VYPR

Db2 for Linux

by IBM

CVEs (5)

  • CVE-2020-4945HigJun 24, 2021
    risk 0.53cvss 8.1epss 0.01

    IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 could allow an authenticated user to overwrite arbirary files due to improper group permissions. IBM X-Force ID: 191945.

  • CVE-2025-33092HigJul 29, 2025
    risk 0.51cvss 7.8epss 0.00

    IBM Db2 for Linux 12.1.0, 12.1.1, and 12.1.2 is vulnerable to a stack-based buffer overflow in db2fm, caused by improper bounds checking. A local user could overflow the buffer and execute arbitrary code on the system.

  • CVE-2025-33114MedJul 29, 2025
    risk 0.34cvss 5.3epss 0.00

    IBM Db2 for Linux 12.1.0, 12.1.1, and 12.1.2 is vulnerable to denial of service with a specially crafted query under certain non-default conditions.

  • CVE-2025-2533MedJul 29, 2025
    risk 0.34cvss 5.3epss 0.00

    IBM Db2 for Linux 12.1.0, 12.1.1, and 12.1.2 is vulnerable to a denial of service as the server may crash under certain conditions with a specially crafted query.

  • CVE-2020-4885MedJun 24, 2021
    risk 0.31cvss 4.7epss 0.00

    IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 could allow a local user to access and change the configuration of Db2 due to a race condition of a symbolic link,. IBM X-Force ID: 190909.