VYPR

Db2 for Windows

by IBM

CVEs (3)

  • CVE-2023-47145HigJan 7, 2024
    risk 0.55cvss 8.4epss 0.00

    IBM Db2 for Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 could allow a local user to escalate their privileges to the SYSTEM user using the MSI repair functionality. IBM X-Force ID: 270402.

  • CVE-2023-27558HigJul 10, 2023
    risk 0.55cvss 8.4epss 0.00

    IBM Db2 on Windows 10.5, 11.1, and 11.5 may be vulnerable to a privilege escalation caused by at least one installed service using an unquoted service path. A local attacker could exploit this vulnerability to gain elevated privileges by inserting an executable file in the…

  • CVE-2025-36384Jan 30, 2026
    risk 0.00cvss epss 0.00

    IBM Db2 for Windows 12.1.0 - 12.1.3 could allow a local user with filesystem access to escalate their privileges due to the use of an unquoted search path element.