CVSS: 7.8EPSS: 0%CPEs: 22EXPL: 0CVE-2023-30987 – IBM Db2 denial of service
https://notcve.org/view.php?id=CVE-2023-30987
16 Oct 2023 — IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted query on certain databases. IBM X-Force ID: 253440. IBM Db2 para Linux, UNIX y Windows (incluyendo Db2 Connect Server) 10.5, 11.1 y 11.5 es vulnerable a la Denegación de Servicio con una consulta especialmente manipulada en determinadas bases de datos. ID de IBM X-Force: 253440. • https://exchange.xforce.ibmcloud.com/vulnerabilities/253440 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 23EXPL: 0CVE-2023-26022 – IBM Db2 denial of service
https://notcve.org/view.php?id=CVE-2023-26022
28 Apr 2023 — IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) is vulnerable to a denial of service as the server may crash when an Out of Memory occurs using the DBMS_OUTPUT module. IBM X-Force ID: 247868. • https://exchange.xforce.ibmcloud.com/vulnerabilities/247868 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 11EXPL: 0CVE-2023-26021 – IBM Db2 denial of service
https://notcve.org/view.php?id=CVE-2023-26021
28 Apr 2023 — IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.1 and 11.5 is vulnerable to a denial of service as the server may crash when compiling a specially crafted SQL query using a LIMIT clause. IBM X-Force ID: 247864. • https://exchange.xforce.ibmcloud.com/vulnerabilities/247864 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 23EXPL: 0CVE-2023-27555 – IBM Db2 denial of service
https://notcve.org/view.php?id=CVE-2023-27555
28 Apr 2023 — IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.5 is vulnerable to a denial of service when attempting to use ACR client affinity for unfenced DRDA federation wrappers. IBM X-Force ID: 249187. • https://exchange.xforce.ibmcloud.com/vulnerabilities/249187 • CWE-20: Improper Input Validation •
CVSS: 5.9EPSS: 0%CPEs: 23EXPL: 0CVE-2023-25930 – IBM Db2 denial of service
https://notcve.org/view.php?id=CVE-2023-25930
28 Apr 2023 — IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.1, 11.1, and 11.5 is vulnerable to a denial of service. Under rare conditions, setting a special register may cause the Db2 server to terminate abnormally. IBM X-Force ID: 247862. • https://exchange.xforce.ibmcloud.com/vulnerabilities/247862 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 23EXPL: 0CVE-2023-29255 – IBM DB2 for Linux, UNIX and Windows denial of service
https://notcve.org/view.php?id=CVE-2023-29255
27 Apr 2023 — IBM DB2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to a denial of service as it may trap when compiling a variation of an anonymous block. IBM X-Force ID: 251991. • https://exchange.xforce.ibmcloud.com/vulnerabilities/251991 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 23EXPL: 0CVE-2023-27559 – IBM Db2 denial of service
https://notcve.org/view.php?id=CVE-2023-27559
26 Apr 2023 — IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to a denial of service as the server may crash when using a specially crafted subquery. IBM X-Force ID: 249196. • https://exchange.xforce.ibmcloud.com/vulnerabilities/249196 • CWE-20: Improper Input Validation •
CVSS: 8.3EPSS: 1%CPEs: 23EXPL: 0CVE-2023-29257 – IBM Db2 code execution
https://notcve.org/view.php?id=CVE-2023-29257
26 Apr 2023 — IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to remote code execution as a database administrator of one database may execute code or read/write files from another database within the same instance. IBM X-Force ID: 252011. • https://exchange.xforce.ibmcloud.com/vulnerabilities/252011 •
CVSS: 7.5EPSS: 1%CPEs: 5EXPL: 0CVE-2021-29702
https://notcve.org/view.php?id=CVE-2021-29702
16 Jun 2021 — Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.1.4 and 11.5.5 is vulnerable to a denial of service as the server terminates abnormally when executing a specially crafted SELECT statement. IBM X-Force ID: 200658. Db2 para Linux, UNIX y Windows (incluye Db2 Connect Server) versiones 11.1.4 y 11.5.5, es vulnerable a una denegación de servicio, ya que el servidor termina de forma anormal cuando se ejecuta una sentencia SELECT especialmente diseñada. IBM X-Force ID: 200658 • https://exchange.xforce.ibmcloud.com/vulnerabilities/200658 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •
CVSS: 8.4EPSS: 0%CPEs: 36EXPL: 0CVE-2020-5025
https://notcve.org/view.php?id=CVE-2020-5025
11 Mar 2021 — IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 db2fm is vulnerable to a buffer overflow, caused by improper bounds checking which could allow a local attacker to execute arbitrary code on the system with root privileges. IBM X-Force ID: 193661. IBM DB2 para Linux, UNIX y Windows (incluye DB2 Connect Server) versiones 9.7, 10.1, 10.5, 11.1 y 11.5, db2fm es vulnerable a un desbordamiento del búfer, causado por una comprobación inapropiada de límites que podrí... • https://exchange.xforce.ibmcloud.com/vulnerabilities/193661 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •