CVSS: 5.3EPSS: 0%CPEs: 5EXPL: 0CVE-2023-47741 – IBM i information disclosure
https://notcve.org/view.php?id=CVE-2023-47741
18 Dec 2023 — IBM i 7.3, 7.4, 7.5, IBM i Db2 Mirror for i 7.4 and 7.5 web browser clients may leave clear-text passwords in browser memory that can be viewed using common browser tools before the memory is garbage collected. A malicious actor with access to the victim's PC could exploit this vulnerability to gain access to the IBM i operating system. IBM X-Force ID: 272532. Los clientes de navegador web IBM i 7.3, 7.4, 7.5, IBM i Db2 Mirror para i 7.4 y 7.5 pueden dejar contraseñas de texto plano en la memoria del navega... • https://www.ibm.com/support/pages/node/7097785 • CWE-522: Insufficiently Protected Credentials •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2023-29258 – IBM Db2 denial of service
https://notcve.org/view.php?id=CVE-2023-29258
04 Dec 2023 — IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.1, and 11.5 is vulnerable to a denial of service through a specially crafted federated query on specific federation objects. IBM X-Force ID: 252048. IBM Db2 para Linux, UNIX y Windows (incluye Db2 Connect Server) 11.1 y 11.5 es vulnerable a una denegación de servicio a través de una consulta federada especialmente manipulada en objetos de federación específicos. ID de IBM X-Force: 252048. • https://exchange.xforce.ibmcloud.com/vulnerabilities/252048 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2023-40687 – IBM Db2 denial of service
https://notcve.org/view.php?id=CVE-2023-40687
04 Dec 2023 — IBM DB2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted RUNSTATS command on an 8TB table. IBM X-Force ID: 264809. IBM DB2 para Linux, UNIX y Windows (incluye Db2 Connect Server) 10.5, 11.1 y 11.5 es vulnerable a la denegación de servicio con un comando RUNSTATS especialmente manipulado en una tabla de 8 TB. ID de IBM X-Force: 264809. • https://exchange.xforce.ibmcloud.com/vulnerabilities/264809 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2023-38727 – IBM Db2 denial of service
https://notcve.org/view.php?id=CVE-2023-38727
04 Dec 2023 — IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted SQL statement. IBM X-Force ID: 262257. IBM Db2 para Linux, UNIX y Windows (incluye Db2 Connect Server) 10.5, 11.1 y 11.5 es vulnerable a la denegación de servicio con una declaración SQL especialmente manipulada. ID de IBM X-Force: 262257. • https://exchange.xforce.ibmcloud.com/vulnerabilities/262257 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2023-47701 – IBM Db2 denial of service
https://notcve.org/view.php?id=CVE-2023-47701
04 Dec 2023 — IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted query. IBM X-Force ID: 266166. IBM Db2 para Linux, UNIX y Windows (incluye Db2 Connect Server) 10.5, 11.1 y 11.5 es vulnerable a la denegación de servicio con una consulta especialmente manipulada. ID de IBM X-Force: 266166. • https://exchange.xforce.ibmcloud.com/vulnerabilities/266166 • CWE-20: Improper Input Validation •
CVSS: 8.3EPSS: 0%CPEs: 9EXPL: 0CVE-2023-38003 – IBM Db2 command execution
https://notcve.org/view.php?id=CVE-2023-38003
04 Dec 2023 — IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 could allow a user with DATAACCESS privileges to execute routines that they should not have access to. IBM X-Force ID: 260214. IBM Db2 para Linux, UNIX y Windows (incluye Db2 Connect Server) 10.5, 11.1 y 11.5 podría permitir a un usuario con privilegios DATAACCESS ejecutar rutinas a las que no debería tener acceso. ID de IBM X-Force: 260214. • https://exchange.xforce.ibmcloud.com/vulnerabilities/260214 •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2023-46167 – IBM Db2 denial of service
https://notcve.org/view.php?id=CVE-2023-46167
04 Dec 2023 — IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 federated server is vulnerable to a denial of service when a specially crafted cursor is used. IBM X-Force ID: 269367. El servidor federado IBM Db2 para Linux, UNIX y Windows (incluye Db2 Connect Server) 11.5 es vulnerable a una denegación de servicio cuando se utiliza un cursor especialmente manipulado. ID de IBM X-Force: 269367. • https://exchange.xforce.ibmcloud.com/vulnerabilities/269367 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2023-40692 – IBM Db2 denial of service
https://notcve.org/view.php?id=CVE-2023-40692
03 Dec 2023 — IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, 11.5 is vulnerable to denial of service under extreme stress conditions. IBM X-Force ID: 264807. IBM Db2 para Linux, UNIX y Windows (incluye Db2 Connect Server) 10.5, 11.1, 11.5 es vulnerable a la denegación de servicio en condiciones de estrés extremo. ID de IBM X-Force: 264807. • https://exchange.xforce.ibmcloud.com/vulnerabilities/264807 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2023-45178 – IBM Db2 denial of service
https://notcve.org/view.php?id=CVE-2023-45178
03 Dec 2023 — IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.5 CLI is vulnerable to a denial of service when a specially crafted request is used. IBM X-Force ID: 268073. La Interfaz de Línea de Comandos (CLI) de IBM Db2 para Linux, UNIX y Windows (incluye DB2 Connect Server) 11.5 es vulnerable a una denegación de servicio cuando se utiliza una solicitud especialmente manipulada. ID de IBM X-Force: 268073. • https://exchange.xforce.ibmcloud.com/vulnerabilities/268073 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 23EXPL: 0CVE-2023-40373 – IBM Db2 denial of service
https://notcve.org/view.php?id=CVE-2023-40373
16 Oct 2023 — IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) is vulnerable to denial of service with a specially crafted query containing common table expressions. IBM X-Force ID: 263574. IBM Db2 para Linux, UNIX y Windows (incluyendo Db2 Connect Server) es vulnerable a la Denegación de Servicio con una consulta especialmente manipulada que contiene expresiones de tabla comunes. ID de IBM X-Force: 263574. • https://exchange.xforce.ibmcloud.com/vulnerabilities/263574 • CWE-20: Improper Input Validation •