Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ibm db2 9.8 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2013-5466
The XSLT library in IBM DB2 and DB2 Connect 9.5 up to and including 10.5, and the DB2 pureScale Feature 9.8 for Enterprise Server Edition, allows remote authenticated users to cause a denial of service via unspecified vectors.
Ibm Db2 Connect 10.1
Ibm Db2 Connect 10.5
Ibm Db2 9.5
Ibm Db2 Connect 9.7
Ibm Db2 Connect 9.8
Ibm Db2 Connect 9.5
Ibm Db2 10.1
Ibm Db2 10.5
Ibm Db2 Purescale Feature 9.8 -
Ibm Db2 9.8
Ibm Db2 9.7
NA
CVE-2013-4033
IBM DB2 and DB2 Connect 9.7 through FP8, 9.8 through FP5, 10.1 through FP2, and 10.5 through FP1 allow remote authenticated users to execute DML statements by leveraging EXPLAIN authority.
Ibm Db2 10.5
Ibm Db2 10.1
Ibm Db2 Connect 10.1
Ibm Db2 Connect 9.5
Ibm Db2 9.8
Ibm Db2 9.7
Ibm Db2 Connect 10.5
Ibm Db2 Connect 9.7
Ibm Db2 Connect 9.8
NA
CVE-2012-0709
IBM DB2 9.5 before FP9, 9.7 through FP5, and 9.8 through FP4 does not properly check variables, which allows remote authenticated users to bypass intended restrictions on viewing table data by leveraging the CREATEIN privilege to execute crafted SQL CREATE VARIABLE statements.
Ibm Db2 9.5
Ibm Db2 9.7
Ibm Db2 9.8
NA
CVE-2012-0712
The XML feature in IBM DB2 9.5 before FP9, 9.7 through FP5, and 9.8 through FP4 allows remote authenticated users to cause a denial of service (infinite loop) by calling the XMLPARSE function with a crafted string expression.
Ibm Db2 9.5
Ibm Db2 9.7
Ibm Db2 9.8
NA
CVE-2014-6097
IBM DB2 9.7 before FP10 and 9.8 through FP5 on Linux, UNIX, and Windows allows remote authenticated users to cause a denial of service (daemon crash) via a crafted ALTER TABLE statement.
Ibm Db2 9.8
Ibm Db2 9.7
NA
CVE-2014-8910
IBM DB2 9.7 through FP10, 9.8 through FP5, 10.1 before FP5, and 10.5 through FP5 on Linux, UNIX, and Windows allows remote authenticated users to read arbitrary text files via a crafted XML/XSLT function in a SELECT statement.
Ibm Db2 9.7
Ibm Db2 9.8
Ibm Db2 10.1
Ibm Db2 10.5
NA
CVE-2014-6159
IBM DB2 9.7 before FP10, 9.8 through FP5, 10.1 through FT4, and 10.5 through FP4 on Linux, UNIX, and Windows, when immediate AUTO_REVAL is enabled, allows remote authenticated users to cause a denial of service (daemon crash) via a crafted ALTER TABLE statement.
Ibm Db2 9.8
Ibm Db2 10.1
Ibm Db2 9.7
Ibm Db2 10.5
NA
CVE-2012-0710
IBM DB2 9.1 before FP11, 9.5 before FP9, 9.7 before FP5, and 9.8 before FP4 allows remote malicious users to cause a denial of service (daemon crash) via a crafted Distributed Relational Database Architecture (DRDA) request.
Ibm Db2 9.5
Ibm Db2 9.7
Ibm Db2 9.1
Ibm Db2 9.8
NA
CVE-2015-0157
IBM DB2 9.7 through FP10, 9.8 through FP5, 10.1 before FP5, and 10.5 through FP5 on Linux, UNIX, and Windows allows remote authenticated users to cause a denial of service (daemon crash) by leveraging an unspecified scalar function in a SQL statement.
Ibm Db2 9.7
Ibm Db2 9.8
Ibm Db2 10.1
Ibm Db2 10.5
6.5
CVSSv3
CVE-2016-0215
IBM DB2 9.7, 10.1 before FP6, and 10.5 before FP8 on AIX, Linux, HP, Solaris and Windows allow remote authenticated users to cause a denial of service (daemon crash) via a SELECT statement with a subquery containing the AVG OLAP function on an Oracle compatible database.
Ibm Db2 10.5
Ibm Db2 10.1
Ibm Db2 9.7
Ibm Db2 9.8
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
IMAP
CVE-2024-4367
server-side request forgery
information disclosure
CVE-2024-34342
CVE-2024-4281
CVE-2024-3507
CVE-2024-25560
CVE-2024-34574
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »