Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:a:ibm:db2:10.5:*:*:*:*:*:*:*
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2023-47141 |
IIBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 could allow an authenticated user with CONNECT privileges to cause a denial of service using a specially crafted query. IBM X-Force ID: 270264. Published: January 22, 2024; 4:15:09 PM -0500 |
V3.1: 6.5 MEDIUM V2.0:(not available) |
CVE-2023-47152 |
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 is vulnerable to an insecure cryptographic algorithm and to information disclosure in stack trace under exceptional conditions. IBM X-Force ID: 270730. Published: January 22, 2024; 3:15:46 PM -0500 |
V3.1: 7.5 HIGH V2.0:(not available) |
CVE-2023-50308 |
IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.5 under certain circumstances could allow an authenticated user to the database to cause a denial of service when a statement is run on columnar tables. IBM X-Force ID: 273393. Published: January 22, 2024; 2:15:09 PM -0500 |
V3.1: 6.5 MEDIUM V2.0:(not available) |
CVE-2023-45193 |
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 federated server is vulnerable to a denial of service when a specially crafted cursor is used. IBM X-Force ID: 268759. Published: January 22, 2024; 2:15:08 PM -0500 |
V3.1: 7.5 HIGH V2.0:(not available) |
CVE-2023-47145 |
IBM Db2 for Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 could allow a local user to escalate their privileges to the SYSTEM user using the MSI repair functionality. IBM X-Force ID: 270402. Published: January 07, 2024; 2:15:08 PM -0500 |
V3.1: 7.8 HIGH V2.0:(not available) |
CVE-2023-40687 |
IBM DB2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted RUNSTATS command on an 8TB table. IBM X-Force ID: 264809. Published: December 03, 2023; 9:15:07 PM -0500 |
V3.1: 7.5 HIGH V2.0:(not available) |
CVE-2023-38003 |
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 could allow a user with DATAACCESS privileges to execute routines that they should not have access to. IBM X-Force ID: 260214. Published: December 03, 2023; 8:15:08 PM -0500 |
V3.1: 7.2 HIGH V2.0:(not available) |
CVE-2023-40692 |
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, 11.5 is vulnerable to denial of service under extreme stress conditions. IBM X-Force ID: 264807. Published: December 03, 2023; 7:15:07 PM -0500 |
V3.1: 7.5 HIGH V2.0:(not available) |
CVE-2023-40373 |
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) is vulnerable to denial of service with a specially crafted query containing common table expressions. IBM X-Force ID: 263574. Published: October 16, 2023; 8:15:10 PM -0400 |
V3.1: 7.5 HIGH V2.0:(not available) |
CVE-2023-38728 |
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted XML query statement. IBM X-Force ID: 262258. Published: October 16, 2023; 6:15:11 PM -0400 |
V3.1: 7.5 HIGH V2.0:(not available) |
CVE-2023-30987 |
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted query on certain databases. IBM X-Force ID: 253440. Published: October 16, 2023; 5:15:10 PM -0400 |
V3.1: 7.5 HIGH V2.0:(not available) |
CVE-2023-26022 |
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) is vulnerable to a denial of service as the server may crash when an Out of Memory occurs using the DBMS_OUTPUT module. IBM X-Force ID: 247868. Published: April 28, 2023; 3:15:16 PM -0400 |
V3.1: 7.5 HIGH V2.0:(not available) |
CVE-2023-27555 |
IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.5 is vulnerable to a denial of service when attempting to use ACR client affinity for unfenced DRDA federation wrappers. IBM X-Force ID: 249187. Published: April 28, 2023; 2:15:26 PM -0400 |
V3.1: 7.5 HIGH V2.0:(not available) |
CVE-2023-25930 |
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.1, 11.1, and 11.5 is vulnerable to a denial of service. Under rare conditions, setting a special register may cause the Db2 server to terminate abnormally. IBM X-Force ID: 247862. Published: April 28, 2023; 2:15:26 PM -0400 |
V3.1: 5.9 MEDIUM V2.0:(not available) |
CVE-2023-29255 |
IBM DB2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to a denial of service as it may trap when compiling a variation of an anonymous block. IBM X-Force ID: 251991. Published: April 27, 2023; 9:15:09 AM -0400 |
V3.1: 7.5 HIGH V2.0:(not available) |
CVE-2023-27559 |
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to a denial of service as the server may crash when using a specially crafted subquery. IBM X-Force ID: 249196. Published: April 26, 2023; 4:15:09 PM -0400 |
V3.1: 7.5 HIGH V2.0:(not available) |
CVE-2023-29257 |
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to remote code execution as a database administrator of one database may execute code or read/write files from another database within the same instance. IBM X-Force ID: 252011. Published: April 26, 2023; 9:15:08 AM -0400 |
V3.1: 7.2 HIGH V2.0:(not available) |
CVE-2022-43930 |
IBM Db2 for Linux, UNIX and Windows 10.5, 11.1, and 11.5 is vulnerable to an Information Disclosure as sensitive information may be included in a log file. IBM X-Force ID: 241677. Published: February 17, 2023; 1:15:11 PM -0500 |
V3.1: 7.5 HIGH V2.0:(not available) |
CVE-2022-43927 |
IBM Db2 for Linux, UNIX and Windows 10.5, 11.1, and 11.5 is vulnerable to information Disclosure due to improper privilege management when a specially crafted table access is used. IBM X-Force ID: 241671. Published: February 17, 2023; 12:15:11 PM -0500 |
V3.1: 7.5 HIGH V2.0:(not available) |
CVE-2022-35637 |
IBM Db2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, 11.1, and 11.5 is vulnerable to a denial of service after entering a malformed SQL statement into the Db2expln tool. IBM X-Force ID: 230823. Published: September 13, 2022; 5:15:09 PM -0400 |
V3.1: 6.5 MEDIUM V2.0:(not available) |