Total
67 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-4737 | 1 Ibm | 1 Db2 Universal Database | 2025-04-03 | 7.5 HIGH | N/A |
| IBM DB2 Universal Database (UDB) 820 before ESE AIX 5765F4100 allows remote authenticated users to cause a denial of service (CPU consumption) by "abnormally" terminating a connection, which prevents db2agents from being properly cleared. | |||||
| CVE-2005-4740 | 1 Ibm | 1 Db2 Universal Database | 2025-04-03 | 4.0 MEDIUM | N/A |
| IBM DB2 Universal Database (UDB) 810 before version 8 FixPak 10 allows remote authenticated users to cause a denial of service (db2jd service crash) by "connecting from a downlevel client." | |||||
| CVE-2005-0417 | 1 Ibm | 1 Db2 Universal Database | 2025-04-03 | 10.0 HIGH | N/A |
| Unknown "high risk" vulnerability in DB2 Universal Database 8.1 and earlier has unknown impact and attack vectors. NOTE: due to the delayed disclosure of details for this issue, this candidate may be SPLIT in the future. In addition, this may be a duplicate of other issues as reported by the vendor. | |||||
| CVE-2005-4735 | 1 Ibm | 1 Db2 Universal Database | 2025-04-03 | 6.8 MEDIUM | N/A |
| IBM DB2 Universal Database (UDB) 810 before 8.1 FP10 allows remote authenticated users to cause a denial of service (application crash) via (1) certain equality predicates that trigger self-removal, aka IY70808; and (2) a query with more than 32000 elements in the IN-list, aka LI70817. | |||||
| CVE-2003-0837 | 1 Ibm | 1 Db2 Universal Database | 2025-04-03 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in IBM DB2 Universal Data Base 7.2 for Windows, before Fixpak 10a, allows attackers with "Connect" privileges to execute arbitrary code via the INVOKE command. | |||||
| CVE-2005-4866 | 1 Ibm | 1 Db2 Universal Database | 2025-04-03 | 6.8 MEDIUM | N/A |
| Stack-based buffer overflow in JDBC Applet Server in IBM DB2 8.1 allows remote attackers to execute arbitrary by connecting and sending a long username, then disconnecting gracefully and reconnecting and sending a short username and an unexpected db2java.zip version, which causes a null terminator to be removed and leads to the overflow. | |||||
| CVE-2002-1583 | 1 Ibm | 1 Db2 Universal Database | 2025-04-03 | 7.2 HIGH | N/A |
| Buffer overflow in sqllib/security/db2ckpw for IBM DB2 Universal Database 6.0 and 7.0 allows local users to execute arbitrary code via a long username that is read from a file descriptor argument. | |||||
| CVE-2004-1372 | 1 Ibm | 1 Db2 Universal Database | 2025-04-03 | 7.2 HIGH | N/A |
| Multiple stack-based buffer overflows in IBM DB2 7.x and 8.1 allow local users to execute arbitrary code via (1) a long third argument to the rec2xml function or (2) a long filename argument to the generate_distfile procedure. | |||||
| CVE-2001-0052 | 1 Ibm | 1 Db2 Universal Database | 2025-04-03 | 2.1 LOW | N/A |
| IBM DB2 Universal Database version 6.1 allows users to cause a denial of service via a malformed query. | |||||
| CVE-2003-0758 | 1 Ibm | 1 Db2 Universal Database | 2025-04-03 | 7.2 HIGH | N/A |
| Buffer overflow in db2dart in IBM DB2 Universal Data Base 7.2 before Fixpak 10 allows local users to gain root privileges via a long command line argument. | |||||
| CVE-2005-4738 | 1 Ibm | 1 Db2 Universal Database | 2025-04-03 | 6.5 MEDIUM | N/A |
| IBM DB2 Universal Database (UDB) 810 before ESE AIX 5765F4100 does not ensure that a user has execute privileges before permitting object creation based on routines, which allows remote authenticated users to gain privileges. | |||||
| CVE-2003-0827 | 1 Ibm | 1 Db2 Universal Database | 2025-04-03 | 5.0 MEDIUM | N/A |
| The DB2 Discovery Service for IBM DB2 before FixPak 10a allows remote attackers to cause a denial of service (crash) via a long packet to UDP port 523. | |||||
| CVE-2005-4867 | 1 Ibm | 1 Db2 Universal Database | 2025-04-03 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in the SATENCRYPT function in IBM DB2 8.1, when Satellite Administration (SATADMIN) is enabled, allows remote attackers to execute arbitrary code via a long parameter. | |||||
| CVE-2003-0759 | 1 Ibm | 1 Db2 Universal Database | 2025-04-03 | 7.2 HIGH | N/A |
| Buffer overflow in db2licm in IBM DB2 Universal Data Base 7.2 before Fixpak 10a allows local users to gain root privileges via a long command line argument. | |||||
| CVE-2003-1049 | 1 Ibm | 1 Db2 Universal Database | 2025-04-03 | 4.6 MEDIUM | N/A |
| IBM DB2 Universal Database 7 before FixPak 12 creates certain DMS directories with insecure permissions (777), which allows local users to modify or delete certain DB2 files. | |||||
| CVE-2005-4739 | 1 Ibm | 1 Db2 Universal Database | 2025-04-03 | 6.8 MEDIUM | N/A |
| IBM DB2 Universal Database (UDB) 820 before version 8 FixPak 10 (s050811) allows remote authenticated users to cause a denial of service (application crash) by using a table function for an instance of snapshot_tbreorg, which triggers a trap in sqlnr_EStoE_action. | |||||
| CVE-2004-0795 | 1 Ibm | 1 Db2 Universal Database | 2025-04-03 | 7.2 HIGH | N/A |
| DB2 8.1 remote command server (DB2RCMD.EXE) executes the db2rcmdc.exe program as the db2admin administrator, which allows local users to gain privileges via the DB2REMOTECMD named pipe. | |||||
| CVE-2005-4864 | 1 Ibm | 1 Db2 Universal Database | 2025-04-03 | 7.2 HIGH | N/A |
| Stack-based buffer overflow in libdb2.so in IBM DB2 7.x and 8.1 allows local users to execute arbitrary code via a long DB2LPORT environment variable. | |||||
| CVE-2006-3068 | 1 Ibm | 1 Db2 Universal Database | 2025-04-03 | 5.0 MEDIUM | N/A |
| IBM DB2 Universal Database (UDB) before 8.2 FixPak 12 allows remote attackers to cause a denial of service (application crash) by sending "incorrect information ... regarding the package name/creator," which leads to a "memory overwrite." | |||||
| CVE-2005-4736 | 1 Ibm | 1 Db2 Universal Database | 2025-04-03 | 6.8 MEDIUM | N/A |
| IBM DB2 Universal Database (UDB) 820 before 8.2 FP10 allows remote authenticated users to cause a denial of service (disk consumption) via a hash join (hsjn) that triggers an infinite loop in sqlri_hsjnFlushBlocks. | |||||