID: 280905. IBM Db2 para Linux, UNIX y Windows (incluye Db2 Connect Server) 11.5 es vulnerable a una denegación de servicio con una consulta especialmente manipulada en determinadas tablas de columnas. ID de IBM X-Force: 280905. • https://https://exchange.xforce.ibmcloud.com/vulnerabilities/280905 • CWE-20: Improper Input Validation •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2023-52296 – IBM Db2 for Linux, UNIX and Windows denial of service
https://notcve.org/view.php?id=CVE-2023-52296
03 Apr 2024 — IBM DB2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 is vulnerable to denial of service when querying a specific UDF built-in function concurrently. IBM X-Force ID: 278547. IBM DB2 para Linux, UNIX y Windows (incluye Db2 Connect Server) 11.5 es vulnerable a la denegación de servicio cuando se consulta una función integrada UDF específica de forma simultánea. ID de IBM X-Force: 278547. • https://https://exchange.xforce.ibmcloud.com/vulnerabilities/278547 • CWE-20: Improper Input Validation •
CVSS: 6.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-38729 – IBM Db2 information disclosure
https://notcve.org/view.php?id=CVE-2023-38729
03 Apr 2024 — IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server)10.5, 11.1, and 11.5 is vulnerable to sensitive information disclosure when using ADMIN_CMD with IMPORT or EXPORT. IBM X-Force ID: 262259. IBM Db2 para Linux, UNIX y Windows (incluye Db2 Connect Server) 10.5, 11.1 y 11.5 es vulnerable a la divulgación de información confidencial cuando se utiliza ADMIN_CMD con IMPORT o EXPORT. ID de IBM X-Force: 262259. IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is v... • https://https://exchange.xforce.ibmcloud.com/vulnerabilities/262259 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •