VYPR

Db2 for Linux, UNIX and Windows

by IBM

CVEs (134)

  • CVE-2022-22389MedJun 24, 2022
    risk 0.42cvss 6.5epss 0.01

    IBM Db2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, 11.1, and 11.5 is vulnerable to a denial of service as the server may terminate abnormally when executing specially crafted SQL statements by an authenticated user. IBM X-Force ID: 2219740.

  • CVE-2021-38931MedDec 9, 2021
    risk 0.42cvss 6.5epss 0.01

    IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.1, and 11.5 is vulnerable to an information disclosure as a result of a connected user having indirect read access to a table where they are not authorized to select from. IBM X-Force ID: 210418.

  • CVE-2021-29777MedJun 24, 2021
    risk 0.42cvss 6.5epss 0.01

    IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5, under specific circumstance of a table being dropped while being accessed in another session, could allow an authenticated user to cause a denial of srevice IBM X-Force ID: 203031.

  • CVE-2021-20579MedJun 24, 2021
    risk 0.42cvss 6.5epss 0.01

    IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 could allow a user who can create a view or inline SQL function to obtain sensitive information when AUTO_REVAL is set to DEFFERED_FORCE. IBM X-Force ID: 199283.

  • CVE-2020-4200MedFeb 19, 2020
    risk 0.42cvss 6.5epss 0.02

    IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 10.5, 11.1, and 11.5 could allow an authenticated attacker to send specially crafted commands to cause a denial of service. IBM X-Force ID: 174914.

  • CVE-2020-4161MedFeb 19, 2020
    risk 0.42cvss 6.5epss 0.01

    IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.5 could allow an authenticated attacker to cause a denial of service due to incorrect handling of certain commands. IBM X-Force ID: 174341.

  • CVE-2019-4386MedJul 1, 2019
    risk 0.42cvss 6.5epss 0.02

    IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.1 could allow an authenticated user to execute a function that would cause the server to crash. IBM X-Force ID: 162714.

  • CVE-2024-25030MedApr 3, 2024
    risk 0.40cvss 6.2epss 0.00

    IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.1 stores potentially sensitive information in log files that could be read by a local user. IBM X-Force ID: 281677.

  • CVE-2022-43930MedFeb 17, 2023
    risk 0.40cvss 6.2epss 0.00

    IBM Db2 for Linux, UNIX and Windows 10.5, 11.1, and 11.5 is vulnerable to an Information Disclosure as sensitive information may be included in a log file. IBM X-Force ID: 241677.

  • CVE-2018-1799MedNov 9, 2018
    risk 0.40cvss 6.2epss 0.00

    IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 could allow a local unprivileged user to overwrite files on the system which could cause damage to the database. IBM X-Force ID: 149429.

  • CVE-2018-1428MedMar 22, 2018
    risk 0.40cvss 6.2epss 0.00

    IBM GSKit (IBM DB2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, and 11.1) uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 139073.

  • CVE-2023-47152MedJan 22, 2024
    risk 0.38cvss 5.9epss 0.01

    IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 is vulnerable to an insecure cryptographic algorithm and to information disclosure in stack trace under exceptional conditions.

  • CVE-2023-45193MedJan 22, 2024
    risk 0.38cvss 5.9epss 0.01

    IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 federated server is vulnerable to a denial of service when a specially crafted cursor is used. IBM X-Force ID: 268759.

  • CVE-2023-40692MedDec 4, 2023
    risk 0.38cvss 5.9epss 0.01

    IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, 11.5 is vulnerable to denial of service under extreme stress conditions. IBM X-Force ID: 264807.

  • CVE-2023-30448MedJul 10, 2023
    risk 0.38cvss 5.9epss 0.01

    IBM DB2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted query on certain tables. IBM X-Force ID: 253437.

  • CVE-2023-30447MedJul 10, 2023
    risk 0.38cvss 5.9epss 0.01

    IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted query on certain tables. IBM X-Force ID: 253436.

  • CVE-2023-30446MedJul 10, 2023
    risk 0.38cvss 5.9epss 0.01

    IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted query on certain tables. IBM X-Force ID: 253361 .

  • CVE-2023-26022MedApr 28, 2023
    risk 0.38cvss 5.9epss 0.01

    IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) is vulnerable to a denial of service as the server may crash when an Out of Memory occurs using the DBMS_OUTPUT module. IBM X-Force ID: 247868.

  • CVE-2023-25930MedApr 28, 2023
    risk 0.38cvss 5.9epss 0.01

    IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.1, 11.1, and 11.5 is vulnerable to a denial of service. Under rare conditions, setting a special register may cause the Db2 server to terminate abnormally. IBM X-Force ID: 247862.

  • CVE-2019-4102MedJul 1, 2019
    risk 0.38cvss 5.9epss 0.01

    IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 158092.

Page 4 of 7