Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ibm db2 9.0 vulnerabilities and exploits
(subscribe to this query)
735
VMScore
CVE-2003-1051
Multiple format string vulnerabilities in IBM DB2 Universal Database 8.1 may allow local users to execute arbitrary code via certain command line arguments to (1) db2start, (2) db2stop, or (3) db2govd.
Ibm Db2 9.0
3 EDB exploits
725
VMScore
CVE-2003-1052
IBM DB2 7.1 and 8.1 allow the bin user to gain root privileges by modifying the shared libraries that are used in setuid root programs.
Ibm Db2 9.0
Ibm Db2 Universal Database 6.0
Ibm Db2 Universal Database 7.0
Ibm Db2 Universal Database 8.0
Ibm Db2 Universal Database 8.1
Ibm Db2 Universal Database 8.2
Ibm Db2 Universal Database 7.1
Ibm Db2 Universal Database 7.2
1 EDB exploit
614
VMScore
CVE-2007-5757
Untrusted search path vulnerability in db2pd in IBM DB2 Universal Database (UDB) 8 before FixPak 16 and 9 before Fix Pack 4 allows local users to gain root privileges via a modified DB2INSTANCE environment variable that points to a malicious library. NOTE: this might be the same ...
Ibm Db2 Universal Database
Ibm Db2 Universal Database 9.0
445
VMScore
CVE-2007-4423
Stack-based buffer overflow in the AUTH_LIST_GROUPS_FOR_AUTHID function in IBM DB2 UDB 9.1 before Fixpak 3 allows malicious users to cause a denial of service and possibly execute arbitrary code via a long argument.
Ibm Db2 Universal Database 8.0
Ibm Db2 Universal Database 9.0
Ibm Db2 Universal Database 9.1
392
VMScore
CVE-2007-1228
IBM DB2 UDB 8.2 before Fixpak 7 (aka fixpack 14), and DB2 9 before Fix Pack 2, on UNIX allows the "fenced" user to access certain unauthorized directories.
Ibm Db2 8.2
Ibm Db2 9.0
392
VMScore
CVE-2007-1027
Certain setuid DB2 binaries in IBM DB2 prior to 9 Fix Pack 2 for Linux and Unix allow local users to overwrite arbitrary files via a symlink attack on the DB2DIAG.LOG temporary file.
Ibm Db2 9.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started