Db2

db2

Vendor: Ibm • 326 CVEs

CVEs (326)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2024-31882 1Ibm 1Db2 Nov 4, 2025 Aug 14, 2024 N/A· v4 6.5 MEDIUM· v3 N/A· v2 IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.1 and 11.5 is vulnerable to a denial of service, under specific non default configurations, as the server may crash when using a specially crafted SQL...Show more IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.1 and 11.5 is vulnerable to a denial of service, under specific non default configurations, as the server may crash when using a specially crafted SQL statement by an authenticated user. IBM X-Force ID: 287614.Show less
CVE-2024-31881 1Ibm 1Db2 Nov 4, 2025 Jun 12, 2024 N/A· v4 6.5 MEDIUM· v3 N/A· v2 IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to a denial of service as the server may crash when using a specially crafted query on certain columnar tables by an au...Show more IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to a denial of service as the server may crash when using a specially crafted query on certain columnar tables by an authenticated user. IBM X-Force ID: 287613.Show less
CVE-2023-29267 1Ibm 1Db2 Nov 21, 2024 Jun 12, 2024 N/A· v4 6.5 MEDIUM· v3 N/A· v2 IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5is vulnerable to a denial of service, under specific configurations, as the server may crash when using a specially crafted SQL statem...Show more IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5is vulnerable to a denial of service, under specific configurations, as the server may crash when using a specially crafted SQL statement by an authenticated user. IBM X-Force ID: 287612.Show less
CVE-2024-28762 1Ibm 1Db2 Nov 4, 2025 Jun 12, 2024 N/A· v4 6.5 MEDIUM· v3 N/A· v2 IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted query under certain conditions. IBM X-Force ID: 285246.
CVE-2023-42005 1Ibm 2Db2 Db2 Warehouse Aug 18, 2025 May 29, 2024 N/A· v4 8.8 HIGH· v3 N/A· v2 IBM Db2 on Cloud Pak for Data and Db2 Warehouse on Cloud Pak for Data 3.5, 4.0, 4.5, 4.6, 4.7, and 4.8 could allow a user with access to the Kubernetes pod, to make system calls compromising the security of containers. I...Show more IBM Db2 on Cloud Pak for Data and Db2 Warehouse on Cloud Pak for Data 3.5, 4.0, 4.5, 4.6, 4.7, and 4.8 could allow a user with access to the Kubernetes pod, to make system calls compromising the security of containers. IBM X-Force ID: 265264.Show less
CVE-2024-27254 1Ibm 1Db2 Jan 31, 2025 Apr 3, 2024 N/A· v4 6.5 MEDIUM· v3 N/A· v2 IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) 10.5, 11.1, and 11.5 federated server is vulnerable to denial of service with a specially crafted query under certain conditions. IBM X-Force ID: 283813...Show more IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) 10.5, 11.1, and 11.5 federated server is vulnerable to denial of service with a specially crafted query under certain conditions. IBM X-Force ID: 283813.Show less
CVE-2024-25046 1Ibm 1Db2 Jan 31, 2025 Apr 3, 2024 N/A· v4 6.5 MEDIUM· v3 N/A· v2 IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.1 and 11.5 is vulnerable to a denial of service by an authenticated user using a specially crafted query. IBM X-Force ID: 282953.
CVE-2024-25030 1Ibm 1Db2 Jan 31, 2025 Apr 3, 2024 N/A· v4 5.5 MEDIUM· v3 N/A· v2 IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.1 stores potentially sensitive information in log files that could be read by a local user. IBM X-Force ID: 281677.
CVE-2024-22360 1Ibm 1Db2 Jan 31, 2025 Apr 3, 2024 N/A· v4 6.5 MEDIUM· v3 N/A· v2 IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 is vulnerable to a denial of service with a specially crafted query on certain columnar tables. IBM X-Force ID: 280905.
CVE-2023-52296 1Ibm 1Db2 Jan 31, 2025 Apr 3, 2024 N/A· v4 5.3 MEDIUM· v3 N/A· v2 IBM DB2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 is vulnerable to denial of service when querying a specific UDF built-in function concurrently. IBM X-Force ID: 278547.
CVE-2023-38729 1Ibm 1Db2 Jan 31, 2025 Apr 3, 2024 N/A· v4 6.5 MEDIUM· v3 N/A· v2 IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to sensitive information disclosure when using ADMIN_CMD with IMPORT or EXPORT.
CVE-2023-47141 1Ibm 1Db2 Nov 21, 2024 Jan 22, 2024 N/A· v4 6.5 MEDIUM· v3 N/A· v2 IIBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 could allow an authenticated user with CONNECT privileges to cause a denial of service using a specially crafted query. IBM X-Force ID: 270264.
CVE-2023-47747 1Ibm 1Db2 Nov 21, 2024 Jan 22, 2024 N/A· v4 6.5 MEDIUM· v3 N/A· v2 IBM DB2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.1, 10.5, and 11.1 could allow an authenticated user with CONNECT privileges to cause a denial of service using a specially crafted query. IBM X-Force...Show more IBM DB2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.1, 10.5, and 11.1 could allow an authenticated user with CONNECT privileges to cause a denial of service using a specially crafted query. IBM X-Force ID: 272646.Show less
CVE-2023-47158 1Ibm 1Db2 Nov 21, 2024 Jan 22, 2024 N/A· v4 6.5 MEDIUM· v3 N/A· v2 IBM DB2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1 and 11.5 could allow an authenticated user with CONNECT privileges to cause a denial of service using a specially crafted query. IBM X-For...Show more IBM DB2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1 and 11.5 could allow an authenticated user with CONNECT privileges to cause a denial of service using a specially crafted query. IBM X-Force ID: 270750.Show less
CVE-2023-47152 1Ibm 1Db2 Nov 21, 2024 Jan 22, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 is vulnerable to an insecure cryptographic algorithm and to information disclosure in stack trace under exceptional conditions.
CVE-2023-27859 1Ibm 1Db2 Jun 20, 2025 Jan 22, 2024 N/A· v4 6.5 MEDIUM· v3 N/A· v2 IBM Db2 10.1, 10.5, and 11.1 could allow a remote user to execute arbitrary code caused by installing like named jar files across multiple databases. A user could exploit this by installing a malicious jar file that ove...Show more IBM Db2 10.1, 10.5, and 11.1 could allow a remote user to execute arbitrary code caused by installing like named jar files across multiple databases. A user could exploit this by installing a malicious jar file that overwrites the existing like named jar file in another database. IBM X-Force ID: 249205.Show less
CVE-2023-50308 1Ibm 1Db2 Nov 21, 2024 Jan 22, 2024 N/A· v4 6.5 MEDIUM· v3 N/A· v2 IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.5 under certain circumstances could allow an authenticated user to the database to cause a denial of service when a statement is run on columnar tables...Show more IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.5 under certain circumstances could allow an authenticated user to the database to cause a denial of service when a statement is run on columnar tables. IBM X-Force ID: 273393.Show less
CVE-2023-47746 1Ibm 1Db2 Nov 21, 2024 Jan 22, 2024 N/A· v4 6.5 MEDIUM· v3 N/A· v2 IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 could allow an authenticated user with CONNECT privileges to cause a denial of service using a specially crafted query. IBM X-Force...Show more IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 could allow an authenticated user with CONNECT privileges to cause a denial of service using a specially crafted query. IBM X-Force ID: 272644.Show less
CVE-2023-45193 1Ibm 1Db2 Nov 21, 2024 Jan 22, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 federated server is vulnerable to a denial of service when a specially crafted cursor is used. IBM X-Force ID: 268759.
CVE-2023-47145 1Ibm 1Db2 Jun 11, 2025 Jan 7, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 IBM Db2 for Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 could allow a local user to escalate their privileges to the SYSTEM user using the MSI repair functionality. IBM X-Force ID: 270402.

Previous 1 2 345...17 Next