Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
db2 vulnerabilities and exploits
(subscribe to this query)
4.6
CVSSv2
CVE-2017-1677
IBM Data Server Driver for JDBC and SQLJ (IBM DB2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, and 11.1) deserializes the contents of /tmp/connlicj.bin which leads to object injection and potentially arbitrary code execution depending on the classpath. IBM X-Force ID: 133999.
Ibm Db2 9.7
Ibm Db2 10.5
Ibm Db2 10.1
Ibm Db2 11.1
7.2
CVSSv2
CVE-2019-4322
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 is vulnerable to a buffer overflow, which could allow an authenticated local malicious user to execute arbitrary code on the system as root. IBM X-Force ID: 161202.
Ibm Db2 9.7
Ibm Db2 10.1
Ibm Db2 10.5
Ibm Db2 11.1
5
CVSSv2
CVE-2020-4135
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 could allow an unauthenticated user to send specially crafted packets to cause a denial of service from excessive memory usage.
Ibm Db2 9.7
Ibm Db2 10.1
Ibm Db2 10.5
Ibm Db2 11.1
Ibm Db2 11.5
Netapp Oncommand Insight -
5
CVSSv2
CVE-2021-39002
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 uses weaker than expected cryptographic algorithms that could allow an malicious user to decrypt highly sensitive information.
Ibm Db2 9.7
Ibm Db2 10.1
Ibm Db2 10.5
Ibm Db2 11.1
Ibm Db2 11.5
Netapp Oncommand Insight -
2.1
CVSSv2
CVE-2021-38926
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 could allow a local user to gain privileges due to allowing modification of columns of existing tasks. IBM X-Force ID: 210321.
Ibm Db2 11.1
Ibm Db2 9.7
Ibm Db2 10.5
Ibm Db2 11.5
Ibm Db2 10.1
Netapp Oncommand Insight -
5.5
CVSSv2
CVE-2021-29678
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 could allow a user with DBADM authority to access other databases and read or modify files. IBM X-Force ID: 199914.
Ibm Db2 9.7
Ibm Db2 10.1
Ibm Db2 10.5
Ibm Db2 11.1
Ibm Db2 11.5
Netapp Oncommand Insight -
7.5
CVSSv2
CVE-2005-3643
IBM DB2 Database server running on Windows XP with Simple File Sharing enabled, allows remote malicious users to bypass authentication and log on to the guest account without supplying a password.
Ibm Db2 Universal Database 7.2
Ibm Db2 Universal Database 8.1.4
Ibm Db2 Universal Database 8.1.8a
Ibm Db2 Universal Database 8.1.9a
Ibm Db2 Universal Database 8.1.5
Ibm Db2 Universal Database 8.1.6
Ibm Db2 Universal Database 8.1.6c
Ibm Db2 Universal Database 8.1.7
Ibm Db2 Universal Database 8.1.7b
Ibm Db2 Universal Database 8.1
Ibm Db2 Universal Database 7.1
Ibm Db2 Universal Database 8.0
Ibm Db2 Universal Database 8.1.8
Ibm Db2 Universal Database 8.1.9
5
CVSSv2
CVE-2006-3066
Buffer overflow in the TCP/IP listener in IBM DB2 Universal Database (UDB) prior to 8.1 FixPak 12 allows remote malicious users to cause a denial of service (application crash) via a long MGRLVLLS message inside of an EXCSAT message when establishing a connection.
Ibm Db2 Universal Database 8.1.6
Ibm Db2 Universal Database 8.1.6c
Ibm Db2 Universal Database 8.1
Ibm Db2 Universal Database
Ibm Db2 Universal Database 8.1.4
Ibm Db2 Universal Database 8.1.5
Ibm Db2 Universal Database 8.1.9
Ibm Db2 Universal Database 8.1.9a
Ibm Db2 Universal Database 8.1.7
Ibm Db2 Universal Database 8.1.7b
Ibm Db2 Universal Database 8.0
Ibm Db2 Universal Database 8.1.8
Ibm Db2 Universal Database 8.1.8a
5
CVSSv2
CVE-2006-6638
IBM DB2 8.1 before FixPak 14 allows remote malicious users to cause a denial of service via a crafted SQLJRA packet, which causes a NULL pointer dereference in the sqle_db2ra_as_recvrequest function in DB2ENGN.DLL, a different issue than CVE-2006-4257.
Ibm Db2 Universal Database 8.10
Ibm Db2 Universal Database 8.12
Ibm Db2 Universal Database 8.1.6
Ibm Db2 Universal Database 8.1.6c
Ibm Db2 Universal Database 8.1.7
Ibm Db2 Universal Database 8.1.7b
Ibm Db2 Universal Database 8.1.8
Ibm Db2 Universal Database 8.1.5
Ibm Db2 Universal Database 8.1.9
Ibm Db2 Universal Database 8.1
Ibm Db2 Universal Database 8.1.4
Ibm Db2 Universal Database 8.1.8a
Ibm Db2 Universal Database 8.1.9a
6.8
CVSSv2
CVE-2005-4736
IBM DB2 Universal Database (UDB) 820 prior to 8.2 FP10 allows remote authenticated users to cause a denial of service (disk consumption) via a hash join (hsjn) that triggers an infinite loop in sqlri_hsjnFlushBlocks.
Ibm Db2 Universal Database 8.1.4
Ibm Db2 Universal Database 8.1.5
Ibm Db2 Universal Database 8.1.6
Ibm Db2 Universal Database 8.1.6c
Ibm Db2 Universal Database 8.1.9
Ibm Db2 Universal Database 8.1.9a
Ibm Db2 Universal Database 8.1
Ibm Db2 Universal Database 8.1.7b
Ibm Db2 Universal Database 8.1.8a
Ibm Db2 Universal Database 8.0
Ibm Db2 Universal Database 8.1.7
Ibm Db2 Universal Database 8.1.8
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27842
CVE-2024-30657
CVE-2024-4534
hardcoded
SSRF
CVE-2024-21683
CVE-2024-5364
file upload
CVE-2024-5371
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »