Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ibm db2 vulnerabilities and exploits
(subscribe to this query)
3.6
CVSSv2
CVE-2018-1449
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 contains a vulnerability that could allow a local user to overwrite arbitrary files owned by the DB2 instance owner. IBM X-Force ID: 140044.
Ibm Db2 9.7
Ibm Db2 10.1
Ibm Db2 10.5
Ibm Db2 11.1
3.6
CVSSv2
CVE-2018-1450
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 contains a vulnerability that could allow a local user to overwrite arbitrary files owned by the DB2 instance owner. IBM X-Force ID: 140045.
Ibm Db2 10.1
Ibm Db2 10.5
Ibm Db2 11.1
Ibm Db2 9.7
4.6
CVSSv2
CVE-2018-1487
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5 and 11.1 binaries load shared libraries from an untrusted path potentially giving low privilege users full access to the DB2 instance account by loading a malicious shared library. IBM X-Force ID: 1...
Ibm Db2 9.7
Ibm Db2 10.1
Ibm Db2 10.5
Ibm Db2 11.1
2.1
CVSSv2
CVE-2014-4805
IBM DB2 10.5 before FP4 on Linux and AIX creates temporary files during CDE table LOAD operations, which allows local users to obtain sensitive information by reading a file while a LOAD is occurring.
Ibm Db2 10.5
Ibm Db2 10.5.0.1
Ibm Db2 10.5.0.2
Ibm Db2 10.5.0.3
4.6
CVSSv2
CVE-2018-1897
IBM DB2 for Linux, UNIX and Windows 9.7, 10.1, 10.5., and 11.1 db2pdcfg is vulnerable to a stack based buffer overflow, caused by improper bounds checking which could allow an malicious user to execute arbitrary code. IBM X-Force ID: 152462.
Ibm Db2 9.7
Ibm Db2 10.5
Ibm Db2 10.1
Ibm Db2 11.1
1 Article
4.6
CVSSv2
CVE-2018-1923
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 is affected by buffer overflow vulnerability that can potentially result in arbitrary code execution. IBM X-Force ID: 152859.
Ibm Db2 9.7
Ibm Db2 10.5
Ibm Db2 10.1
Ibm Db2 11.1
4.6
CVSSv2
CVE-2018-1565
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 could allow a local user to overflow a buffer which may result in a privilege escalation to the DB2 instance owner. IBM X-Force ID: 143022.
Ibm Db2 10.5
Ibm Db2 11.1
Ibm Db2 10.1
Ibm Db2 9.7
3.6
CVSSv2
CVE-2018-1799
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 could allow a local unprivileged user to overwrite files on the system which could cause damage to the database. IBM X-Force ID: 149429.
Ibm Db2 9.7
Ibm Db2 10.1
Ibm Db2 10.5
Ibm Db2 11.1
5
CVSSv2
CVE-2021-39002
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 uses weaker than expected cryptographic algorithms that could allow an malicious user to decrypt highly sensitive information.
Ibm Db2 9.7
Ibm Db2 10.1
Ibm Db2 10.5
Ibm Db2 11.1
Ibm Db2 11.5
Netapp Oncommand Insight -
5
CVSSv2
CVE-2020-4135
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 could allow an unauthenticated user to send specially crafted packets to cause a denial of service from excessive memory usage.
Ibm Db2 9.7
Ibm Db2 10.1
Ibm Db2 10.5
Ibm Db2 11.1
Ibm Db2 11.5
Netapp Oncommand Insight -
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
CVE-2006-4304
CVE-2023-26603
CVE-2024-28327
CVE-2023-50363
CVE-2024-21905
template injection
CVE-2024-3400
cross-site request forgery
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »