Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ibm db2 9.5 vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv2
CVE-2011-1846
IBM DB2 9.5 before FP7 and 9.7 before FP4 on Linux, UNIX, and Windows does not properly revoke role membership from groups, which allows remote authenticated users to execute non-DDL statements by leveraging previous inherited possession of a role, a different vulnerability than ...
Ibm Db2 9.5
Ibm Db2
Ibm Db2 9.7
4.9
CVSSv2
CVE-2011-1847
IBM DB2 9.5 before FP7 and 9.7 before FP4 on Linux, UNIX, and Windows does not properly enforce privilege requirements for table access, which allows remote authenticated users to modify SYSSTAT.TABLES statistics columns via an UPDATE statement. NOTE: some of these details are ob...
Ibm Db2 9.5
Ibm Db2
Ibm Db2 9.7
5
CVSSv2
CVE-2008-4693
The SORT/LIST SERVICES component in IBM DB2 9.1 before FP6 and 9.5 before FP2 writes sensitive information to the trace output, which allows malicious users to obtain sensitive information by reading "PASSWORD-RELATED CONNECTION STRING KEYWORD VALUES."
Ibm Db2 9.1
Ibm Db2
Ibm Db2 9.5
6.5
CVSSv2
CVE-2011-0757
IBM DB2 9.1 before FP10, 9.5 before FP6a, and 9.7 before FP2 on Linux, UNIX, and Windows does not properly revoke the DBADM authority, which allows remote authenticated users to execute non-DDL statements by leveraging previous possession of this authority.
Ibm Db2 9.1
Ibm Db2
Ibm Db2 9.5
Ibm Db2 9.7
10
CVSSv2
CVE-2008-4692
The Native Managed Provider for .NET component in IBM DB2 8 before FP17, 9.1 before FP6, and 9.5 before FP2, when a definer cannot maintain objects, preserves views and triggers without marking them inoperative or dropping them, which has unknown impact and attack vectors.
Ibm Db2
Ibm Db2 9.1
Ibm Db2 8.0
Ibm Db2 9.5
7.5
CVSSv2
CVE-2011-0731
Buffer overflow in the DB2 Administration Server (DAS) component in IBM DB2 9.1 before FP10, 9.5 before FP7, and 9.7 before FP3 on Linux, UNIX, and Windows allows remote malicious users to execute arbitrary code via unspecified vectors.
Ibm Db2 9.1
Ibm Db2
Ibm Db2 9.5
Ibm Db2 9.7
4
CVSSv2
CVE-2008-1966
Multiple buffer overflows in the JAR file administration routines in the BSU JAVA subcomponent in IBM DB2 8 before FP16, 9.1 before FP4a, and 9.5 before FP1 allow remote authenticated users to cause a denial of service (instance crash) via a call to the (1) RECOVERJAR or (2) REMO...
Ibm Db2 8.0
Ibm Db2 9.5
Ibm Db2 9.1
9
CVSSv2
CVE-2008-1997
Unspecified vulnerability in the ADMIN_SP_C2 procedure in IBM DB2 8 before FP16, 9.1 before FP4a, and 9.5 before FP1 allows remote authenticated users to execute arbitrary code via unknown vectors. NOTE: the ADMIN_SP_C issue is already covered by CVE-2008-0699.
Ibm Db2 9.1
Ibm Db2 9.5
Ibm Db2 8.0
5
CVSSv2
CVE-2009-4332
db2pd in the Problem Determination component in IBM DB2 9.1 before FP7 and 9.5 before FP5 allows malicious users to cause a denial of service (NULL pointer dereference and application termination) via unspecified vectors.
Ibm Db2 9.5
Ibm Db2 9.1
Ibm Db2 9.7
4.6
CVSSv2
CVE-2009-4334
The Self Tuning Memory Manager (STMM) component in IBM DB2 9.1 before FP8, 9.5 before FP5, and 9.7 before FP1 uses 0666 permissions for the STMM log file, which allows local users to cause a denial of service or have unspecified other impact by writing to this file.
Ibm Db2 9.5
Ibm Db2 9.7
Ibm Db2 9.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5274
CVE-2024-35388
CVE-2024-35396
elevation of privilege
CVE-2021-47544
file upload
CVE-2021-47545
memory leak
CVE-2024-4956
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »