Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ibm db2 10.1 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2013-4033
IBM DB2 and DB2 Connect 9.7 through FP8, 9.8 through FP5, 10.1 through FP2, and 10.5 through FP1 allow remote authenticated users to execute DML statements by leveraging EXPLAIN authority.
Ibm Db2 10.5
Ibm Db2 10.1
Ibm Db2 Connect 10.1
Ibm Db2 Connect 9.5
Ibm Db2 9.8
Ibm Db2 9.7
Ibm Db2 Connect 10.5
Ibm Db2 Connect 9.7
Ibm Db2 Connect 9.8
7.8
CVSSv3
CVE-2018-1710
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 10.1, 10.5, and 11.1 tool db2licm is affected by buffer overflow vulnerability that can potentially result in arbitrary code execution. IBM X-Force ID: 146364.
Ibm Db2 11.1
Ibm Db2 10.1
Ibm Db2 10.5
3.1
CVSSv3
CVE-2017-1150
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 10.1, 10.5, and 11.1 could allow an authenticated attacker with specialized access to tables that they should not be permitted to view. IBM Reference #: 1999515.
Ibm Db2 11.1
Ibm Db2 10.1
Ibm Db2 10.5
NA
CVE-2013-5466
The XSLT library in IBM DB2 and DB2 Connect 9.5 up to and including 10.5, and the DB2 pureScale Feature 9.8 for Enterprise Server Edition, allows remote authenticated users to cause a denial of service via unspecified vectors.
Ibm Db2 Connect 10.1
Ibm Db2 Connect 10.5
Ibm Db2 9.5
Ibm Db2 Connect 9.7
Ibm Db2 Connect 9.8
Ibm Db2 Connect 9.5
Ibm Db2 10.1
Ibm Db2 10.5
Ibm Db2 Purescale Feature 9.8 -
Ibm Db2 9.8
Ibm Db2 9.7
7.1
CVSSv3
CVE-2018-1448
IBM DB2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, and 11.1 (includes DB2 Connect Server) contains a vulnerability that could allow a local user to overwrite arbitrary files owned by the DB2 instance owner. IBM X-Force ID: 140043.
Ibm Db2 11.1
Ibm Db2 10.1
Ibm Db2 10.5
Ibm Db2 9.7
NA
CVE-2014-8910
IBM DB2 9.7 through FP10, 9.8 through FP5, 10.1 before FP5, and 10.5 through FP5 on Linux, UNIX, and Windows allows remote authenticated users to read arbitrary text files via a crafted XML/XSLT function in a SELECT statement.
Ibm Db2 9.7
Ibm Db2 9.8
Ibm Db2 10.1
Ibm Db2 10.5
7.8
CVSSv3
CVE-2018-1711
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 could allow a local user to to gain privileges due to allowing modification of columns of existing tasks. IBM X-Force ID: 146369.
Ibm Db2 9.7
Ibm Db2 10.1
Ibm Db2 10.5
Ibm Db2 11.1
NA
CVE-2014-6159
IBM DB2 9.7 before FP10, 9.8 through FP5, 10.1 through FT4, and 10.5 through FP4 on Linux, UNIX, and Windows, when immediate AUTO_REVAL is enabled, allows remote authenticated users to cause a denial of service (daemon crash) via a crafted ALTER TABLE statement.
Ibm Db2 9.8
Ibm Db2 10.1
Ibm Db2 9.7
Ibm Db2 10.5
NA
CVE-2014-6209
IBM DB2 9.5 through FP10, 9.7 through FP10, 9.8 through FP5, 10.1 through FP4, and 10.5 before FP5 on Linux, UNIX, and Windows allows remote authenticated users to cause a denial of service (daemon crash) by specifying an identity column within a crafted ALTER TABLE statement.
Ibm Db2 9.7
Ibm Db2 10.1
Ibm Db2 10.5
Ibm Db2 9.5
7.8
CVSSv3
CVE-2017-1677
IBM Data Server Driver for JDBC and SQLJ (IBM DB2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, and 11.1) deserializes the contents of /tmp/connlicj.bin which leads to object injection and potentially arbitrary code execution depending on the classpath. IBM X-Force ID: 133999.
Ibm Db2 9.7
Ibm Db2 10.5
Ibm Db2 10.1
Ibm Db2 11.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
CVE-2006-4304
wireless
CVE-2023-23022
local file inclusion
CVE-2024-27058
CVE-2024-33820
open redirect
CVE-2024-27079
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »