IBM Db2 for Linux 12.1.0, 12.1.1, and 12.1.2
is vulnerable to a stack-based buffer overflow in db2fm, caused by improper bounds checking. A local user could overflow the buffer and execute arbitrary code on the system.
CVSS Score
7.8
EPSS Score
0.0
Published
2025-07-29
IBM Db2 for Linux 12.1.0, 12.1.1, and 12.1.2
is vulnerable to denial of service with a specially crafted query under certain non-default conditions.
CVSS Score
5.3
EPSS Score
0.001
Published
2025-07-29
IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.5.0 through 11.5.9 and 12.1.0 through 12.1.2 is vulnerable to a denial of service as the server may crash under certain conditions with a specially crafted query due to improper release of memory resources.
CVSS Score
6.5
EPSS Score
0.001
Published
2025-07-29
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5.0.0 through 10.5.0.11, 11.1.0 through 11.1.4.7, 11.5.0 through 11.5.9, and 12.1.0 through 12.1.2 is vulnerable to a denial of service as the server may crash under certain conditions with a specially crafted query.
CVSS Score
6.5
EPSS Score
0.001
Published
2025-07-29
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5.0.0 through 10.5.0.11, 11.1.0 through 11.1.4.7, 11.5.0 through 11.5.9, and 12.1.0 through 12.1.2
is vulnerable to a denial of service as the server may crash under certain conditions with a specially crafted query.
CVSS Score
6.5
EPSS Score
0.001
Published
2025-07-29
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5.0.0 through 10.5.0.11, 11.1.0 through 11.1.4.7, 11.5.0 through 11.5.9, and 12.1.0 through 12.1.2 is vulnerable to a denial of service as the server may crash under certain conditions with a specially crafted query.
CVSS Score
4.9
EPSS Score
0.001
Published
2025-07-29
IBM Db2 for Linux 12.1.0, 12.1.1, and 12.1.2
could allow an unauthenticated user to cause a denial of service due to executable segments that are waiting for each other to release a necessary lock.
CVSS Score
6.5
EPSS Score
0.001
Published
2025-07-29
IBM Db2 for Linux 12.1.0, 12.1.1, and 12.1.2 is vulnerable to a denial of service as the server may crash under certain conditions with a specially crafted query.
CVSS Score
5.3
EPSS Score
0.001
Published
2025-07-29
Directory traversal vulnerability in the UTL_FILE module in IBM DB2 and DB2 Connect 10.1 before FP1 on Windows allows remote authenticated users to modify, delete, or read arbitrary files via a pathname in the file field.
CVSS Score
9.0
EPSS Score
0.009
Published
2012-09-25