CVSS: 5.9EPSS: 0%CPEs: 23EXPL: 0CVE-2023-25930 – IBM Db2 denial of service
https://notcve.org/view.php?id=CVE-2023-25930
28 Apr 2023 — IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.1, 11.1, and 11.5 is vulnerable to a denial of service. Under rare conditions, setting a special register may cause the Db2 server to terminate abnormally. IBM X-Force ID: 247862. • https://exchange.xforce.ibmcloud.com/vulnerabilities/247862 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 23EXPL: 0CVE-2023-29255 – IBM DB2 for Linux, UNIX and Windows denial of service
https://notcve.org/view.php?id=CVE-2023-29255
27 Apr 2023 — IBM DB2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to a denial of service as it may trap when compiling a variation of an anonymous block. IBM X-Force ID: 251991. • https://exchange.xforce.ibmcloud.com/vulnerabilities/251991 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 23EXPL: 0CVE-2023-27559 – IBM Db2 denial of service
https://notcve.org/view.php?id=CVE-2023-27559
26 Apr 2023 — IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to a denial of service as the server may crash when using a specially crafted subquery. IBM X-Force ID: 249196. • https://exchange.xforce.ibmcloud.com/vulnerabilities/249196 • CWE-20: Improper Input Validation •
CVSS: 8.3EPSS: 0%CPEs: 23EXPL: 0CVE-2023-29257 – IBM Db2 code execution
https://notcve.org/view.php?id=CVE-2023-29257
26 Apr 2023 — IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to remote code execution as a database administrator of one database may execute code or read/write files from another database within the same instance. IBM X-Force ID: 252011. • https://exchange.xforce.ibmcloud.com/vulnerabilities/252011 •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2022-43930 – IBM Db2 for Linux, UNIX and Windows information disclosure
https://notcve.org/view.php?id=CVE-2022-43930
17 Feb 2023 — IBM Db2 for Linux, UNIX and Windows 10.5, 11.1, and 11.5 is vulnerable to an Information Disclosure as sensitive information may be included in a log file. IBM X-Force ID: 241677. • https://exchange.xforce.ibmcloud.com/vulnerabilities/241677 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 7.8EPSS: 0%CPEs: 14EXPL: 0CVE-2022-43927 – IBM Db2 for Linux, UNIX and Windows information disclosure
https://notcve.org/view.php?id=CVE-2022-43927
17 Feb 2023 — IBM Db2 for Linux, UNIX and Windows 10.5, 11.1, and 11.5 is vulnerable to information Disclosure due to improper privilege management when a specially crafted table access is used. IBM X-Force ID: 241671. • https://exchange.xforce.ibmcloud.com/vulnerabilities/241671 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-269: Improper Privilege Management •
CVSS: 10.0EPSS: 0%CPEs: 12EXPL: 0CVE-2022-41296 – IBM Db2U cross-site respect forgery
https://notcve.org/view.php?id=CVE-2022-41296
01 Dec 2022 — IBM Db2U 3.5, 4.0, and 4.5 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 237210. IBM Db2U 3.5, 4.0 y 4.5 es vulnerable a Cross-Site Request Forgery (CSRF), lo que podría permitir a un atacante ejecutar acciones maliciosas y no autorizadas transmitidas por un usuario en el que confía el sitio web. ID de IBM X-Force: 237210. • https://exchange.xforce.ibmcloud.com/vulnerabilities/237210 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 6.8EPSS: 0%CPEs: 14EXPL: 0CVE-2022-35637
https://notcve.org/view.php?id=CVE-2022-35637
13 Sep 2022 — IBM Db2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, 11.1, and 11.5 is vulnerable to a denial of service after entering a malformed SQL statement into the Db2expln tool. IBM X-Force ID: 230823. IBM Db2 para Linux, UNIX y Windows versiones 9.7, 10.1, 10.5, 11.1 y 11.5, es vulnerable a una denegación de servicio tras introducir una sentencia SQL malformada en la herramienta Db2expln. IBM X-Force ID: 230823 • https://exchange.xforce.ibmcloud.com/vulnerabilities/230823 •
CVSS: 6.8EPSS: 0%CPEs: 20EXPL: 0CVE-2022-22483
https://notcve.org/view.php?id=CVE-2022-22483
13 Sep 2022 — IBM Db2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, 11.1, and 11.5 is vulnerable to an information disclosure in some scenarios due to unauthorized access caused by improper privilege management when CREATE OR REPLACE command is used. IBM X-Force ID: 225979. IBM Db2 para Linux, UNIX y Windows versiones 9.7, 10.1, 10.5, 11.1 y 11.5, es vulnerable a una divulgación de información en algunos escenarios debido a un acceso no autorizado causado por una administración de privilegios inapropiada cuando es usado e... • https://exchange.xforce.ibmcloud.com/vulnerabilities/225979 • CWE-269: Improper Privilege Management •
CVSS: 7.5EPSS: 0%CPEs: 8EXPL: 0CVE-2022-22390
https://notcve.org/view.php?id=CVE-2022-22390
24 Jun 2022 — IBM Db2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, 11.1, and 11.5 may be vulnerable to an information disclosure caused by improper privilege management when table function is used. IBM X-Force ID: 221973. IBM Db2 para Linux, UNIX y Windows versiones 9.7, 10.1, 10.5, 11.1 y 11.5, puede ser vulnerable a una divulgación de información causada por una administración inapropiada de privilegios cuando es usada la función de tabla. IBM X-Force ID: 221973 • https://exchange.xforce.ibmcloud.com/vulnerabilities/221973 • CWE-269: Improper Privilege Management •