IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.1.0 through 11.1.4.7, 11.5.0 through 11.5.9 and 12.1.0 through 12.1.1 is vulnerable to a denial of service as the server may crash under certain conditions with a specially crafted query.
CVSS Score
6.5
EPSS Score
0.001
Published
2025-05-29
IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.5.0 through 11.5.9 and 12.1.0 through 12.1.1
could allow an authenticated user to cause a denial of service when connecting to a z/OS database due to improper handling of automatic client rerouting.
CVSS Score
5.3
EPSS Score
0.001
Published
2025-05-05
IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) 12.1.0 through 12.1.1
could allow an authenticated user to cause a denial of service due to concurrent execution of shared resources.
CVSS Score
5.3
EPSS Score
0.001
Published
2025-05-05
IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.5.0 through 11.5.9 and 12.1.0 through 12.1.1
under specific configurations could allow an authenticated user to cause a denial of service due to insufficient release of allocated memory resources.
CVSS Score
5.3
EPSS Score
0.001
Published
2025-05-05
IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.5.0 through 11.5.9 and 12.1.0 through 12.1.1 could allow an authenticated user in federation environment, to cause a denial of service due to insufficient release of allocated memory after usage.
CVSS Score
5.3
EPSS Score
0.001
Published
2025-05-05
IBM Db2 for Linux, UNIX and Windows 12.1.0 and 12.1.1 is vulnerable to a denial of service as the server may crash under certain conditions with a specially crafted query.
CVSS Score
5.3
EPSS Score
0.002
Published
2025-05-01
Directory traversal vulnerability in the UTL_FILE module in IBM DB2 and DB2 Connect 10.1 before FP1 on Windows allows remote authenticated users to modify, delete, or read arbitrary files via a pathname in the file field.
CVSS Score
9.0
EPSS Score
0.009
Published
2012-09-25
Page 2