Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ibm db2 universal database vulnerabilities and exploits
(subscribe to this query)
4.6
CVSSv2
CVE-2008-3857
The Base Service Utilities component in IBM DB2 9.1 before Fixpak 5 retains a cleartext password in memory after the database connection that sent the password is fully established, which might allow local users to obtain sensitive information by reading a memory dump.
Ibm Db2 Universal Database 9.1
4.6
CVSSv2
CVE-2007-4273
IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 allows local users to create arbitrary directories and execute arbitrary code via a "crafted localized message file" that enables a format string attack, possibly involving the (1) OSSEMEMDBG or (2) TRC_LOG_FILE env...
Ibm Db2 Universal Database
4.6
CVSSv2
CVE-2003-1049
IBM DB2 Universal Database 7 before FixPak 12 creates certain DMS directories with insecure permissions (777), which allows local users to modify or delete certain DB2 files.
Ibm Db2 Universal Database 7.0
Ibm Db2 Universal Database 8.0
4.6
CVSSv2
CVE-2003-0898
IBM DB2 7.2 before FixPak 10a, and previous versions versions including 7.1, allows local users to overwrite arbitrary files and gain privileges via a symlink attack on (1) db2job and (2) db2job2.
Ibm Db2 Universal Database
Ibm Db2 Universal Database 7.1
1 EDB exploit
4.3
CVSSv2
CVE-2008-3858
The Downlevel DB2RA Support component in IBM DB2 9.1 before Fixpak 4a allows remote malicious users to cause a denial of service (instance crash) via a crafted CONNECT data stream that simulates a V7 client connect request.
Ibm Db2 Universal Database 9.1
4
CVSSv2
CVE-2006-4257
IBM DB2 Universal Database (UDB) prior to 8.1 FixPak 13 allows remote authenticated users to cause a denial of service (crash) by (1) sending the first ACCSEC command without an RDBNAM parameter during the CONNECT process, or (2) sending crafted SQLJRA packet, which results in a ...
Ibm Db2 8.1.4
Ibm Db2 8.1.6
Ibm Db2 8.1.7
Ibm Db2 8.1.7b
Ibm Db2 8.1.8a
Ibm Db2 8.1.9a
Ibm Db2 8.1
Ibm Db2 8.0
Ibm Db2 8.1.5
Ibm Db2 8.1.6c
Ibm Db2 8.1.8
Ibm Db2 8.1.9
Ibm Db2 8.12
Ibm Db2 8.2
Ibm Db2 8.10
4
CVSSv2
CVE-2005-4740
IBM DB2 Universal Database (UDB) 810 before version 8 FixPak 10 allows remote authenticated users to cause a denial of service (db2jd service crash) by "connecting from a downlevel client."
2.1
CVSSv2
CVE-2007-4271
Directory traversal vulnerability in IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 allows local users to create arbitrary files via a .. (dot dot) in an unspecified environment variable, which is appended to "/tmp/" and used as a log file. NOTE: this issue migh...
Ibm Db2 Universal Database
2.1
CVSSv2
CVE-2005-4868
Shared memory sections and events in IBM DB2 8.1 have default permissions of read and write for the Everyone group, which allows local users to gain unauthorized access, gain sensitive information, such as cleartext passwords, and cause a denial of service.
Ibm Db2 Universal Database 7.1
Ibm Db2 Universal Database 7.2
Ibm Db2 Universal Database 8.0
Ibm Db2 Universal Database 8.1
1 EDB exploit
2.1
CVSSv2
CVE-2001-0052
IBM DB2 Universal Database version 6.1 allows users to cause a denial of service via a malformed query.
Ibm Db2 Universal Database 6.1
Ibm Db2 Universal Database 7.1
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »