Filtered by vendor Ibm
Subscriptions
Filtered by product Db2 Universal Database
Subscriptions
Total
67 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2005-4738 | 1 Ibm | 1 Db2 Universal Database | 2024-09-17 | N/A |
IBM DB2 Universal Database (UDB) 810 before ESE AIX 5765F4100 does not ensure that a user has execute privileges before permitting object creation based on routines, which allows remote authenticated users to gain privileges. | ||||
CVE-2002-1583 | 1 Ibm | 1 Db2 Universal Database | 2024-09-17 | N/A |
Buffer overflow in sqllib/security/db2ckpw for IBM DB2 Universal Database 6.0 and 7.0 allows local users to execute arbitrary code via a long username that is read from a file descriptor argument. | ||||
CVE-2005-4736 | 1 Ibm | 1 Db2 Universal Database | 2024-09-16 | N/A |
IBM DB2 Universal Database (UDB) 820 before 8.2 FP10 allows remote authenticated users to cause a denial of service (disk consumption) via a hash join (hsjn) that triggers an infinite loop in sqlri_hsjnFlushBlocks. | ||||
CVE-2009-4150 | 1 Ibm | 2 Db2, Db2 Universal Database | 2024-09-16 | N/A |
dasauto in IBM DB2 8 before FP18, 9.1 before FP8, 9.5 before FP4, and 9.7 before FP1 permits execution by unprivileged user accounts, which has unspecified impact and local attack vectors. | ||||
CVE-2006-6638 | 1 Ibm | 1 Db2 Universal Database | 2024-09-16 | N/A |
IBM DB2 8.1 before FixPak 14 allows remote attackers to cause a denial of service via a crafted SQLJRA packet, which causes a NULL pointer dereference in the sqle_db2ra_as_recvrequest function in DB2ENGN.DLL, a different issue than CVE-2006-4257. | ||||
CVE-2005-4739 | 1 Ibm | 1 Db2 Universal Database | 2024-09-16 | N/A |
IBM DB2 Universal Database (UDB) 820 before version 8 FixPak 10 (s050811) allows remote authenticated users to cause a denial of service (application crash) by using a table function for an instance of snapshot_tbreorg, which triggers a trap in sqlnr_EStoE_action. | ||||
CVE-2005-4740 | 1 Ibm | 1 Db2 Universal Database | 2024-09-16 | N/A |
IBM DB2 Universal Database (UDB) 810 before version 8 FixPak 10 allows remote authenticated users to cause a denial of service (db2jd service crash) by "connecting from a downlevel client." | ||||
CVE-2005-3643 | 1 Ibm | 1 Db2 Universal Database | 2024-09-16 | N/A |
IBM DB2 Database server running on Windows XP with Simple File Sharing enabled, allows remote attackers to bypass authentication and log on to the guest account without supplying a password. | ||||
CVE-2005-4735 | 1 Ibm | 1 Db2 Universal Database | 2024-09-16 | N/A |
IBM DB2 Universal Database (UDB) 810 before 8.1 FP10 allows remote authenticated users to cause a denial of service (application crash) via (1) certain equality predicates that trigger self-removal, aka IY70808; and (2) a query with more than 32000 elements in the IN-list, aka LI70817. | ||||
CVE-2005-4737 | 1 Ibm | 1 Db2 Universal Database | 2024-09-16 | N/A |
IBM DB2 Universal Database (UDB) 820 before ESE AIX 5765F4100 allows remote authenticated users to cause a denial of service (CPU consumption) by "abnormally" terminating a connection, which prevents db2agents from being properly cleared. | ||||
CVE-2010-3739 | 1 Ibm | 1 Db2 Universal Database | 2024-09-16 | N/A |
The audit facility in the Security component in IBM DB2 UDB 9.5 before FP6a uses instance-level audit settings to capture connection (aka CONNECT and AUTHENTICATION) events in certain circumstances in which database-level audit settings were intended, which might make it easier for remote attackers to connect without discovery. | ||||
CVE-2007-5757 | 1 Ibm | 1 Db2 Universal Database | 2024-09-16 | N/A |
Untrusted search path vulnerability in db2pd in IBM DB2 Universal Database (UDB) 8 before FixPak 16 and 9 before Fix Pack 4 allows local users to gain root privileges via a modified DB2INSTANCE environment variable that points to a malicious library. NOTE: this might be the same issue as CVE-2008-0697. | ||||
CVE-2001-1143 | 1 Ibm | 1 Db2 Universal Database | 2024-08-08 | N/A |
IBM DB2 7.0 allows a remote attacker to cause a denial of service (crash) via a single byte to (1) db2ccs.exe on port 6790, or (2) db2jds.exe on port 6789. | ||||
CVE-2001-0051 | 1 Ibm | 1 Db2 Universal Database | 2024-08-08 | N/A |
IBM DB2 Universal Database version 6.1 creates an account with a default user name and password, which allows remote attackers to gain access to the database. | ||||
CVE-2001-0052 | 1 Ibm | 1 Db2 Universal Database | 2024-08-08 | N/A |
IBM DB2 Universal Database version 6.1 allows users to cause a denial of service via a malformed query. | ||||
CVE-2003-1052 | 1 Ibm | 2 Db2, Db2 Universal Database | 2024-08-08 | N/A |
IBM DB2 7.1 and 8.1 allow the bin user to gain root privileges by modifying the shared libraries that are used in setuid root programs. | ||||
CVE-2003-1049 | 1 Ibm | 1 Db2 Universal Database | 2024-08-08 | N/A |
IBM DB2 Universal Database 7 before FixPak 12 creates certain DMS directories with insecure permissions (777), which allows local users to modify or delete certain DB2 files. | ||||
CVE-2003-0898 | 1 Ibm | 1 Db2 Universal Database | 2024-08-08 | N/A |
IBM DB2 7.2 before FixPak 10a, and earlier versions including 7.1, allows local users to overwrite arbitrary files and gain privileges via a symlink attack on (1) db2job and (2) db2job2. | ||||
CVE-2003-0836 | 1 Ibm | 1 Db2 Universal Database | 2024-08-08 | N/A |
Stack-based buffer overflow in IBM DB2 Universal Data Base 7.2 before Fixpak 10 and 10a, and 8.1 before Fixpak 2, allows attackers with "Connect" privileges to execute arbitrary code via a LOAD command. | ||||
CVE-2003-0827 | 1 Ibm | 1 Db2 Universal Database | 2024-08-08 | N/A |
The DB2 Discovery Service for IBM DB2 before FixPak 10a allows remote attackers to cause a denial of service (crash) via a long packet to UDP port 523. |