Vulnerabilities > IBM > DB2 > 11.1.3

DATE CVE VULNERABILITY TITLE RISK
2023-12-04 CVE-2023-38727 Unspecified vulnerability in IBM DB2
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted SQL statement.
network
low complexity
ibm
7.5
7.5
2023-12-04 CVE-2023-40687 Unspecified vulnerability in IBM DB2
IBM DB2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted RUNSTATS command on an 8TB table.
network
low complexity
ibm
7.5
7.5
2023-12-04 CVE-2023-47701 Unspecified vulnerability in IBM DB2
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted query.
network
low complexity
ibm
7.5
7.5
2023-04-28 CVE-2023-26021 Improper Input Validation vulnerability in IBM DB2
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.1 and 11.5 is vulnerable to a denial of service as the server may crash when compiling a specially crafted SQL query using a LIMIT clause.
network
low complexity
ibm CWE-20
7.5
7.5
2023-04-28 CVE-2023-26022 Improper Input Validation vulnerability in IBM DB2
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) is vulnerable to a denial of service as the server may crash when an Out of Memory occurs using the DBMS_OUTPUT module.
network
low complexity
ibm CWE-20
7.5
7.5
2023-04-28 CVE-2023-25930 Improper Input Validation vulnerability in IBM DB2
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.1, 11.1, and 11.5 is vulnerable to a denial of service.
network
high complexity
ibm CWE-20
5.9
5.9
2023-04-28 CVE-2023-27555 Improper Input Validation vulnerability in IBM DB2
IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.5 is vulnerable to a denial of service when attempting to use ACR client affinity for unfenced DRDA federation wrappers.
network
low complexity
ibm CWE-20
7.5
7.5
2023-04-27 CVE-2023-29255 Improper Input Validation vulnerability in IBM DB2
IBM DB2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to a denial of service as it may trap when compiling a variation of an anonymous block.
network
low complexity
ibm CWE-20
7.5
7.5
2023-04-26 CVE-2023-27559 Improper Input Validation vulnerability in IBM DB2
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to a denial of service as the server may crash when using a specially crafted subquery.
network
low complexity
ibm CWE-20
7.5
7.5
2023-04-26 CVE-2023-29257 Unspecified vulnerability in IBM DB2
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to remote code execution as a database administrator of one database may execute code or read/write files from another database within the same instance.
network
low complexity
ibm
7.2
7.2