The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of DB2 LUW

computer vulnerability note CVE-2019-4386

IBM DB2: denial of service via Function

Synthesis of the vulnerability

An attacker can trigger a fatal error via Function of IBM DB2, in order to trigger a denial of service.
Impacted products: DB2 UDB.
Severity: 1/4.
Consequences: denial of service on service.
Provenance: user account.
Creation date: 28/06/2019.
Identifiers: CVE-2019-4386, ibm10886809, VIGILANCE-VUL-29649.

Description of the vulnerability

An attacker can trigger a fatal error via Function of IBM DB2, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability bulletin CVE-2019-4102

IBM DB2: information disclosure via TLS 1.2 3DES

Synthesis of the vulnerability

An attacker can bypass access restrictions to data via TLS 1.2 3DES of IBM DB2, in order to obtain sensitive information.
Impacted products: DB2 UDB.
Severity: 1/4.
Consequences: data reading.
Provenance: document.
Creation date: 28/06/2019.
Identifiers: CVE-2019-4102, ibm10880743, VIGILANCE-VUL-29648.

Description of the vulnerability

An attacker can bypass access restrictions to data via TLS 1.2 3DES of IBM DB2, in order to obtain sensitive information.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability announce CVE-2019-4101

IBM DB2: denial of service via Diagnostic

Synthesis of the vulnerability

An attacker can trigger a fatal error via Diagnostic of IBM DB2, in order to trigger a denial of service.
Impacted products: DB2 UDB.
Severity: 1/4.
Consequences: denial of service on service, denial of service on client.
Provenance: user account.
Creation date: 28/06/2019.
Identifiers: CVE-2019-4101, ibm10880741, VIGILANCE-VUL-29647.

Description of the vulnerability

An attacker can trigger a fatal error via Diagnostic of IBM DB2, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

vulnerability alert CVE-2019-4014

IBM DB2: buffer overflow

Synthesis of the vulnerability

An attacker can trigger a buffer overflow of IBM DB2, in order to trigger a denial of service, and possibly to run code.
Impacted products: DB2 UDB.
Severity: 2/4.
Consequences: privileged access/rights, user access/rights, denial of service on service, denial of service on client.
Provenance: user shell.
Creation date: 02/04/2019.
Identifiers: CVE-2019-4014, ibm10878793, VIGILANCE-VUL-28911.

Description of the vulnerability

An attacker can trigger a buffer overflow of IBM DB2, in order to trigger a denial of service, and possibly to run code.
Full Vigil@nce bulletin... (Free trial)

vulnerability CVE-2018-1936

IBM DB2: buffer overflow via libdb2e.so.1

Synthesis of the vulnerability

An attacker can trigger a buffer overflow via libdb2e.so.1 of IBM DB2, in order to trigger a denial of service, and possibly to run code.
Impacted products: DB2 UDB.
Severity: 2/4.
Consequences: user access/rights, denial of service on service, denial of service on client.
Provenance: user shell.
Creation date: 02/04/2019.
Identifiers: CVE-2018-1936, ibm10741481, VIGILANCE-VUL-28910.

Description of the vulnerability

An attacker can trigger a buffer overflow via libdb2e.so.1 of IBM DB2, in order to trigger a denial of service, and possibly to run code.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability alert CVE-2019-4094

IBM DB2: privilege escalation via Shared Libraries Loading

Synthesis of the vulnerability

An attacker can bypass restrictions via Shared Libraries Loading of IBM DB2, in order to escalate his privileges.
Impacted products: DB2 UDB.
Severity: 2/4.
Consequences: administrator access/rights, privileged access/rights.
Provenance: user shell.
Creation date: 13/03/2019.
Identifiers: CVE-2019-4094, ibm10875860, VIGILANCE-VUL-28736.

Description of the vulnerability

An attacker can bypass restrictions via Shared Libraries Loading of IBM DB2, in order to escalate his privileges.
Full Vigil@nce bulletin... (Free trial)

vulnerability alert CVE-2018-1922 CVE-2018-1923 CVE-2018-1978

IBM DB2: six vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of IBM DB2.
Impacted products: DB2 UDB.
Severity: 2/4.
Consequences: privileged access/rights, user access/rights, denial of service on service.
Provenance: user shell.
Number of vulnerabilities in this bulletin: 6.
Creation date: 08/03/2019.
Identifiers: CVE-2018-1922, CVE-2018-1923, CVE-2018-1978, CVE-2018-1980, CVE-2019-4015, CVE-2019-4016, ibm10740413, VIGILANCE-VUL-28691.

Description of the vulnerability

An attacker can use several vulnerabilities of IBM DB2.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability CVE-2018-1977

IBM DB2: denial of service via TRUNCATE System Z

Synthesis of the vulnerability

An attacker can generate a fatal error via TRUNCATE System Z of IBM DB2, in order to trigger a denial of service.
Impacted products: DB2 UDB.
Severity: 2/4.
Consequences: denial of service on service, denial of service on client.
Provenance: user account.
Creation date: 17/12/2018.
Identifiers: CVE-2018-1977, ibm10788089, VIGILANCE-VUL-28035.

Description of the vulnerability

An attacker can generate a fatal error via TRUNCATE System Z of IBM DB2, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability note CVE-2018-1723

IBM DB2 LUW: file reading via IBM Spectrum Scale

Synthesis of the vulnerability

A local attacker can read a file via IBM Spectrum Scale of IBM DB2 LUW, in order to obtain sensitive information.
Impacted products: DB2 UDB.
Severity: 2/4.
Consequences: data reading.
Provenance: document.
Creation date: 28/11/2018.
Identifiers: CVE-2018-1723, ibm10734067, VIGILANCE-VUL-27899.

Description of the vulnerability

A local attacker can read a file via IBM Spectrum Scale of IBM DB2 LUW, in order to obtain sensitive information.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability bulletin CVE-2018-1897

IBM DB2: buffer overflow via db2pdcfg

Synthesis of the vulnerability

An attacker can generate a buffer overflow via db2pdcfg of IBM DB2, in order to trigger a denial of service, and possibly to run code.
Impacted products: DB2 UDB.
Severity: 2/4.
Consequences: user access/rights, denial of service on service, denial of service on client.
Provenance: user shell.
Creation date: 28/11/2018.
Identifiers: CVE-2018-1897, ibm10737295, ibm10793417, VIGILANCE-VUL-27898.

Description of the vulnerability

An attacker can generate a buffer overflow via db2pdcfg of IBM DB2, in order to trigger a denial of service, and possibly to run code.
Full Vigil@nce bulletin... (Free trial)
Our database contains other pages. You can request a free trial to read them.

Display information about DB2 LUW: