CVE-2023-45193 – IBM Db2 denial of service
https://notcve.org/view.php?id=CVE-2023-45193
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 federated server is vulnerable to a denial of service when a specially crafted cursor is used. IBM X-Force ID: 268759. El servidor federado IBM Db2 para Linux, UNIX y Windows (incluye Db2 Connect Server) 11.5 es vulnerable a una denegación de servicio cuando se utiliza un cursor especialmente manipulado. ID de IBM X-Force: 268759. • https://exchange.xforce.ibmcloud.com/vulnerabilities/268759 https://security.netapp.com/advisory/ntap-20240307-0001 https://www.ibm.com/support/pages/node/7105501 • CWE-20: Improper Input Validation •
CVE-2023-50308 – IBM Db2 denial of service
https://notcve.org/view.php?id=CVE-2023-50308
IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.5 under certain circumstances could allow an authenticated user to the database to cause a denial of service when a statement is run on columnar tables. IBM X-Force ID: 273393. IBM Db2 para Linux, UNIX y Windows (incluye DB2 Connect Server) 11.5 bajo ciertas circunstancias podría permitir que un usuario autenticado en la base de datos provoque una denegación de servicio cuando se ejecuta una declaración en tablas de columnas. ID de IBM X-Force: 273393. • https://exchange.xforce.ibmcloud.com/vulnerabilities/273393 https://security.netapp.com/advisory/ntap-20240307-0001 https://www.ibm.com/support/pages/node/7105506 • CWE-20: Improper Input Validation •
CVE-2023-47746 – IBM Db2 denial of service
https://notcve.org/view.php?id=CVE-2023-47746
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 could allow an authenticated user with CONNECT privileges to cause a denial of service using a specially crafted query. IBM X-Force ID: 272644. IBM Db2 para Linux, UNIX y Windows (incluye Db2 Connect Server) 10.5, 11.1 y 11.5 podría permitir que un usuario autenticado con privilegios CONNECT provoque una denegación de servicio mediante una consulta especialmente manipulada. ID de IBM X-Force: 272644. • https://exchange.xforce.ibmcloud.com/vulnerabilities/272644 https://security.netapp.com/advisory/ntap-20240307-0003 https://www.ibm.com/support/pages/node/7105505 • CWE-20: Improper Input Validation CWE-770: Allocation of Resources Without Limits or Throttling •
CVE-2023-35020 – IBM Sterling Control Center directory traversal
https://notcve.org/view.php?id=CVE-2023-35020
IBM Sterling Control Center 6.3.0 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 257874. IBM Sterling Control Center versión 6.3.0 podría permitir que un atacante remoto atraviese directorios del sistema. Un atacante podría enviar una solicitud URL especialmente manipulada que contenga secuencias de "puntos" (/../) para ver archivos arbitrarios en el sistema. • https://exchange.xforce.ibmcloud.com/vulnerabilities/257874 https://www.ibm.com/support/pages/node/7107788 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVE-2023-45171 – IBM AIX denial of service
https://notcve.org/view.php?id=CVE-2023-45171
IBM AIX 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the kernel to cause a denial of service. IBM X-Force ID: 267969. IBM AIX 7.2, 7.3 y VIOS 3.1 podrían permitir que un usuario local sin privilegios aproveche una vulnerabilidad en el kernel para provocar una denegación de servicio. ID de IBM X-Force: 267969. • https://exchange.xforce.ibmcloud.com/vulnerabilities/267969 https://www.ibm.com/support/pages/node/7105282 • CWE-20: Improper Input Validation •