Vulnerabilities > IBM > DB2 > 8.2
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-22 | CVE-2023-47141 | Unspecified vulnerability in IBM DB2 IIBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 could allow an authenticated user with CONNECT privileges to cause a denial of service using a specially crafted query. | 6.5 |
| 2024-01-22 | CVE-2023-47152 | Unspecified vulnerability in IBM DB2 IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 is vulnerable to an insecure cryptographic algorithm and to information disclosure in stack trace under exceptional conditions. | 7.5 |
| 2024-01-22 | CVE-2023-45193 | Unspecified vulnerability in IBM DB2 IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 federated server is vulnerable to a denial of service when a specially crafted cursor is used. | 7.5 |
| 2024-01-22 | CVE-2023-50308 | Unspecified vulnerability in IBM DB2 IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.5 under certain circumstances could allow an authenticated user to the database to cause a denial of service when a statement is run on columnar tables. | 6.5 |
| 2023-12-04 | CVE-2023-40687 | Unspecified vulnerability in IBM DB2 IBM DB2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted RUNSTATS command on an 8TB table. | 7.5 |
| 2011-11-09 | CVE-2011-1373 | Remote Denial of Service vulnerability in IBM DB2 Unspecified vulnerability in IBM DB2 9.7 before FP5 on UNIX, when the Self Tuning Memory Manager (STMM) feature and the AUTOMATIC DATABASE_MEMORY setting are configured, allows local users to cause a denial of service (daemon crash) via unknown vectors. local ibm | 1.5 |
| 2011-05-03 | CVE-2011-1847 | Permissions, Privileges, and Access Controls vulnerability in IBM DB2 IBM DB2 9.5 before FP7 and 9.7 before FP4 on Linux, UNIX, and Windows does not properly enforce privilege requirements for table access, which allows remote authenticated users to modify SYSSTAT.TABLES statistics columns via an UPDATE statement. | 4.9 |
| 2011-05-03 | CVE-2011-1846 | Permissions, Privileges, and Access Controls vulnerability in IBM DB2 IBM DB2 9.5 before FP7 and 9.7 before FP4 on Linux, UNIX, and Windows does not properly revoke role membership from groups, which allows remote authenticated users to execute non-DDL statements by leveraging previous inherited possession of a role, a different vulnerability than CVE-2011-0757. | 6.5 |
| 2011-02-02 | CVE-2011-0757 | Permissions, Privileges, and Access Controls vulnerability in IBM DB2 IBM DB2 9.1 before FP10, 9.5 before FP6a, and 9.7 before FP2 on Linux, UNIX, and Windows does not properly revoke the DBADM authority, which allows remote authenticated users to execute non-DDL statements by leveraging previous possession of this authority. | 6.5 |
| 2011-02-01 | CVE-2011-0731 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in IBM DB2 Buffer overflow in the DB2 Administration Server (DAS) component in IBM DB2 9.1 before FP10, 9.5 before FP7, and 9.7 before FP3 on Linux, UNIX, and Windows allows remote attackers to execute arbitrary code via unspecified vectors. | 7.5 |