Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
db2 universal database vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2007-4273
IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 allows local users to create arbitrary directories and execute arbitrary code via a "crafted localized message file" that enables a format string attack, possibly involving the (1) OSSEMEMDBG or (2) TRC_LOG_FILE env...
Ibm Db2 Universal Database
NA
CVE-2007-4417
IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 does not properly revoke privileges on methods, which allows remote authenticated users to execute a method after revocation until the routine auth cache is flushed.
Ibm Db2 Universal Database
NA
CVE-2003-0837
Stack-based buffer overflow in IBM DB2 Universal Data Base 7.2 for Windows, before Fixpak 10a, allows attackers with "Connect" privileges to execute arbitrary code via the INVOKE command.
Ibm Db2 Universal Database 7.2
NA
CVE-2001-1143
IBM DB2 7.0 allows a remote malicious user to cause a denial of service (crash) via a single byte to (1) db2ccs.exe on port 6790, or (2) db2jds.exe on port 6789.
Ibm Db2 Universal Database 7.0
NA
CVE-2006-3068
IBM DB2 Universal Database (UDB) prior to 8.2 FixPak 12 allows remote malicious users to cause a denial of service (application crash) by sending "incorrect information ... regarding the package name/creator," which leads to a "memory overwrite."
Ibm Db2 Universal Database 8.1
NA
CVE-2008-3853
Buffer overflow in the DAS server program in the Core DAS function component in IBM DB2 9.1 before FP4a and 9.5 before FP1 allows remote malicious users to execute arbitrary code or cause a denial of service (daemon crash) via unspecified vectors. NOTE: this might be related to C...
Ibm Db2 Universal Database 9.1
NA
CVE-2008-3858
The Downlevel DB2RA Support component in IBM DB2 9.1 before Fixpak 4a allows remote malicious users to cause a denial of service (instance crash) via a crafted CONNECT data stream that simulates a V7 client connect request.
Ibm Db2 Universal Database 9.1
NA
CVE-2008-3855
Unspecified vulnerability in the DB2 Administration Server (DAS) in the Core DAS function component in IBM DB2 9.1 before Fixpak 5 allows local users to gain privileges, aka a "FILE CREATION VULNERABILITY." NOTE: this may be the same as CVE-2007-5664.
Ibm Db2 Universal Database 9.1
NA
CVE-2008-3857
The Base Service Utilities component in IBM DB2 9.1 before Fixpak 5 retains a cleartext password in memory after the database connection that sent the password is fully established, which might allow local users to obtain sensitive information by reading a memory dump.
Ibm Db2 Universal Database 9.1
NA
CVE-2001-0051
IBM DB2 Universal Database version 6.1 creates an account with a default user name and password, which allows remote malicious users to gain access to the database.
Ibm Db2 Universal Database 6.1
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »