Vulnerabilities > IBM > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-07-10 | CVE-2023-27867 | Code Injection vulnerability in IBM DB2 10.5.0.11/11.1.4.7/11.5 IBM Db2 JDBC Driver for Db2 for Linux, UNIX and Windows 10.5, 11.1, and 11.5 could allow a remote authenticated attacker to execute arbitrary code via JNDI Injection. | 8.8 |
| 2023-07-10 | CVE-2023-27868 | Code Injection vulnerability in IBM DB2 10.5.0.11/11.1.4.7/11.5 IBM Db2 JDBC Driver for Db2 for Linux, UNIX and Windows 10.5, 11.1, and 11.5 could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an unchecked class instantiation when providing plugin classes. | 8.8 |
| 2023-07-10 | CVE-2023-27869 | Code Injection vulnerability in IBM DB2 10.5.0.11/11.1.4.7/11.5 IBM Db2 JDBC Driver for Db2 for Linux, UNIX and Windows 10.5, 11.1, and 11.5 could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an unchecked logger injection. | 8.8 |
| 2023-07-10 | CVE-2023-28958 | Improper Neutralization of Formula Elements in a CSV File vulnerability in IBM Watson Knowledge Catalog on Cloud PAK for Data 4.0 IBM Watson Knowledge Catalog on Cloud Pak for Data 4.0 is potentially vulnerable to CSV Injection. | 7.8 |
| 2023-07-10 | CVE-2023-30431 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in IBM DB2 10.5.0.11/11.1.4.7/11.5 IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 db2set is vulnerable to a buffer overflow, caused by improper bounds checking. | 7.8 |
| 2023-07-10 | CVE-2023-30442 | Unspecified vulnerability in IBM DB2 11.1.4.7/11.5 IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.1 and 11.5 federated server is vulnerable to a denial of service as the server may crash when using a specially crafted wrapper using certain options. | 7.5 |
| 2023-07-10 | CVE-2023-30445 | Unspecified vulnerability in IBM DB2 10.5.0.11/11.1.4.7/11.5 IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted query on certain tables. | 7.5 |
| 2023-07-10 | CVE-2023-30446 | Unspecified vulnerability in IBM DB2 10.5.0.11/11.1.4.7/11.5 IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted query on certain tables. | 7.5 |
| 2023-07-10 | CVE-2023-30447 | Unspecified vulnerability in IBM DB2 10.5.0.11/11.1.4.7/11.5 IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted query on certain tables. | 7.5 |
| 2023-07-10 | CVE-2023-30448 | Unspecified vulnerability in IBM DB2 10.5.0.11/11.1.4.7/11.5 IBM DB2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted query on certain tables. | 7.5 |