CVE-2023-23487 – IBM Db2 audit logging
https://notcve.org/view.php?id=CVE-2023-23487
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.1 and 11.5 is vulnerable to insufficient audit logging. IBM X-Force ID: 245918. • https://exchange.xforce.ibmcloud.com/vulnerabilities/245918 https://security.netapp.com/advisory/ntap-20230731-0007 https://www.ibm.com/support/pages/node/7010567 •
CVE-2022-43929 – IBM Db2 for Linux, UNIX and Windows denial of service
https://notcve.org/view.php?id=CVE-2022-43929
IBM Db2 for Linux, UNIX and Windows 11.1 and 11.5 may be vulnerable to a Denial of Service when executing a specially crafted 'Load' command. IBM X-Force ID: 241676. • https://exchange.xforce.ibmcloud.com/vulnerabilities/241676 https://www.ibm.com/support/pages/node/6953763 • CWE-20: Improper Input Validation •
CVE-2022-43927 – IBM Db2 for Linux, UNIX and Windows information disclosure
https://notcve.org/view.php?id=CVE-2022-43927
IBM Db2 for Linux, UNIX and Windows 10.5, 11.1, and 11.5 is vulnerable to information Disclosure due to improper privilege management when a specially crafted table access is used. IBM X-Force ID: 241671. • https://exchange.xforce.ibmcloud.com/vulnerabilities/241671 https://www.ibm.com/support/pages/node/6953759 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-269: Improper Privilege Management •
CVE-2022-35637
https://notcve.org/view.php?id=CVE-2022-35637
IBM Db2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, 11.1, and 11.5 is vulnerable to a denial of service after entering a malformed SQL statement into the Db2expln tool. IBM X-Force ID: 230823. IBM Db2 para Linux, UNIX y Windows versiones 9.7, 10.1, 10.5, 11.1 y 11.5, es vulnerable a una denegación de servicio tras introducir una sentencia SQL malformada en la herramienta Db2expln. IBM X-Force ID: 230823 • https://exchange.xforce.ibmcloud.com/vulnerabilities/230823 https://security.netapp.com/advisory/ntap-20230921-0003 https://www.ibm.com/support/pages/node/6618775 •
CVE-2022-22483
https://notcve.org/view.php?id=CVE-2022-22483
IBM Db2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, 11.1, and 11.5 is vulnerable to an information disclosure in some scenarios due to unauthorized access caused by improper privilege management when CREATE OR REPLACE command is used. IBM X-Force ID: 225979. IBM Db2 para Linux, UNIX y Windows versiones 9.7, 10.1, 10.5, 11.1 y 11.5, es vulnerable a una divulgación de información en algunos escenarios debido a un acceso no autorizado causado por una administración de privilegios inapropiada cuando es usado el comando CREATE OR REPLACE. IBM X-Force ID: 225979 • https://exchange.xforce.ibmcloud.com/vulnerabilities/225979 https://security.netapp.com/advisory/ntap-20230921-0004 https://www.ibm.com/support/pages/node/6618779 • CWE-269: Improper Privilege Management •