cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-40679,https://securityvulnerability.io/vulnerability/CVE-2024-40679,"Information Disclosure Vulnerability in IBM Db2 for Linux, UNIX, and Windows","IBM Db2 for Linux, UNIX, and Windows includes an information disclosure vulnerability that can expose sensitive data in log files under certain conditions. This flaw can occur when specific configurations are in place, potentially leading to unauthorized access to sensitive or private information, impacting the confidentiality of the affected systems. Users of Db2 11.5 must be vigilant in reviewing their logging settings to mitigate risks associated with this vulnerability.",IBM,Db2,5.5,MEDIUM,0.0004299999854993075,false,false,false,false,false,false,false,2025-01-08T00:44:37.346Z,0
CVE-2023-30443,https://securityvulnerability.io/vulnerability/CVE-2023-30443,Denial of Service Vulnerability in IBM Db2 Products,"CVE-2023-30443 is a high-risk vulnerability affecting IBM Db2 for Linux, UNIX, and Windows, including the Db2 Connect Server. This vulnerability allows an attacker to execute a specially crafted query that can lead to a denial of service (DoS), severely impacting the availability and performance of the affected systems. Users of Db2 versions 10.5, 11.1, and 11.5 should take immediate action to apply available patches and implement mitigating controls to safeguard their environments against potential exploits.",IBM,"Db2 For Linux, Unix And Windows",5.3,MEDIUM,0.0004400000034365803,false,false,false,false,,false,false,2024-12-19T01:04:07.275Z,0
CVE-2024-41762,https://securityvulnerability.io/vulnerability/CVE-2024-41762,"Db2 for Linux, UNIX and Windows Under Attack - Denial of Service Vulnerability Alert","IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to a denial of service as the server may crash under certain conditions with a specially crafted query.",IBM,"Db2 For Linux, Unix And Windows",5.3,MEDIUM,0.0004400000034365803,false,false,false,false,,false,false,2024-12-07T13:30:48.904Z,0
CVE-2024-37071,https://securityvulnerability.io/vulnerability/CVE-2024-37071,IBM Db2 Under Denial of Service Attack Due to Improper Memory Allocation,"IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 could allow an authenticated user to cause a denial of service with a specially crafted query due to improper memory allocation.",IBM,"Db2 For Linux, Unix And Windows",5.3,MEDIUM,0.0004400000034365803,false,false,false,false,,false,false,2024-12-07T12:53:31.722Z,0
CVE-2024-45663,https://securityvulnerability.io/vulnerability/CVE-2024-45663,IBM Db2 denial of service,"IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.1 and 11.5 is vulnerable to a denial of service as the server may crash under certain conditions with a specially crafted query.",IBM,"Db2 For Linux, Unix And Windows",6.5,MEDIUM,0.0004299999854993075,false,false,false,false,,false,false,2024-11-21T00:22:03.293Z,0
CVE-2024-31880,https://securityvulnerability.io/vulnerability/CVE-2024-31880,IBM Db2 Under Denial of Service Attack,"IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to a denial of service, under specific configurations, as the server may crash when using a specially crafted SQL statement by an authenticated user.",IBM,"Db2 For Linux, Unix And Windows",6.5,MEDIUM,0.0004400000034365803,false,false,false,false,,false,false,2024-10-23T01:09:30.580Z,0
CVE-2024-35136,https://securityvulnerability.io/vulnerability/CVE-2024-35136,IBM Db2 Under Denial of Service Attack with Specially Crafted Query,"IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) federated server 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted query under certain non default conditions.  IBM X-Force ID:  291307.",IBM,"Db2 For Linux, Unix And Windows",6.5,MEDIUM,0.0004400000034365803,false,false,false,false,,false,false,2024-08-14T18:15:00.000Z,0
CVE-2024-31882,https://securityvulnerability.io/vulnerability/CVE-2024-31882,"IBM Db2 for Linux, UNIX and Windows Vulnerable to Denial of Service Attack","IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.1 and 11.5 is vulnerable to a denial of service, under specific non default configurations, as the server may crash when using a specially crafted SQL statement by an authenticated user.  IBM X-Force ID:  287614.",IBM,"Db2 For Linux, Unix And Windows",6.5,MEDIUM,0.0004400000034365803,false,false,false,false,,false,false,2024-08-14T18:15:00.000Z,0
CVE-2024-37529,https://securityvulnerability.io/vulnerability/CVE-2024-37529,Db2 Query Denial of Service Vulnerability,"IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.1 and 11.5 could allow an authenticated user to cause a denial of service with a specially crafted query due to improper memory allocation.  IBM X-Force ID:  294295.",IBM,"Db2 For Linux, Unix And Windows",6.5,MEDIUM,0.0004400000034365803,false,false,false,false,,false,false,2024-08-14T18:15:00.000Z,0
CVE-2024-35152,https://securityvulnerability.io/vulnerability/CVE-2024-35152,IBM Db2 Denial of Service Vulnerability,"IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 could allow an authenticated user to cause a denial of service with a specially crafted query due to improper memory allocation. IBM X-Force ID:  292639.",IBM,Db2,6.5,MEDIUM,0.0004400000034365803,false,false,false,false,,false,false,2024-08-14T18:15:00.000Z,0
CVE-2024-31881,https://securityvulnerability.io/vulnerability/CVE-2024-31881,Db2 Crash Vulnerability Affects Authenticated Users,"IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to a denial of service as the server may crash when using a specially crafted query on certain columnar tables by an authenticated user.  IBM X-Force ID:  287613.",IBM,"Db2 For Linux, Unix And Windows",6.5,MEDIUM,0.0004400000034365803,false,false,false,false,,false,false,2024-06-12T19:15:00.000Z,0
CVE-2023-29267,https://securityvulnerability.io/vulnerability/CVE-2023-29267,Db2 Vulnerable to Denial of Service Attack,"IBM Db2 for Linux, UNIX, and Windows, including Db2 Connect Server, is exposed to a denial of service risk when a specially crafted SQL statement is executed by a user with authentication privileges. This vulnerability can lead to server crashes under certain configurations, making affected systems unstable and operationally unviable. Organizations utilizing these versions of Db2 are advised to take immediate action to mitigate potential exploitation risks.",IBM,"Db2 For Linux, Unix And Windows",5.3,MEDIUM,0.0004400000034365803,false,false,false,false,,false,false,2024-06-12T18:24:20.764Z,0
CVE-2024-28762,https://securityvulnerability.io/vulnerability/CVE-2024-28762,IBM Db2 Vulnerable to Denial of Service Attack,"IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted query under certain conditions.  IBM X-Force ID:  285246.",IBM,Db2,6.5,MEDIUM,0.0004400000034365803,false,false,false,false,,false,false,2024-06-12T18:15:00.000Z,0
CVE-2023-42005,https://securityvulnerability.io/vulnerability/CVE-2023-42005,IBM Db2 on Cloud Pak for Data Vulnerability Could Allow System Calls Compromising Container Security,"A security issue exists within IBM Db2 on Cloud Pak for Data, affecting various versions. Users with access to Kubernetes pods may exploit this vulnerability to execute system calls, potentially compromising the integrity and security of the containers. This poses significant risks to data management and application performance in cloud environments where IBM Db2 is deployed.",IBM,Db2 On Cloud Pak For Data,7.4,HIGH,0.0004299999854993075,false,false,false,false,,false,false,2024-05-29T12:53:04.315Z,0
CVE-2024-27254,https://securityvulnerability.io/vulnerability/CVE-2024-27254,"IBM Db2 for Linux, UNIX and Windows denial of service","IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) 10.5, 11.1, and 11.5 federated server is vulnerable to denial of service with a specially crafted query under certain conditions.  IBM X-Force ID:  283813.",IBM,"Db2 For Linux, Unix And Windows",5.3,MEDIUM,0.00044999999227002263,false,false,false,false,,false,false,2024-04-03T13:16:00.000Z,0
CVE-2023-52296,https://securityvulnerability.io/vulnerability/CVE-2023-52296,"IBM Db2 for Linux, UNIX and Windows denial of service","IBM DB2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 is vulnerable to denial of service when querying a specific UDF built-in function concurrently.  IBM X-Force ID:  278547.",IBM,"Db2 For Linux, Unix And Windows",5.3,MEDIUM,0.00044999999227002263,false,false,false,false,,false,false,2024-04-03T13:16:00.000Z,0
CVE-2024-22360,https://securityvulnerability.io/vulnerability/CVE-2024-22360,"IBM Db2 for Linux, UNIX and Windows denial of service","IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 is vulnerable to a denial of service with a specially crafted query on certain columnar tables.  IBM X-Force ID:  280905.",IBM,"Db2 For Linux, Unix And Windows",5.3,MEDIUM,0.00044999999227002263,false,false,false,false,,false,false,2024-04-03T13:16:00.000Z,0
CVE-2023-38729,https://securityvulnerability.io/vulnerability/CVE-2023-38729,"IBM Db2 for Linux, UNIX and Windows information disclosure","IBM Db2 for Linux, UNIX and Windows versions 10.5, 11.1, and 11.5 exhibit a vulnerability that allows for potential sensitive information disclosure when the ADMIN_CMD command is utilized in conjunction with the IMPORT or EXPORT operations. This could lead to unauthorized access to information that should otherwise remain confidential. Users of vulnerable versions are advised to review their configurations and apply necessary mitigations to protect their systems against unwanted exposure of sensitive data. For more detailed information, consult the official IBM advisory and associated references.",IBM,"Db2 For Linux, Unix And Windows",6.8,MEDIUM,0.00044999999227002263,false,false,false,false,,false,false,2024-04-03T13:16:00.000Z,0
CVE-2024-25046,https://securityvulnerability.io/vulnerability/CVE-2024-25046,"IBM Db2 for Linux, UNIX and Windows denial of service","IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.1 and 11.5 is vulnerable to a denial of service by an authenticated user using a specially crafted query.  IBM X-Force ID:  282953.",IBM,"Db2 For Linux, Unix And Windows",5.3,MEDIUM,0.00044999999227002263,false,false,false,false,,false,false,2024-04-03T13:16:00.000Z,0
CVE-2024-25030,https://securityvulnerability.io/vulnerability/CVE-2024-25030,,"IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.1 stores potentially sensitive information in log files that could be read by a local user.  IBM X-Force ID:  281677.",IBM,"Db2 For Linux, Unix And Windows",6.2,MEDIUM,0.00044999999227002263,false,false,false,false,,false,false,2024-04-03T13:16:00.000Z,0
CVE-2023-47141,https://securityvulnerability.io/vulnerability/CVE-2023-47141,IBM Db2 denial of service,"IIBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 could allow an authenticated user with CONNECT privileges to cause a denial of service using a specially crafted query.  IBM X-Force ID:  270264.",IBM,"Db2 For Linux, Unix And Windows",5.3,MEDIUM,0.0006900000153109431,false,false,false,false,,false,false,2024-01-22T20:07:33.489Z,0
CVE-2023-47158,https://securityvulnerability.io/vulnerability/CVE-2023-47158,IBM Db2 denial of service,"IBM DB2 for Linux, UNIX and Windows (includes Db2 Connect Server) 

10.5, 11.1 and 11.5

 could allow an authenticated user with CONNECT privileges to cause a denial of service using a specially crafted query.  IBM X-Force ID:  270750.",IBM,"Db2 For Linux, Unix And Windows",6.5,MEDIUM,0.0006900000153109431,false,false,false,false,,false,false,2024-01-22T20:05:46.155Z,0
CVE-2023-47152,https://securityvulnerability.io/vulnerability/CVE-2023-47152,IBM Db2 information disclosure,"IBM Db2 for Linux, UNIX, and Windows, along with Db2 Connect Server version 11.5, has been identified as having vulnerabilities related to an insecure cryptographic algorithm. This vulnerability poses a risk of information leakage through stack traces under specific exceptional circumstances, potentially exposing sensitive data to unauthorized users. Users of the affected products are advised to take immediate action to mitigate risks associated with these vulnerabilities, ensuring that best security practices are implemented.",IBM,"Db2 For Linux, Unix And Windows",7.5,HIGH,0.0011399999493733048,false,false,false,false,,false,false,2024-01-22T20:03:52.428Z,0
CVE-2023-27859,https://securityvulnerability.io/vulnerability/CVE-2023-27859,IBM Db2 code execution,"IBM Db2 versions 10.1, 10.5, and 11.1 are susceptible to a vulnerability that allows for the execution of arbitrary code by a remote user. This issue arises from the incorrect management of similarly named jar files across different databases. An attacker can exploit this flaw by inserting a malicious jar file that replaces an existing jar file of the same name in another database, enabling them to execute harmful commands remotely. Organizations using these Db2 versions must take action to mitigate this risk by ensuring that their systems are configured properly and that necessary updates are applied.",IBM,"Db2 For Linux, Unix And Windows",6.5,MEDIUM,0.0012100000167265534,false,false,false,false,,false,false,2024-01-22T20:02:02.789Z,0
CVE-2023-47747,https://securityvulnerability.io/vulnerability/CVE-2023-47747,IBM Db2 denial of service,"IBM DB2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.1, 10.5, and 11.1 could allow an authenticated user with CONNECT privileges to cause a denial of service using a specially crafted query.  IBM X-Force ID:  272646.",IBM,"Db2 For Linux, Unix And Windows",5.3,MEDIUM,0.0006900000153109431,false,false,false,false,,false,false,2024-01-22T19:57:30.941Z,0