Shodan
Vulnerabilities
Vulnerable Software
Ibm:  >> Db2  Security Vulnerabilities
CVE-2023-29256
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to an information disclosure due to improper privilege management when certain federation features are used. IBM X-Force ID: 252046.
CVSS Score
5.3
EPSS Score
0.001
Published
2023-07-10
CVE-2023-23487
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.1 and 11.5 is vulnerable to insufficient audit logging. IBM X-Force ID: 245918.
CVSS Score
4.3
EPSS Score
0.001
Published
2023-07-10
CVE-2023-26021
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.1 and 11.5 is vulnerable to a denial of service as the server may crash when compiling a specially crafted SQL query using a LIMIT clause. IBM X-Force ID: 247864.
CVSS Score
7.5
EPSS Score
0.001
Published
2023-04-28
CVE-2023-26022
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) is vulnerable to a denial of service as the server may crash when an Out of Memory occurs using the DBMS_OUTPUT module. IBM X-Force ID: 247868.
CVSS Score
5.9
EPSS Score
0.001
Published
2023-04-28
CVE-2023-25930
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.1, 11.1, and 11.5 is vulnerable to a denial of service. Under rare conditions, setting a special register may cause the Db2 server to terminate abnormally. IBM X-Force ID: 247862.
CVSS Score
5.9
EPSS Score
0.002
Published
2023-04-28
CVE-2023-27555
IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.5 is vulnerable to a denial of service when attempting to use ACR client affinity for unfenced DRDA federation wrappers. IBM X-Force ID: 249187.
CVSS Score
5.1
EPSS Score
0.001
Published
2023-04-28
CVE-2023-29255
IBM DB2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to a denial of service as it may trap when compiling a variation of an anonymous block. IBM X-Force ID: 251991.
CVSS Score
7.5
EPSS Score
0.001
Published
2023-04-27
CVE-2023-27559
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to a denial of service as the server may crash when using a specially crafted subquery. IBM X-Force ID: 249196.
CVSS Score
5.3
EPSS Score
0.001
Published
2023-04-26
CVE-2023-29257
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to remote code execution as a database administrator of one database may execute code or read/write files from another database within the same instance. IBM X-Force ID: 252011.
CVSS Score
7.2
EPSS Score
0.002
Published
2023-04-26
CVE-2022-43930
IBM Db2 for Linux, UNIX and Windows 10.5, 11.1, and 11.5 is vulnerable to an Information Disclosure as sensitive information may be included in a log file. IBM X-Force ID: 241677.
CVSS Score
6.2
EPSS Score
0.001
Published
2023-02-17


Products
Pricing
Contact Us

Shodan ® - All rights reserved