Filtered by vendor Ibm
Subscriptions
Filtered by product Db2 Universal Database
Subscriptions
Total
67 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-5757 | 1 Ibm | 1 Db2 Universal Database | 2025-04-09 | N/A |
| Untrusted search path vulnerability in db2pd in IBM DB2 Universal Database (UDB) 8 before FixPak 16 and 9 before Fix Pack 4 allows local users to gain root privileges via a modified DB2INSTANCE environment variable that points to a malicious library. NOTE: this might be the same issue as CVE-2008-0697. | ||||
| CVE-2007-1086 | 5 Hp, Ibm, Linux and 2 more | 6 Hp-ux, Aix, Db2 Universal Database and 3 more | 2025-04-09 | N/A |
| Unspecified binaries in IBM DB2 8.x before 8.1 FixPak 15 and 9.1 before Fix Pack 2 allow local users to create or modify arbitrary files via unspecified environment variables related to "unsafe file access." | ||||
| CVE-2007-4271 | 1 Ibm | 1 Db2 Universal Database | 2025-04-09 | N/A |
| Directory traversal vulnerability in IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 allows local users to create arbitrary files via a .. (dot dot) in an unspecified environment variable, which is appended to "/tmp/" and used as a log file. NOTE: this issue might be related to symlink following. | ||||
| CVE-2007-4272 | 1 Ibm | 1 Db2 Universal Database | 2025-04-09 | N/A |
| Multiple vulnerabilities in IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 allow local users to create arbitrary files via (1) unspecified vectors where an attacker's umask is honored, (2) /etc/ld.so.preload, (3) certain "cron data file locations", and other unspecified vectors possibly involving the (4) OSSEMEMDBG or (5) TRC_LOG_FILE environment variable in db2licd (db2licm). | ||||
| CVE-2007-4418 | 1 Ibm | 1 Db2 Universal Database | 2025-04-09 | N/A |
| IBM DB2 UDB 8 before Fixpak 15 does not properly check authorization, which allows remote authenticated users with a certain SELECT privilege to have an unknown impact via unspecified vectors. NOTE: this issue is probably related to CVE-2007-1089, but this is uncertain due to lack of details. | ||||
| CVE-2007-4423 | 1 Ibm | 1 Db2 Universal Database | 2025-04-09 | N/A |
| Stack-based buffer overflow in the AUTH_LIST_GROUPS_FOR_AUTHID function in IBM DB2 UDB 9.1 before Fixpak 3 allows attackers to cause a denial of service and possibly execute arbitrary code via a long argument. | ||||
| CVE-2007-5758 | 1 Ibm | 1 Db2 Universal Database | 2025-04-09 | N/A |
| Stack-based buffer overflow in db2dasrrm in the DB2 Administration Server (DAS) in IBM DB2 Universal Database 9.5 before Fix Pack 1, 9.1 before Fix Pack 4a, and 8 before FixPak 16 allows local users to execute arbitrary code via a long DASPROF environment variable. | ||||
| CVE-2008-3852 | 1 Ibm | 1 Db2 Universal Database | 2025-04-09 | N/A |
| Unspecified vulnerability in the CLR stored procedure deployment from IBM Database Add-Ins for Visual Studio in the Visual Studio Net component in IBM DB2 9.1 before Fixpak 5 and 9.5 before Fixpak 2 allows remote authenticated users to execute arbitrary code via unknown vectors. | ||||
| CVE-2007-6045 | 4 Ibm, Linux, Microsoft and 1 more | 4 Db2 Universal Database, Linux Kernel, Windows and 1 more | 2025-04-09 | N/A |
| Unspecified vulnerability in (1) DB2WATCH and (2) DB2FREEZE in IBM DB2 UDB 9.1 before Fixpak 4 has unknown impact and attack vectors. | ||||
| CVE-2007-6047 | 4 Ibm, Linux, Microsoft and 1 more | 4 Db2 Universal Database, Linux Kernel, Windows and 1 more | 2025-04-09 | N/A |
| Unspecified vulnerability in the DB2DART tool in IBM DB2 UDB 9.1 before Fixpak 4 allows attackers to execute arbitrary commands as the DB2 instance owner, related to invocation of TPUT by DB2DART. | ||||
| CVE-2007-6049 | 3 Ibm, Linux, Unix | 3 Db2 Universal Database, Linux Kernel, Unix | 2025-04-09 | N/A |
| Unspecified vulnerability in the SSL LOAD GSKIT action in IBM DB2 UDB 9.1 before Fixpak 4 has unknown impact and attack vectors, involving a call to dlopen when the effective uid is root. | ||||
| CVE-2007-6050 | 4 Ibm, Linux, Microsoft and 1 more | 4 Db2 Universal Database, Linux Kernel, Windows and 1 more | 2025-04-09 | N/A |
| Unspecified vulnerability in DB2LICD in IBM DB2 UDB 9.1 before Fixpak 4 has unknown impact and attack vectors, related to creation of an "insecure directory." | ||||
| CVE-2007-6051 | 4 Ibm, Linux, Microsoft and 1 more | 4 Db2 Universal Database, Linux Kernel, Windows and 1 more | 2025-04-09 | N/A |
| IBM DB2 UDB 9.1 before Fixpak 4 assigns incorrect privileges to the (1) DB2ADMNS and (2) DB2USERS alternative groups, which has unknown impact. NOTE: the vendor description of this issue is too vague to be certain that it is security-related. | ||||
| CVE-2008-3858 | 1 Ibm | 1 Db2 Universal Database | 2025-04-09 | N/A |
| The Downlevel DB2RA Support component in IBM DB2 9.1 before Fixpak 4a allows remote attackers to cause a denial of service (instance crash) via a crafted CONNECT data stream that simulates a V7 client connect request. | ||||
| CVE-2008-3960 | 1 Ibm | 1 Db2 Universal Database | 2025-04-09 | N/A |
| Unspecified vulnerability in the JDBC Applet Server Service (aka db2jds) in IBM DB2 UDB 8 before Fixpak 17 allows remote attackers to cause a denial of service (service crash) via "malicious packets." | ||||
| CVE-2007-6048 | 4 Ibm, Linux, Microsoft and 1 more | 4 Db2 Universal Database, Linux Kernel, Windows and 1 more | 2025-04-09 | N/A |
| IBM DB2 UDB 9.1 before Fixpak 4 uses incorrect permissions on ACLs for DB2NODES.CFG, which has unknown impact and attack vectors. NOTE: the vendor description of this issue is too vague to be certain that it is security-related. | ||||
| CVE-2001-1143 | 1 Ibm | 1 Db2 Universal Database | 2025-04-03 | N/A |
| IBM DB2 7.0 allows a remote attacker to cause a denial of service (crash) via a single byte to (1) db2ccs.exe on port 6790, or (2) db2jds.exe on port 6789. | ||||
| CVE-2002-1583 | 1 Ibm | 1 Db2 Universal Database | 2025-04-03 | N/A |
| Buffer overflow in sqllib/security/db2ckpw for IBM DB2 Universal Database 6.0 and 7.0 allows local users to execute arbitrary code via a long username that is read from a file descriptor argument. | ||||
| CVE-2003-0758 | 1 Ibm | 1 Db2 Universal Database | 2025-04-03 | N/A |
| Buffer overflow in db2dart in IBM DB2 Universal Data Base 7.2 before Fixpak 10 allows local users to gain root privileges via a long command line argument. | ||||
| CVE-2003-0759 | 1 Ibm | 1 Db2 Universal Database | 2025-04-03 | N/A |
| Buffer overflow in db2licm in IBM DB2 Universal Data Base 7.2 before Fixpak 10a allows local users to gain root privileges via a long command line argument. | ||||