Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ibm db2 9.0 vulnerabilities and exploits
(subscribe to this query)
4.4
CVSSv2
CVE-2007-1228
IBM DB2 UDB 8.2 before Fixpak 7 (aka fixpack 14), and DB2 9 before Fix Pack 2, on UNIX allows the "fenced" user to access certain unauthorized directories.
Ibm Db2 8.2
Ibm Db2 9.0
6.9
CVSSv2
CVE-2007-5757
Untrusted search path vulnerability in db2pd in IBM DB2 Universal Database (UDB) 8 before FixPak 16 and 9 before Fix Pack 4 allows local users to gain root privileges via a modified DB2INSTANCE environment variable that points to a malicious library. NOTE: this might be the same ...
Ibm Db2 Universal Database
Ibm Db2 Universal Database 9.0
5
CVSSv2
CVE-2007-4423
Stack-based buffer overflow in the AUTH_LIST_GROUPS_FOR_AUTHID function in IBM DB2 UDB 9.1 before Fixpak 3 allows malicious users to cause a denial of service and possibly execute arbitrary code via a long argument.
Ibm Db2 Universal Database 8.0
Ibm Db2 Universal Database 9.0
Ibm Db2 Universal Database 9.1
7.2
CVSSv2
CVE-2003-1052
IBM DB2 7.1 and 8.1 allow the bin user to gain root privileges by modifying the shared libraries that are used in setuid root programs.
Ibm Db2 9.0
Ibm Db2 Universal Database 6.0
Ibm Db2 Universal Database 7.0
Ibm Db2 Universal Database 8.0
Ibm Db2 Universal Database 8.1
Ibm Db2 Universal Database 8.2
Ibm Db2 Universal Database 7.1
Ibm Db2 Universal Database 7.2
1 EDB exploit
7.2
CVSSv2
CVE-2003-1051
Multiple format string vulnerabilities in IBM DB2 Universal Database 8.1 may allow local users to execute arbitrary code via certain command line arguments to (1) db2start, (2) db2stop, or (3) db2govd.
Ibm Db2 9.0
3 EDB exploits
4.4
CVSSv2
CVE-2007-1027
Certain setuid DB2 binaries in IBM DB2 prior to 9 Fix Pack 2 for Linux and Unix allow local users to overwrite arbitrary files via a symlink attack on the DB2DIAG.LOG temporary file.
Ibm Db2 9.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7028
memory leak
log injection
CVE-2024-3400
CVE-2022-48695
CVE-2022-48675
CVE-2024-34487
CVE-2024-33792
spoof
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started