Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
db2 vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2021-20373
IBM Db2 9.7, 10.1, 10.5, 11.1, and 11.5 may be vulnerable to an Information Disclosure when using the LOAD utility as under certain circumstances the LOAD utility does not enforce directory restrictions. IBM X-Force ID: 199521.
Ibm Db2 9.7
Ibm Db2 10.1
Ibm Db2 10.5
Ibm Db2 11.1
Ibm Db2 11.5
312
VMScore
CVE-2021-20579
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 could allow a user who can create a view or inline SQL function to obtain sensitive information when AUTO_REVAL is set to DEFFERED_FORCE. IBM X-Force ID: 199283.
Ibm Db2 10.1
Ibm Db2 11.1
Ibm Db2 9.7
Ibm Db2 10.5
Ibm Db2 11.5
641
VMScore
CVE-2020-4363
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 is vulnerable to a buffer overflow, caused by improper bounds checking which could allow a local malicious user to execute arbitrary code on the system with root privileges. IBM X-Fo...
Ibm Db2 9.7.0.0
Ibm Db2 10.1.0.0
Ibm Db2 10.5.0.0
Ibm Db2 11.1.0.0
Ibm Db2 11.5.0.0
641
VMScore
CVE-2013-3475
Stack-based buffer overflow in db2aud in the Audit Facility in IBM DB2 and DB2 Connect 9.1, 9.5, 9.7, 9.8, and 10.1, as used in Smart Analytics System 7600 and other products, allows local users to gain privileges via unspecified vectors.
Ibm Db2 Connect 9.1
Ibm Db2 Connect 9.5
Ibm Db2 9.1
Ibm Db2 Connect 9.7
Ibm Db2 Connect 9.8
Ibm Db2 9.5
Ibm Db2 9.7
Ibm Db2 Connect 10.1
Ibm Db2 9.8
Ibm Db2 10.1
Ibm Smart Analytics System 7600 -
NA
CVE-2022-41296
IBM Db2U 3.5, 4.0, and 4.5 is vulnerable to cross-site request forgery which could allow an malicious user to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 237210.
Ibm Db2 3.5
Ibm Db2 4.5
Ibm Db2 4.0
Ibm Db2 Warehouse 3.5
Ibm Db2 Warehouse 4.5
Ibm Db2 Warehouse 4.0
890
VMScore
CVE-2008-4692
The Native Managed Provider for .NET component in IBM DB2 8 before FP17, 9.1 before FP6, and 9.5 before FP2, when a definer cannot maintain objects, preserves views and triggers without marking them inoperative or dropping them, which has unknown impact and attack vectors.
Ibm Db2
Ibm Db2 9.1
Ibm Db2 8.0
Ibm Db2 9.5
578
VMScore
CVE-2011-0757
IBM DB2 9.1 before FP10, 9.5 before FP6a, and 9.7 before FP2 on Linux, UNIX, and Windows does not properly revoke the DBADM authority, which allows remote authenticated users to execute non-DDL statements by leveraging previous possession of this authority.
Ibm Db2 9.1
Ibm Db2
Ibm Db2 9.5
Ibm Db2 9.7
134
VMScore
CVE-2011-1373
Unspecified vulnerability in IBM DB2 9.7 before FP5 on UNIX, when the Self Tuning Memory Manager (STMM) feature and the AUTOMATIC DATABASE_MEMORY setting are configured, allows local users to cause a denial of service (daemon crash) via unknown vectors.
Ibm Db2 9.7.0.1
Ibm Db2
Ibm Db2 9.7.0.3
Ibm Db2 9.7.0.2
668
VMScore
CVE-2011-0731
Buffer overflow in the DB2 Administration Server (DAS) component in IBM DB2 9.1 before FP10, 9.5 before FP7, and 9.7 before FP3 on Linux, UNIX, and Windows allows remote malicious users to execute arbitrary code via unspecified vectors.
Ibm Db2 9.1
Ibm Db2
Ibm Db2 9.5
Ibm Db2 9.7
409
VMScore
CVE-2018-1487
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5 and 11.1 binaries load shared libraries from an untrusted path potentially giving low privilege users full access to the DB2 instance account by loading a malicious shared library. IBM X-Force ID: 1...
Ibm Db2 9.7
Ibm Db2 10.1
Ibm Db2 10.5
Ibm Db2 11.1
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »