Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
db2 vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2018-1452
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 contains a vulnerability that could allow a local user to overwrite arbitrary files owned by the DB2 instance owner. IBM X-Force ID: 140047.
Ibm Db2 10.5
Ibm Db2 11.1
Ibm Db2 10.1
Ibm Db2 9.7
5.5
CVSSv3
CVE-2018-1685
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 contains a vulnerability in db2cacpy that could allow a local user to read any file on the system. IBM X-Force ID: 145502.
Ibm Db2 9.7
Ibm Db2 10.1
Ibm Db2 10.5
Ibm Db2 11.1
7.8
CVSSv3
CVE-2018-1711
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 could allow a local user to to gain privileges due to allowing modification of columns of existing tasks. IBM X-Force ID: 146369.
Ibm Db2 9.7
Ibm Db2 10.1
Ibm Db2 10.5
Ibm Db2 11.1
5.5
CVSSv3
CVE-2017-1571
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 uses weaker than expected cryptographic algorithms that could allow an malicious user to decrypt highly sensitive information. IBM X-Force ID: 131853.
Ibm Db2 11.1
Ibm Db2 10.5
Ibm Db2 10.1
Ibm Db2 9.7
7.8
CVSSv3
CVE-2017-1677
IBM Data Server Driver for JDBC and SQLJ (IBM DB2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, and 11.1) deserializes the contents of /tmp/connlicj.bin which leads to object injection and potentially arbitrary code execution depending on the classpath. IBM X-Force ID: 133999.
Ibm Db2 9.7
Ibm Db2 10.5
Ibm Db2 10.1
Ibm Db2 11.1
NA
CVE-2014-6159
IBM DB2 9.7 before FP10, 9.8 through FP5, 10.1 through FT4, and 10.5 through FP4 on Linux, UNIX, and Windows, when immediate AUTO_REVAL is enabled, allows remote authenticated users to cause a denial of service (daemon crash) via a crafted ALTER TABLE statement.
Ibm Db2 9.8
Ibm Db2 10.1
Ibm Db2 9.7
Ibm Db2 10.5
7.8
CVSSv3
CVE-2018-1780
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 could allow a local db2 instance owner to obtain root access by exploiting a symbolic link attack to read/write/corrupt a file that they originally did not have permission to access. IBM X...
Ibm Db2 10.1
Ibm Db2 11.1
Ibm Db2 9.7
Ibm Db2 10.5
7.8
CVSSv3
CVE-2018-1781
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 could allow a local user to obtain root access by exploiting a symbolic link attack to read/write/corrupt a file that they originally did not have permission to access. IBM X-Force ID: 148...
Ibm Db2 10.1
Ibm Db2 10.5
Ibm Db2 11.1
Ibm Db2 9.7
NA
CVE-2015-1922
The Data Movement implementation in IBM DB2 9.7 through FP10, 9.8 through FP5, 10.1 before FP5, and 10.5 through FP5 on Linux, UNIX, and Windows allows remote authenticated users to bypass intended access restrictions and delete table rows via unspecified vectors.
Ibm Db2 9.7
Ibm Db2 9.8
Ibm Db2 10.1
Ibm Db2 10.5
NA
CVE-2014-4805
IBM DB2 10.5 before FP4 on Linux and AIX creates temporary files during CDE table LOAD operations, which allows local users to obtain sensitive information by reading a file while a LOAD is occurring.
Ibm Db2 10.5
Ibm Db2 10.5.0.1
Ibm Db2 10.5.0.2
Ibm Db2 10.5.0.3
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-33545
CVE-2024-35725
CVE-2024-32704
overflow
file upload
CVE-2024-0230
CVE-2024-32705
CVE-2024-23692
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »