cpe:2.3:a:ibm:db2:9.7:fp7:*:*:*:*:*:*
IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.5 under certain circumstances could allow an authenticated user to the database to cause a denial of service when a statement is run on columnar tables. IBM X-Force ID: 273393.
Max CVSS
6.5
EPSS Score
0.06%
Published
2024-01-22
Updated
2024-03-07
IIBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 could allow an authenticated user with CONNECT privileges to cause a denial of service using a specially crafted query. IBM X-Force ID: 270264.
Max CVSS
6.5
EPSS Score
0.06%
Published
2024-01-22
Updated
2024-03-07
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 federated server is vulnerable to a denial of service when a specially crafted cursor is used. IBM X-Force ID: 268759.
Max CVSS
7.5
EPSS Score
0.07%
Published
2024-01-22
Updated
2024-03-07
IBM DB2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted RUNSTATS command on an 8TB table. IBM X-Force ID: 264809.
Max CVSS
7.5
EPSS Score
0.07%
Published
2023-12-04
Updated
2024-01-19
IBM Db2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, 11.1, and 11.5 is vulnerable to a denial of service as the server may terminate abnormally when executing specially crafted SQL statements by an authenticated user. IBM X-Force ID: 2219740.
Max CVSS
6.5
EPSS Score
0.11%
Published
2022-06-24
Updated
2022-10-28
Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) is vulnerable to a denial of service as the server terminates abnormally when executing a specially crafted SELECT statement. IBM X-Force ID: 200659.
Max CVSS
7.5
EPSS Score
0.15%
Published
2021-06-24
Updated
2022-06-28
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 could allow an unauthenticated attacker to cause a denial of service due a hang in the SSL handshake response. IBM X-Force ID: 193660.
Max CVSS
7.5
EPSS Score
0.13%
Published
2021-03-11
Updated
2021-04-12
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 could allow local attacker to cause a denial of service inside the "DB2 Management Service".
Max CVSS
6.2
EPSS Score
0.04%
Published
2020-12-23
Updated
2021-01-30
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 could allow an unauthenticated user to send specially crafted packets to cause a denial of service from excessive memory usage.
Max CVSS
7.5
EPSS Score
0.16%
Published
2020-02-19
Updated
2022-01-01
IBM GSKit (IBM DB2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, and 11.1) contains several environment variables that a local attacker could overflow and cause a denial of service. IBM X-Force ID: 139072.
Max CVSS
6.2
EPSS Score
0.04%
Published
2018-03-22
Updated
2019-10-09
IBM DB2 9.7 through FP11, 9.8, 10.1 through FP5, and 10.5 through FP7 on Linux, UNIX, and Windows allows remote authenticated users to cause a denial of service (daemon crash) via a crafted DRDA message.
Max CVSS
4.3
EPSS Score
2.14%
Published
2016-04-28
Updated
2016-12-03
IBM DB2 9.5 through FP10, 9.7 through FP10, 9.8 through FP5, 10.1 through FP4, and 10.5 before FP5 allows remote authenticated users to cause a denial of service (CPU consumption) via a crafted XML query.
Max CVSS
4.0
EPSS Score
0.88%
Published
2014-12-18
Updated
2018-09-28
IBM DB2 9.7 through FP10, 9.8 through FP5, 10.1 through FP4, and 10.5 before FP5 on Linux, UNIX, and Windows allows remote authenticated users to cause a denial of service (daemon crash) by specifying the same column within multiple ALTER TABLE statements.
Max CVSS
4.0
EPSS Score
8.39%
Published
2014-12-12
Updated
2018-09-27
IBM DB2 9.5 through FP10, 9.7 through FP10, 9.8 through FP5, 10.1 through FP4, and 10.5 before FP5 on Linux, UNIX, and Windows allows remote authenticated users to cause a denial of service (daemon crash) by specifying an identity column within a crafted ALTER TABLE statement.
Max CVSS
4.0
EPSS Score
8.39%
Published
2014-12-12
Updated
2018-09-27
IBM DB2 9.7 before FP10, 9.8 through FP5, 10.1 through FT4, and 10.5 through FP4 on Linux, UNIX, and Windows, when immediate AUTO_REVAL is enabled, allows remote authenticated users to cause a denial of service (daemon crash) via a crafted ALTER TABLE statement.
Max CVSS
3.5
EPSS Score
8.12%
Published
2014-11-08
Updated
2017-09-08
IBM DB2 9.7 before FP10 and 9.8 through FP5 on Linux, UNIX, and Windows allows remote authenticated users to cause a denial of service (daemon crash) via a crafted ALTER TABLE statement.
Max CVSS
4.0
EPSS Score
1.90%
Published
2014-11-08
Updated
2017-09-08
The SQL engine in IBM DB2 9.5 through FP10, 9.7 through FP9a, 9.8 through FP5, 10.1 through FP4, and 10.5 before FP4 on Linux, UNIX, and Windows allows remote authenticated users to cause a denial of service (daemon crash) via a crafted UNION clause in a subquery of a SELECT statement.
Max CVSS
3.5
EPSS Score
6.54%
Published
2014-09-04
Updated
2017-08-29
The OLAP query engine in IBM DB2 and DB2 Connect 9.7 through FP9, 9.8 through FP5, 10.1 through FP3, and 10.5 through FP2, and the DB2 pureScale Feature 9.8 for Enterprise Server Edition, allows remote authenticated users to cause a denial of service (database outage and deactivation) via unspecified vectors.
Max CVSS
4.0
EPSS Score
0.84%
Published
2013-12-19
Updated
2018-09-25
The XSLT library in IBM DB2 and DB2 Connect 9.5 through 10.5, and the DB2 pureScale Feature 9.8 for Enterprise Server Edition, allows remote authenticated users to cause a denial of service via unspecified vectors.
Max CVSS
4.0
EPSS Score
0.84%
Published
2013-12-18
Updated
2018-09-25
The chaining functionality in the Distributed Relational Database Architecture (DRDA) module in IBM DB2 9.7 before FP6 and 9.8 before FP5 allows remote attackers to cause a denial of service (NULL pointer dereference, and resource consumption or daemon crash) via a crafted request.
Max CVSS
4.3
EPSS Score
0.71%
Published
2012-06-20
Updated
2018-10-02
The XML feature in IBM DB2 9.5 before FP9, 9.7 through FP5, and 9.8 through FP4 allows remote authenticated users to cause a denial of service (infinite loop) by calling the XMLPARSE function with a crafted string expression.
Max CVSS
4.0
EPSS Score
0.67%
Published
2012-03-20
Updated
2017-09-19
IBM DB2 9.1 before FP11, 9.5 before FP9, 9.7 before FP5, and 9.8 before FP4 allows remote attackers to cause a denial of service (daemon crash) via a crafted Distributed Relational Database Architecture (DRDA) request.
Max CVSS
5.0
EPSS Score
7.32%
Published
2012-03-20
Updated
2018-10-10
Unspecified vulnerability in IBM DB2 9.7 before FP5 on UNIX, when the Self Tuning Memory Manager (STMM) feature and the AUTOMATIC DATABASE_MEMORY setting are configured, allows local users to cause a denial of service (daemon crash) via unknown vectors.
Max CVSS
1.5
EPSS Score
0.04%
Published
2011-11-09
Updated
2017-09-19
IBM DB2 9.7 before FP2, when AUTO_REVAL is IMMEDIATE, allows remote authenticated users to cause a denial of service (loss of privileges) to a view owner by defining a dependent view.
Max CVSS
3.5
EPSS Score
0.27%
Published
2010-08-31
Updated
2017-09-19
Unspecified vulnerability in IBM DB2 9.1 before FP9, 9.5 before FP6, and 9.7 before FP2 on Windows Server 2008 allows attackers to cause a denial of service (trap) via vectors involving "special group and user enumeration."
Max CVSS
5.0
EPSS Score
0.78%
Published
2010-08-31
Updated
2017-09-19
28 vulnerabilities found
1 2
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!