CVSS: 7.5EPSS: 0%CPEs: 23EXPL: 0CVE-2023-38728 – IBM Db2 denial of service
https://notcve.org/view.php?id=CVE-2023-38728
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted XML query statement. IBM X-Force ID: 262258. IBM Db2 para Linux, UNIX y Windows (incluyendo Db2 Connect Server) 10.5, 11.1 y 11.5 es vulnerable a la Denegación de Servicio con una declaración de consulta XML especialmente manipulada. ID de IBM X-Force: 262258. • https://exchange.xforce.ibmcloud.com/vulnerabilities/262258 https://security.netapp.com/advisory/ntap-20231116-0006 https://www.ibm.com/support/pages/node/7047478 https://www.ibm.com/support/pages/node/7047489 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2023-38740 – IBM Db2 denial of service
https://notcve.org/view.php?id=CVE-2023-38740
IBM Db2 for Linux, UNIX, and Windows (includes Db2 Connect Server) 11.5 is vulnerable to a denial of service with a specially crafted SQL statement. IBM X-Force ID: 262613. IBM Db2 para Linux, UNIX y Windows (incluyendo Db2 Connect Server) 11.5 es vulnerable a una Denegación de Servicio con una declaración SQL especialmente manipulada. ID de IBM X-Force: 262613. • https://exchange.xforce.ibmcloud.com/vulnerabilities/262613 https://security.netapp.com/advisory/ntap-20231116-0007 https://www.ibm.com/support/pages/node/7047489 https://www.ibm.com/support/pages/node/7047554 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 11EXPL: 0CVE-2023-38720 – IBM Db2 denial of service
https://notcve.org/view.php?id=CVE-2023-38720
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 and 11.5 is vulnerable to denial of service with a specially crafted ALTER TABLE statement. IBM X-Force ID: 261616. IBM Db2 para Linux, UNIX y Windows (incluyendo Db2 Connect Server) 11.5 y 11.5 es vulnerable a la Denegación de Servicio con una declaración ALTER TABLE especialmente manipulada. ID de IBM X-Force: 261616. • https://exchange.xforce.ibmcloud.com/vulnerabilities/261616 https://security.netapp.com/advisory/ntap-20231116-0005 https://www.ibm.com/support/pages/node/7047489 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 22EXPL: 0CVE-2023-30987 – IBM Db2 denial of service
https://notcve.org/view.php?id=CVE-2023-30987
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted query on certain databases. IBM X-Force ID: 253440. IBM Db2 para Linux, UNIX y Windows (incluyendo Db2 Connect Server) 10.5, 11.1 y 11.5 es vulnerable a la Denegación de Servicio con una consulta especialmente manipulada en determinadas bases de datos. ID de IBM X-Force: 253440. • https://exchange.xforce.ibmcloud.com/vulnerabilities/253440 https://security.netapp.com/advisory/ntap-20231116-0006 https://www.ibm.com/support/pages/node/7047560 • CWE-20: Improper Input Validation •
CVSS: 6.7EPSS: 0%CPEs: 4EXPL: 0CVE-2023-35012 – IBM Db2 code execution
https://notcve.org/view.php?id=CVE-2023-35012
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 with a Federated configuration is vulnerable to a stack-based buffer overflow, caused by improper bounds checking. A local user with SYSADM privileges could overflow the buffer and execute arbitrary code on the system. IBM X-Force ID: 257763. • https://exchange.xforce.ibmcloud.com/vulnerabilities/257763 https://security.netapp.com/advisory/ntap-20230818-0013 https://www.ibm.com/support/pages/node/7010747 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •