CVSS: 3.3EPSS: 0%CPEs: 2EXPL: 0CVE-2024-31870 – IBM i information disclosure
https://notcve.org/view.php?id=CVE-2024-31870
15 Jun 2024 — IBM Db2 for i 7.2, 7.3, 7.4, and 7.5 supplies user defined table function is vulnerable to user enumeration by a local authenticated attacker, without having authority to the related *USRPRF objects. This can be used by a malicious actor to gather information about users that can be targeted in further attacks. IBM X-Force ID: 287174. IBM Db2 para i 7.2, 7.3, 7.4 y 7.5 proporciona una función de tabla definida por el usuario que es vulnerable a la enumeración de usuarios por parte de un atacante local auten... • https://exchange.xforce.ibmcloud.com/vulnerabilities/287174 • CWE-204: Observable Response Discrepancy •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-29267 – IBM Db2 denial of service
https://notcve.org/view.php?id=CVE-2023-29267
12 Jun 2024 — IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5is vulnerable to a denial of service, under specific configurations, as the server may crash when using a specially crafted SQL statement by an authenticated user. IBM X-Force ID: 287612. IBM Db2 para Linux, UNIX y Windows (incluye Db2 Connect Server) 10.5, 11.1 y 11.5 es vulnerable a una denegación de servicio, en configuraciones específicas, ya que el servidor puede fallar cuando se utiliza una declaración SQL especialme... • https://exchange.xforce.ibmcloud.com/vulnerabilities/287612 • CWE-399: Resource Management Errors •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-31881 – IBM Db2 denial of service
https://notcve.org/view.php?id=CVE-2024-31881
12 Jun 2024 — IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to a denial of service as the server may crash when using a specially crafted query on certain columnar tables by an authenticated user. IBM X-Force ID: 287613. IBM Db2 para Linux, UNIX y Windows (incluye Db2 Connect Server) 10.5, 11.1 y 11.5 es vulnerable a una denegación de servicio ya que el servidor puede fallar cuando un usuario autenticado utiliza una consulta especialmente manipulada en ciertas tablas... • https://exchange.xforce.ibmcloud.com/vulnerabilities/287613 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-28762 – IBM Db2 denial of service
https://notcve.org/view.php?id=CVE-2024-28762
12 Jun 2024 — IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted query under certain conditions. IBM X-Force ID: 285246. IBM Db2 para Linux, UNIX y Windows (incluye DB2 Connect Server) 10.5, 11.1 y 11.5 es vulnerable a la denegación de servicio con una consulta especialmente manipulada bajo ciertas condiciones. ID de IBM X-Force: 285246. • https://exchange.xforce.ibmcloud.com/vulnerabilities/285246 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 7.4EPSS: 0%CPEs: 2EXPL: 0CVE-2023-42005 – IBM Db2 on Cloud Pak for Data privilege escalation
https://notcve.org/view.php?id=CVE-2023-42005
29 May 2024 — IBM Db2 on Cloud Pak for Data and Db2 Warehouse on Cloud Pak for Data 3.5, 4.0, 4.5, 4.6, 4.7, and 4.8 could allow a user with access to the Kubernetes pod, to make system calls compromising the security of containers. IBM X-Force ID: 265264. IBM Db2 on Cloud Pak for Data y Db2 Warehouse on Cloud Pak for Data 3.5, 4.0, 4.5, 4.6, 4.7 y 4.8 podrían permitir a un usuario con acceso al pod de Kubernetes realizar llamadas al sistema que comprometan la seguridad de los contenedores. ID de IBM X-Force: 265264. • https://exchange.xforce.ibmcloud.com/vulnerabilities/265264 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-22360 – IBM Db2 for Linux, UNIX and Windows denial of service
https://notcve.org/view.php?id=CVE-2024-22360
03 Apr 2024 — IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 is vulnerable to a denial of service with a specially crafted query on certain columnar tables. IBM X-Force ID: 280905. IBM Db2 para Linux, UNIX y Windows (incluye Db2 Connect Server) 11.5 es vulnerable a una denegación de servicio con una consulta especialmente manipulada en determinadas tablas de columnas. ID de IBM X-Force: 280905. • https://https://exchange.xforce.ibmcloud.com/vulnerabilities/280905 • CWE-20: Improper Input Validation •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2023-52296 – IBM Db2 for Linux, UNIX and Windows denial of service
https://notcve.org/view.php?id=CVE-2023-52296
03 Apr 2024 — IBM DB2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 is vulnerable to denial of service when querying a specific UDF built-in function concurrently. IBM X-Force ID: 278547. IBM DB2 para Linux, UNIX y Windows (incluye Db2 Connect Server) 11.5 es vulnerable a la denegación de servicio cuando se consulta una función integrada UDF específica de forma simultánea. ID de IBM X-Force: 278547. • https://https://exchange.xforce.ibmcloud.com/vulnerabilities/278547 • CWE-20: Improper Input Validation •
CVSS: 6.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-38729 – IBM Db2 information disclosure
https://notcve.org/view.php?id=CVE-2023-38729
03 Apr 2024 — IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server)10.5, 11.1, and 11.5 is vulnerable to sensitive information disclosure when using ADMIN_CMD with IMPORT or EXPORT. IBM X-Force ID: 262259. IBM Db2 para Linux, UNIX y Windows (incluye Db2 Connect Server) 10.5, 11.1 y 11.5 es vulnerable a la divulgación de información confidencial cuando se utiliza ADMIN_CMD con IMPORT o EXPORT. ID de IBM X-Force: 262259. IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is v... • https://https://exchange.xforce.ibmcloud.com/vulnerabilities/262259 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.2EPSS: 0%CPEs: 1EXPL: 0CVE-2024-25030
https://notcve.org/view.php?id=CVE-2024-25030
03 Apr 2024 — IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.1 stores potentially sensitive information in log files that could be read by a local user. IBM X-Force ID: 281677. IBM Db2 para Linux, UNIX y Windows (incluye Db2 Connect Server) 11.1 almacena información potencialmente confidencial en archivos de registro que un usuario local podría leer. ID de IBM X-Force: 281677. • https://https://exchange.xforce.ibmcloud.com/vulnerabilities/281677 • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 6.8EPSS: 0%CPEs: 5EXPL: 0CVE-2023-47141 – IBM Db2 denial of service
https://notcve.org/view.php?id=CVE-2023-47141
22 Jan 2024 — IIBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 could allow an authenticated user with CONNECT privileges to cause a denial of service using a specially crafted query. IBM X-Force ID: 270264. IIBM Db2 para Linux, UNIX y Windows (incluye Db2 Connect Server) 11.5 podría permitir que un usuario autenticado con privilegios CONNECT provoque una denegación de servicio mediante una consulta especialmente manipulada. ID de IBM X-Force: 270264. • https://exchange.xforce.ibmcloud.com/vulnerabilities/270264 • CWE-20: Improper Input Validation •