Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
db2 vulnerabilities and exploits
(subscribe to this query)
392
VMScore
CVE-2019-4588
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 could allow a local user to execute arbitrary code and conduct DLL hijacking attacks.
Ibm Db2 10.1
Ibm Db2 11.1
Ibm Db2 9.7
Ibm Db2 10.5
Ibm Db2 11.5
356
VMScore
CVE-2021-29777
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5, under specific circumstance of a table being dropped while being accessed in another session, could allow an authenticated user to cause a denial of srevice IBM X-Force ID: 203031.
Ibm Db2 9.7
Ibm Db2 10.1
Ibm Db2 10.5
Ibm Db2 11.1
Ibm Db2 11.5
356
VMScore
CVE-2014-8901
IBM DB2 9.5 through FP10, 9.7 through FP10, 9.8 through FP5, 10.1 through FP4, and 10.5 before FP5 allows remote authenticated users to cause a denial of service (CPU consumption) via a crafted XML query.
Ibm Db2 9.8
Ibm Db2 10.1
Ibm Db2 10.5
Ibm Db2 9.5
Ibm Db2 9.7
641
VMScore
CVE-2013-3475
Stack-based buffer overflow in db2aud in the Audit Facility in IBM DB2 and DB2 Connect 9.1, 9.5, 9.7, 9.8, and 10.1, as used in Smart Analytics System 7600 and other products, allows local users to gain privileges via unspecified vectors.
Ibm Db2 Connect 9.1
Ibm Db2 Connect 9.5
Ibm Db2 9.1
Ibm Db2 Connect 9.7
Ibm Db2 Connect 9.8
Ibm Db2 9.5
Ibm Db2 9.7
Ibm Db2 Connect 10.1
Ibm Db2 9.8
Ibm Db2 10.1
Ibm Smart Analytics System 7600 -
NA
CVE-2022-41296
IBM Db2U 3.5, 4.0, and 4.5 is vulnerable to cross-site request forgery which could allow an malicious user to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 237210.
Ibm Db2 3.5
Ibm Db2 4.5
Ibm Db2 4.0
Ibm Db2 Warehouse 3.5
Ibm Db2 Warehouse 4.5
Ibm Db2 Warehouse 4.0
668
VMScore
CVE-2011-0731
Buffer overflow in the DB2 Administration Server (DAS) component in IBM DB2 9.1 before FP10, 9.5 before FP7, and 9.7 before FP3 on Linux, UNIX, and Windows allows remote malicious users to execute arbitrary code via unspecified vectors.
Ibm Db2 9.1
Ibm Db2
Ibm Db2 9.5
Ibm Db2 9.7
578
VMScore
CVE-2011-0757
IBM DB2 9.1 before FP10, 9.5 before FP6a, and 9.7 before FP2 on Linux, UNIX, and Windows does not properly revoke the DBADM authority, which allows remote authenticated users to execute non-DDL statements by leveraging previous possession of this authority.
Ibm Db2 9.1
Ibm Db2
Ibm Db2 9.5
Ibm Db2 9.7
890
VMScore
CVE-2008-4692
The Native Managed Provider for .NET component in IBM DB2 8 before FP17, 9.1 before FP6, and 9.5 before FP2, when a definer cannot maintain objects, preserves views and triggers without marking them inoperative or dropping them, which has unknown impact and attack vectors.
Ibm Db2
Ibm Db2 9.1
Ibm Db2 8.0
Ibm Db2 9.5
134
VMScore
CVE-2011-1373
Unspecified vulnerability in IBM DB2 9.7 before FP5 on UNIX, when the Self Tuning Memory Manager (STMM) feature and the AUTOMATIC DATABASE_MEMORY setting are configured, allows local users to cause a denial of service (daemon crash) via unknown vectors.
Ibm Db2 9.7.0.1
Ibm Db2
Ibm Db2 9.7.0.3
Ibm Db2 9.7.0.2
356
VMScore
CVE-2016-0215
IBM DB2 9.7, 10.1 before FP6, and 10.5 before FP8 on AIX, Linux, HP, Solaris and Windows allow remote authenticated users to cause a denial of service (daemon crash) via a SELECT statement with a subquery containing the AVG OLAP function on an Oracle compatible database.
Ibm Db2 10.5
Ibm Db2 10.1
Ibm Db2 9.7
Ibm Db2 9.8
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »