The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of DB2 LUW

snakeyaml: external YAML entity injection
An attacker can transmit malicious YAML data to snakeyaml, in order to read a file, scan sites, or trigger a denial of service...
6198380, CVE-2017-18640, FEDORA-2020-23012fafbc, VIGILANCE-VUL-32101
IBM DB2: multiple vulnerabilities in libraries
An attacker can use several vulnerabilities in libraries used by IBM DB2...
6198380, CVE-2017-12972, CVE-2017-12973, CVE-2017-12974, CVE-2017-18640, CVE-2017-3734-REJECT, VIGILANCE-VUL-32090
Netty: overload via SSLv2Hello SslHandler
An attacker can trigger an overload via SSLv2Hello SslHandler of Netty, in order to trigger a denial of service...
6198380, CVE-2014-3488, DLA-2110-1, VIGILANCE-VUL-31648
IBM DB2: buffer overflow
An attacker can trigger a buffer overflow of IBM DB2, in order to trigger a denial of service, and possibly to run code...
2875875, 6221294, CERTFR-2020-AVI-098, CVE-2020-4204, VIGILANCE-VUL-31628
IBM DB2: denial of service via JDBC Client
An attacker can trigger a fatal error via JDBC Client of IBM DB2, in order to trigger a denial of service...
2875251, 6221294, CERTFR-2020-AVI-098, CVE-2020-4200, VIGILANCE-VUL-31627
IBM DB2: denial of service via Invalid Commands
An attacker can trigger a fatal error via Invalid Commands of IBM DB2, in order to trigger a denial of service...
2874621, CERTFR-2020-AVI-098, CVE-2020-4161, VIGILANCE-VUL-31626
IBM DB2: privilege escalation via Stored Procedures Owner
An attacker can bypass restrictions via Stored Procedures Owner of IBM DB2, in order to escalate his privileges...
2878809, 6221294, CERTFR-2020-AVI-098, CVE-2020-4230, VIGILANCE-VUL-31625
IBM DB2: memory leak
An attacker can create a memory leak of IBM DB2, in order to trigger a denial of service...
2876307, 6221294, CERTFR-2020-AVI-098, CVE-2020-4135, VIGILANCE-VUL-31624
IBM SDK: executing DLL code
An attacker can create a malicious DLL, and then put it in the current directory of IBM SDK, in order to execute code...
1289194, 3260187, 5694963, 5695611, 5695629, 5695653, 5695851, 6173781, 6199287, 6199289, 6201679, 6210521, 6210522, CVE-2019-4732, SUSE-SU-2020:0466-1, VIGILANCE-VUL-31514
FasterXML jackson-databind: external XML entity injection via jackson-mapper-asl
An attacker can transmit malicious XML data via jackson-mapper-asl to FasterXML jackson-databind, in order to read a file, scan sites, or trigger a denial of service...
6198380, CVE-2019-10172, DLA-2091-1, RHSA-2020:2058-01, RHSA-2020:2059-01, RHSA-2020:2060-01, RHSA-2020:2061-01, RHSA-2020:2106-01, RHSA-2020:2107-01, RHSA-2020:2108-01, RHSA-2020:2112-01, RHSA-2020:2113-01, RHSA-2020:2511-01, RHSA-2020:2512-01, RHSA-2020:2513-01, RHSA-2020:2515-01, VIGILANCE-VUL-31485
Our database contains other pages. You can request a free trial to read them.

Display information about DB2 LUW: