CVSS: 8.4EPSS: 0%CPEs: 10EXPL: 0CVE-2018-1978
https://notcve.org/view.php?id=CVE-2018-1978
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 is vulnerable to a buffer overflow, which could allow an authenticated local attacker to execute arbitrary code on the system as root. IBM X-ForceID: 154069. IBM DB2 para Linux, UNIX y Windows, en sus versiones 9.7, 10.1, 10.5 y 11.1 (incluido DB2 Connect Server), es vulnerable a un desbordamiento de búfer, lo que podría permitir que un atacante local autenticado ejecute código arbitrario en el sistema como root. IBM X-Force ID: 154069. • http://www.securityfocus.com/bid/107398 https://exchange.xforce.ibmcloud.com/vulnerabilities/154069 https://www.ibm.com/support/docview.wss?uid=ibm10740413 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.4EPSS: 0%CPEs: 10EXPL: 0CVE-2019-4015
https://notcve.org/view.php?id=CVE-2019-4015
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 is vulnerable to a buffer overflow, which could allow an authenticated local attacker to execute arbitrary code on the system as root. IBM X-ForceID: 155893. IBM DB2 para Linux, UNIX y Windows, en sus versiones 9.7, 10.1, 10.5 y 11.1 (incluido DB2 Connect Server), es vulnerable a un desbordamiento de búfer, lo que podría permitir que un atacante local autenticado ejecute código arbitrario en el sistema como root. IBM X-Force ID: 155893. • http://www.securityfocus.com/bid/107398 https://exchange.xforce.ibmcloud.com/vulnerabilities/155893 https://www.ibm.com/support/docview.wss?uid=ibm10740413 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 8.4EPSS: 0%CPEs: 10EXPL: 0CVE-2019-4016
https://notcve.org/view.php?id=CVE-2019-4016
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 is vulnerable to a buffer overflow, which could allow an authenticated local attacker to execute arbitrary code on the system as root. IBM X-ForceID: 155894. IBM DB2 para Linux, UNIX y Windows, en sus versiones 9.7, 10.1, 10.5 y 11.1 (incluido DB2 Connect Server), es vulnerable a un desbordamiento de búfer, lo que podría permitir que un atacante local autenticado ejecute código arbitrario en el sistema como root. IBM X-Force ID: 155894. • http://www.securityfocus.com/bid/107398 https://exchange.xforce.ibmcloud.com/vulnerabilities/155894 https://www.ibm.com/support/docview.wss?uid=ibm10740413 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 8.4EPSS: 0%CPEs: 10EXPL: 0CVE-2018-1897
https://notcve.org/view.php?id=CVE-2018-1897
IBM DB2 for Linux, UNIX and Windows 9.7, 10.1, 10.5., and 11.1 db2pdcfg is vulnerable to a stack based buffer overflow, caused by improper bounds checking which could allow an attacker to execute arbitrary code. IBM X-Force ID: 152462. IBM DB2 para Linux, UNIX y Windows 9.7, 10.1, 10.5 y 11.1 db2pdcfg es vulnerable a un desbordamiento de búfer basado en pila provocado por una comprobación de límites incorrecta que podría permitir que un atacante ejecute código arbitrario. IBM X-Force ID: 152462. • http://www.ibm.com/support/docview.wss?uid=ibm10737295 http://www.securityfocus.com/bid/106060 http://www.securitytracker.com/id/1042165 https://exchange.xforce.ibmcloud.com/vulnerabilities/152462 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2018-1780
https://notcve.org/view.php?id=CVE-2018-1780
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 could allow a local db2 instance owner to obtain root access by exploiting a symbolic link attack to read/write/corrupt a file that they originally did not have permission to access. IBM X-Force ID: 148803. IBM DB2 para Linux, UNIX y Windows (incluido DB2 Connect Server) 9.7, 10.1, 10.5 y 11.1 podría permitir que un propietario local de instancias db2 obtenga acceso root explotando un ataque de enlace simbólico para leer/escribir/corromper un archivo al que no se tenía permiso de acceso originalmente. IBM X-Force ID: 148803. • http://www.ibm.com/support/docview.wss?uid=ibm10733939 http://www.securityfocus.com/bid/105885 http://www.securitytracker.com/id/1042086 https://exchange.xforce.ibmcloud.com/vulnerabilities/148803 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •