CVSS: 7.5EPSS: 0%CPEs: 12EXPL: 0CVE-2005-4737
https://notcve.org/view.php?id=CVE-2005-4737
31 Dec 2005 — IBM DB2 Universal Database (UDB) 820 before ESE AIX 5765F4100 allows remote authenticated users to cause a denial of service (CPU consumption) by "abnormally" terminating a connection, which prevents db2agents from being properly cleared. • http://secunia.com/advisories/17031 •
CVSS: 6.8EPSS: 0%CPEs: 12EXPL: 2CVE-2005-4736
https://notcve.org/view.php?id=CVE-2005-4736
31 Dec 2005 — IBM DB2 Universal Database (UDB) 820 before 8.2 FP10 allows remote authenticated users to cause a denial of service (disk consumption) via a hash join (hsjn) that triggers an infinite loop in sqlri_hsjnFlushBlocks. • http://secunia.com/advisories/17031 •
CVSS: 8.8EPSS: 0%CPEs: 12EXPL: 0CVE-2005-4738
https://notcve.org/view.php?id=CVE-2005-4738
31 Dec 2005 — IBM DB2 Universal Database (UDB) 810 before ESE AIX 5765F4100 does not ensure that a user has execute privileges before permitting object creation based on routines, which allows remote authenticated users to gain privileges. • http://secunia.com/advisories/17031 •
CVSS: 6.8EPSS: 0%CPEs: 12EXPL: 3CVE-2005-4735
https://notcve.org/view.php?id=CVE-2005-4735
31 Dec 2005 — IBM DB2 Universal Database (UDB) 810 before 8.1 FP10 allows remote authenticated users to cause a denial of service (application crash) via (1) certain equality predicates that trigger self-removal, aka IY70808; and (2) a query with more than 32000 elements in the IN-list, aka LI70817. • http://secunia.com/advisories/17031 •
CVSS: 9.8EPSS: 0%CPEs: 14EXPL: 0CVE-2005-3643
https://notcve.org/view.php?id=CVE-2005-3643
16 Nov 2005 — IBM DB2 Database server running on Windows XP with Simple File Sharing enabled, allows remote attackers to bypass authentication and log on to the guest account without supplying a password. • http://www.ngssoftware.com/papers/database-on-xp.pdf •
CVSS: 10.0EPSS: 0%CPEs: 7EXPL: 0CVE-2005-0417
https://notcve.org/view.php?id=CVE-2005-0417
14 Feb 2005 — Unknown "high risk" vulnerability in DB2 Universal Database 8.1 and earlier has unknown impact and attack vectors. NOTE: due to the delayed disclosure of details for this issue, this candidate may be SPLIT in the future. In addition, this may be a duplicate of other issues as reported by the vendor. Vulnerabilidad desconocida de "alto riesgo" en DB2 Universal Database 8.1 y anteriores con impacto y vectores de ataque desconocidos. • http://marc.info/?l=bugtraq&m=110801212422825&w=2 •
CVSS: 9.8EPSS: 0%CPEs: 8EXPL: 3CVE-2003-1052 – IBM DB2 - Shared Library Injection
https://notcve.org/view.php?id=CVE-2003-1052
20 Aug 2004 — IBM DB2 7.1 and 8.1 allow the bin user to gain root privileges by modifying the shared libraries that are used in setuid root programs. IBM DB2 7.1 y 8.1 permite al usuario bin ganar privilegios de root modificando las librerías compartidas usadas por programas con setuid de root. • https://www.exploit-db.com/exploits/22989 •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2002-1583
https://notcve.org/view.php?id=CVE-2002-1583
20 Aug 2004 — Buffer overflow in sqllib/security/db2ckpw for IBM DB2 Universal Database 6.0 and 7.0 allows local users to execute arbitrary code via a long username that is read from a file descriptor argument. Desbordamiento de búfer en sqllib/security/db2ckpw de IBM DB2 Universal Database 6.0 y 7.0 permite a usuarios locales ejecutar código de su elección mediante un nombre de usuario largo que se lee de un argumento de descriptor de fichero. • http://www.iss.net/security_center/static/9078.php •