CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-40679 – IBM Db2 information disclosure
https://notcve.org/view.php?id=CVE-2024-40679
08 Jan 2025 — IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 is vulnerable to an information disclosure vulnerability as sensitive information may be included in a log file under specific conditions. • https://www.ibm.com/support/pages/node/7175957 • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-35152 – IBM Db2 denial of service
https://notcve.org/view.php?id=CVE-2024-35152
14 Aug 2024 — IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 could allow an authenticated user to cause a denial of service with a specially crafted query due to improper memory allocation. IBM X-Force ID: 292639. • https://exchange.xforce.ibmcloud.com/vulnerabilities/292639 • CWE-789: Memory Allocation with Excessive Size Value •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-22360 – IBM Db2 for Linux, UNIX and Windows denial of service
https://notcve.org/view.php?id=CVE-2024-22360
03 Apr 2024 — IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 is vulnerable to a denial of service with a specially crafted query on certain columnar tables. IBM X-Force ID: 280905. IBM Db2 para Linux, UNIX y Windows (incluye Db2 Connect Server) 11.5 es vulnerable a una denegación de servicio con una consulta especialmente manipulada en determinadas tablas de columnas. ID de IBM X-Force: 280905. • https://https://exchange.xforce.ibmcloud.com/vulnerabilities/280905 • CWE-20: Improper Input Validation •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2023-52296 – IBM Db2 for Linux, UNIX and Windows denial of service
https://notcve.org/view.php?id=CVE-2023-52296
03 Apr 2024 — IBM DB2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 is vulnerable to denial of service when querying a specific UDF built-in function concurrently. IBM X-Force ID: 278547. IBM DB2 para Linux, UNIX y Windows (incluye Db2 Connect Server) 11.5 es vulnerable a la denegación de servicio cuando se consulta una función integrada UDF específica de forma simultánea. ID de IBM X-Force: 278547. • https://https://exchange.xforce.ibmcloud.com/vulnerabilities/278547 • CWE-20: Improper Input Validation •
CVSS: 6.8EPSS: 0%CPEs: 5EXPL: 0CVE-2023-47141 – IBM Db2 denial of service
https://notcve.org/view.php?id=CVE-2023-47141
22 Jan 2024 — IIBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 could allow an authenticated user with CONNECT privileges to cause a denial of service using a specially crafted query. IBM X-Force ID: 270264. IIBM Db2 para Linux, UNIX y Windows (incluye Db2 Connect Server) 11.5 podría permitir que un usuario autenticado con privilegios CONNECT provoque una denegación de servicio mediante una consulta especialmente manipulada. ID de IBM X-Force: 270264. • https://exchange.xforce.ibmcloud.com/vulnerabilities/270264 • CWE-20: Improper Input Validation •
CVSS: 6.8EPSS: 0%CPEs: 9EXPL: 0CVE-2023-47158 – IBM Db2 denial of service
https://notcve.org/view.php?id=CVE-2023-47158
22 Jan 2024 — IBM DB2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1 and 11.5 could allow an authenticated user with CONNECT privileges to cause a denial of service using a specially crafted query. IBM X-Force ID: 270750. IBM DB2 para Linux, UNIX y Windows (incluye Db2 Connect Server) 10.1, 10.5 y 11.1 podría permitir que un usuario autenticado con privilegios CONNECT provoque una denegación de servicio mediante una consulta especialmente manipulada. ID de IBM X-Force: 270750. • https://exchange.xforce.ibmcloud.com/vulnerabilities/270750 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2023-47152 – IBM Db2 information disclosure
https://notcve.org/view.php?id=CVE-2023-47152
22 Jan 2024 — IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 is vulnerable to an insecure cryptographic algorithm and to information disclosure in stack trace under exceptional conditions. IBM X-Force ID: 270730. IBM Db2 para Linux, UNIX y Windows (incluye Db2 Connect Server) 11.5 es vulnerable a un algoritmo criptográfico inseguro y a la divulgación de información en el seguimiento de la pila en condiciones excepcionales. ID de IBM X-Force: 270730. IBM Db2 for Linux, UNIX and Windows (includes Db... • https://exchange.xforce.ibmcloud.com/vulnerabilities/270730 • CWE-209: Generation of Error Message Containing Sensitive Information •
CVSS: 6.8EPSS: 0%CPEs: 9EXPL: 0CVE-2023-27859 – IBM Db2 code execution
https://notcve.org/view.php?id=CVE-2023-27859
22 Jan 2024 — IBM Db2 10.1, 10.5, and 11.1 could allow a remote user to execute arbitrary code caused by installing like named jar files across multiple databases. A user could exploit this by installing a malicious jar file that overwrites the existing like named jar file in another database. IBM X-Force ID: 249205. IBM Db2 10.1, 10.5 y 11.1 podría permitir que un usuario remoto ejecute código arbitrario causado por la instalación de archivos jar con nombres similares en múltiples bases de datos. Un usuario podría aprov... • https://exchange.xforce.ibmcloud.com/vulnerabilities/249205 •
CVSS: 6.8EPSS: 0%CPEs: 9EXPL: 0CVE-2023-47747 – IBM Db2 denial of service
https://notcve.org/view.php?id=CVE-2023-47747
22 Jan 2024 — IBM DB2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.1, 10.5, and 11.1 could allow an authenticated user with CONNECT privileges to cause a denial of service using a specially crafted query. IBM X-Force ID: 272646. IBM DB2 para Linux, UNIX y Windows (incluye Db2 Connect Server) 10.1, 10.5 y 11.1 podría permitir que un usuario autenticado con privilegios CONNECT provoque una denegación de servicio mediante una consulta especialmente manipulada. ID de IBM X-Force: 272646. • https://exchange.xforce.ibmcloud.com/vulnerabilities/272646 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2023-45193 – IBM Db2 denial of service
https://notcve.org/view.php?id=CVE-2023-45193
22 Jan 2024 — IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 federated server is vulnerable to a denial of service when a specially crafted cursor is used. IBM X-Force ID: 268759. El servidor federado IBM Db2 para Linux, UNIX y Windows (incluye Db2 Connect Server) 11.5 es vulnerable a una denegación de servicio cuando se utiliza un cursor especialmente manipulado. ID de IBM X-Force: 268759. • https://exchange.xforce.ibmcloud.com/vulnerabilities/268759 • CWE-20: Improper Input Validation •