CVSS: 6.8EPSS: 0%CPEs: 9EXPL: 0CVE-2023-47746 – IBM Db2 denial of service
https://notcve.org/view.php?id=CVE-2023-47746
22 Jan 2024 — IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 could allow an authenticated user with CONNECT privileges to cause a denial of service using a specially crafted query. IBM X-Force ID: 272644. IBM Db2 para Linux, UNIX y Windows (incluye Db2 Connect Server) 10.5, 11.1 y 11.5 podría permitir que un usuario autenticado con privilegios CONNECT provoque una denegación de servicio mediante una consulta especialmente manipulada. ID de IBM X-Force: 272644. • https://exchange.xforce.ibmcloud.com/vulnerabilities/272644 • CWE-20: Improper Input Validation CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 8.4EPSS: 0%CPEs: 4EXPL: 0CVE-2023-47145 – IBM Db2 for Windows privilege escalation
https://notcve.org/view.php?id=CVE-2023-47145
07 Jan 2024 — IBM Db2 for Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 could allow a local user to escalate their privileges to the SYSTEM user using the MSI repair functionality. IBM X-Force ID: 270402. IBM Db2 para Windows (incluye Db2 Connect Server) 10.5, 11.1 y 11.5 podría permitir a un usuario local escalar sus privilegios al usuario de SYSTEM mediante la funcionalidad de reparación de MSI ID de IBM X-Force: 270402. • https://exchange.xforce.ibmcloud.com/vulnerabilities/270402 • CWE-269: Improper Privilege Management •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2023-29258 – IBM Db2 denial of service
https://notcve.org/view.php?id=CVE-2023-29258
04 Dec 2023 — IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.1, and 11.5 is vulnerable to a denial of service through a specially crafted federated query on specific federation objects. IBM X-Force ID: 252048. IBM Db2 para Linux, UNIX y Windows (incluye Db2 Connect Server) 11.1 y 11.5 es vulnerable a una denegación de servicio a través de una consulta federada especialmente manipulada en objetos de federación específicos. ID de IBM X-Force: 252048. • https://exchange.xforce.ibmcloud.com/vulnerabilities/252048 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2023-40687 – IBM Db2 denial of service
https://notcve.org/view.php?id=CVE-2023-40687
04 Dec 2023 — IBM DB2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted RUNSTATS command on an 8TB table. IBM X-Force ID: 264809. IBM DB2 para Linux, UNIX y Windows (incluye Db2 Connect Server) 10.5, 11.1 y 11.5 es vulnerable a la denegación de servicio con un comando RUNSTATS especialmente manipulado en una tabla de 8 TB. ID de IBM X-Force: 264809. • https://exchange.xforce.ibmcloud.com/vulnerabilities/264809 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2023-38727 – IBM Db2 denial of service
https://notcve.org/view.php?id=CVE-2023-38727
04 Dec 2023 — IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted SQL statement. IBM X-Force ID: 262257. IBM Db2 para Linux, UNIX y Windows (incluye Db2 Connect Server) 10.5, 11.1 y 11.5 es vulnerable a la denegación de servicio con una declaración SQL especialmente manipulada. ID de IBM X-Force: 262257. • https://exchange.xforce.ibmcloud.com/vulnerabilities/262257 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2023-47701 – IBM Db2 denial of service
https://notcve.org/view.php?id=CVE-2023-47701
04 Dec 2023 — IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted query. IBM X-Force ID: 266166. IBM Db2 para Linux, UNIX y Windows (incluye Db2 Connect Server) 10.5, 11.1 y 11.5 es vulnerable a la denegación de servicio con una consulta especialmente manipulada. ID de IBM X-Force: 266166. • https://exchange.xforce.ibmcloud.com/vulnerabilities/266166 • CWE-20: Improper Input Validation •
CVSS: 8.3EPSS: 0%CPEs: 9EXPL: 0CVE-2023-38003 – IBM Db2 command execution
https://notcve.org/view.php?id=CVE-2023-38003
04 Dec 2023 — IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 could allow a user with DATAACCESS privileges to execute routines that they should not have access to. IBM X-Force ID: 260214. IBM Db2 para Linux, UNIX y Windows (incluye Db2 Connect Server) 10.5, 11.1 y 11.5 podría permitir a un usuario con privilegios DATAACCESS ejecutar rutinas a las que no debería tener acceso. ID de IBM X-Force: 260214. • https://exchange.xforce.ibmcloud.com/vulnerabilities/260214 •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2023-40692 – IBM Db2 denial of service
https://notcve.org/view.php?id=CVE-2023-40692
03 Dec 2023 — IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, 11.5 is vulnerable to denial of service under extreme stress conditions. IBM X-Force ID: 264807. IBM Db2 para Linux, UNIX y Windows (incluye Db2 Connect Server) 10.5, 11.1, 11.5 es vulnerable a la denegación de servicio en condiciones de estrés extremo. ID de IBM X-Force: 264807. • https://exchange.xforce.ibmcloud.com/vulnerabilities/264807 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 0%CPEs: 23EXPL: 0CVE-2023-40373 – IBM Db2 denial of service
https://notcve.org/view.php?id=CVE-2023-40373
16 Oct 2023 — IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) is vulnerable to denial of service with a specially crafted query containing common table expressions. IBM X-Force ID: 263574. IBM Db2 para Linux, UNIX y Windows (incluyendo Db2 Connect Server) es vulnerable a la Denegación de Servicio con una consulta especialmente manipulada que contiene expresiones de tabla comunes. ID de IBM X-Force: 263574. • https://exchange.xforce.ibmcloud.com/vulnerabilities/263574 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 11EXPL: 0CVE-2023-30991 – IBM Db2 denial of service
https://notcve.org/view.php?id=CVE-2023-30991
16 Oct 2023 — IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.1 and 11.5 is vulnerable to denial of service with a specially crafted query. IBM X-Force ID: 254037. IBM Db2 para Linux, UNIX y Windows (incluyendo Db2 Connect Server) 11.1 y 11.5 es vulnerable a la Denegación de Servicio con una consulta especialmente manipulada. ID de IBM X-Force: 254037. • https://exchange.xforce.ibmcloud.com/vulnerabilities/254037 • CWE-20: Improper Input Validation •