Vulnerabilities > IBM > DB2 > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-07-01 | CVE-2019-4101 | Unspecified vulnerability in IBM DB2 IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 10.1, 10.5, and 11.1 is vulnerable to a denial of service. | 5.5 |
| 2019-07-01 | CVE-2019-4057 | Unspecified vulnerability in IBM DB2 IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 could allow malicious user with access to the DB2 instance account to leverage a fenced execution process to execute arbitrary code as root. | 6.7 |
| 2018-12-14 | CVE-2018-1977 | Improper Input Validation vulnerability in IBM DB2 11.1 IBM DB2 for Linux, UNIX and Windows 11.1 (includes DB2 Connect Server) contains a denial of service vulnerability. | 6.5 |
| 2018-11-09 | CVE-2018-1857 | Information Exposure vulnerability in IBM DB2 11.1 IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.1 could allow a user to bypass FGAC control and gain access to data they shouldn't be able to see. | 6.5 |
| 2018-11-09 | CVE-2018-1799 | Unspecified vulnerability in IBM DB2 IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 could allow a local unprivileged user to overwrite files on the system which could cause damage to the database. | 5.5 |
| 2018-09-21 | CVE-2018-1685 | Information Exposure vulnerability in IBM DB2 IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 contains a vulnerability in db2cacpy that could allow a local user to read any file on the system. | 5.5 |
| 2018-05-25 | CVE-2018-1452 | Unspecified vulnerability in IBM DB2 IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 contains a vulnerability that could allow a local user to overwrite arbitrary files owned by the DB2 instance owner. | 5.5 |
| 2018-05-25 | CVE-2018-1451 | Unspecified vulnerability in IBM DB2 IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 contains a vulnerability that could allow a local user to overwrite arbitrary files owned by the DB2 instance owner. | 5.5 |
| 2018-05-25 | CVE-2018-1450 | Unspecified vulnerability in IBM DB2 IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 contains a vulnerability that could allow a local user to overwrite arbitrary files owned by the DB2 instance owner. | 5.5 |
| 2018-05-25 | CVE-2018-1449 | Unspecified vulnerability in IBM DB2 IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 contains a vulnerability that could allow a local user to overwrite arbitrary files owned by the DB2 instance owner. | 5.5 |