Vulnerabilities > IBM > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-09 | CVE-2023-28523 | Out-of-bounds Write vulnerability in IBM products IBM Informix Dynamic Server 12.10 and 14.10 onsmsync is vulnerable to a heap buffer overflow, caused by improper bounds checking which could allow an attacker to execute arbitrary code. | 7.8 |
| 2023-12-04 | CVE-2023-29258 | Unspecified vulnerability in IBM DB2 IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.1, and 11.5 is vulnerable to a denial of service through a specially crafted federated query on specific federation objects. | 7.5 |
| 2023-12-04 | CVE-2023-38727 | Unspecified vulnerability in IBM DB2 IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted SQL statement. | 7.5 |
| 2023-12-04 | CVE-2023-40687 | Unspecified vulnerability in IBM DB2 IBM DB2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted RUNSTATS command on an 8TB table. | 7.5 |
| 2023-12-04 | CVE-2023-38003 | Unspecified vulnerability in IBM DB2 10.5/11.1/11.5 IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 could allow a user with DATAACCESS privileges to execute routines that they should not have access to. | 7.2 |
| 2023-12-04 | CVE-2023-46167 | Unspecified vulnerability in IBM DB2 11.5.6/11.5.8 IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 federated server is vulnerable to a denial of service when a specially crafted cursor is used. | 7.5 |
| 2023-12-04 | CVE-2023-47701 | Unspecified vulnerability in IBM DB2 IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted query. | 7.5 |
| 2023-12-04 | CVE-2023-40692 | Resource Exhaustion vulnerability in IBM DB2 10.5/11.1/11.5 IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, 11.5 is vulnerable to denial of service under extreme stress conditions. | 7.5 |
| 2023-12-03 | CVE-2023-45178 | Unspecified vulnerability in IBM DB2 11.5 IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.5 CLI is vulnerable to a denial of service when a specially crafted request is used. | 7.5 |
| 2023-12-01 | CVE-2023-40699 | Unspecified vulnerability in IBM Infosphere Information Server 11.7.1 IBM InfoSphere Information Server 11.7 could allow a remote attacker to cause a denial of service due to improper input validation. | 7.5 |