The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of DB2 LUW

vulnerability alert CVE-2019-4322

IBM DB2: buffer overflow

Synthesis of the vulnerability

An attacker can trigger a buffer overflow of IBM DB2, in order to trigger a denial of service, and possibly to run code.
Impacted products: DB2 UDB.
Severity: 2/4.
Consequences: user access/rights, denial of service on service, denial of service on client.
Provenance: user account.
Creation date: 02/07/2019.
Identifiers: CVE-2019-4322, ibm10884444, VIGILANCE-VUL-29671.

Description of the vulnerability

An attacker can trigger a buffer overflow of IBM DB2, in order to trigger a denial of service, and possibly to run code.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability note CVE-2019-4386

IBM DB2: denial of service via Function

Synthesis of the vulnerability

An attacker can trigger a fatal error via Function of IBM DB2, in order to trigger a denial of service.
Impacted products: DB2 UDB.
Severity: 1/4.
Consequences: denial of service on service.
Provenance: user account.
Creation date: 28/06/2019.
Identifiers: CVE-2019-4386, ibm10886809, VIGILANCE-VUL-29649.

Description of the vulnerability

An attacker can trigger a fatal error via Function of IBM DB2, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability bulletin CVE-2019-4102

IBM DB2: information disclosure via TLS 1.2 3DES

Synthesis of the vulnerability

An attacker can bypass access restrictions to data via TLS 1.2 3DES of IBM DB2, in order to obtain sensitive information.
Impacted products: DB2 UDB.
Severity: 1/4.
Consequences: data reading.
Provenance: document.
Creation date: 28/06/2019.
Identifiers: CVE-2019-4102, ibm10880743, VIGILANCE-VUL-29648.

Description of the vulnerability

An attacker can bypass access restrictions to data via TLS 1.2 3DES of IBM DB2, in order to obtain sensitive information.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability announce CVE-2019-4101

IBM DB2: denial of service via Diagnostic

Synthesis of the vulnerability

An attacker can trigger a fatal error via Diagnostic of IBM DB2, in order to trigger a denial of service.
Impacted products: DB2 UDB.
Severity: 1/4.
Consequences: denial of service on service, denial of service on client.
Provenance: user account.
Creation date: 28/06/2019.
Identifiers: CVE-2019-4101, ibm10880741, VIGILANCE-VUL-29647.

Description of the vulnerability

An attacker can trigger a fatal error via Diagnostic of IBM DB2, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability alert CVE-2019-4154

IBM DB2: buffer overflow

Synthesis of the vulnerability

An attacker can trigger a buffer overflow of IBM DB2, in order to trigger a denial of service, and possibly to run code.
Impacted products: DB2 UDB.
Severity: 2/4.
Consequences: administrator access/rights, privileged access/rights, denial of service on service.
Provenance: user account.
Creation date: 28/06/2019.
Identifiers: CVE-2019-4154, ibm10880737, VIGILANCE-VUL-29646.

Description of the vulnerability

An attacker can trigger a buffer overflow of IBM DB2, in order to trigger a denial of service, and possibly to run code.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability CVE-2019-4057

IBM DB2: privilege escalation via Fenced User

Synthesis of the vulnerability

An attacker can bypass restrictions via Fenced User of IBM DB2, in order to escalate his privileges.
Impacted products: DB2 UDB.
Severity: 2/4.
Consequences: administrator access/rights, privileged access/rights.
Provenance: user shell.
Creation date: 28/06/2019.
Identifiers: CVE-2019-4057, ibm10880735, VIGILANCE-VUL-29645.

Description of the vulnerability

An attacker can bypass restrictions via Fenced User of IBM DB2, in order to escalate his privileges.
Full Vigil@nce bulletin... (Free trial)

vulnerability alert CVE-2019-4014

IBM DB2: buffer overflow

Synthesis of the vulnerability

An attacker can trigger a buffer overflow of IBM DB2, in order to trigger a denial of service, and possibly to run code.
Impacted products: DB2 UDB.
Severity: 2/4.
Consequences: privileged access/rights, user access/rights, denial of service on service, denial of service on client.
Provenance: user shell.
Creation date: 02/04/2019.
Identifiers: CVE-2019-4014, ibm10878793, VIGILANCE-VUL-28911.

Description of the vulnerability

An attacker can trigger a buffer overflow of IBM DB2, in order to trigger a denial of service, and possibly to run code.
Full Vigil@nce bulletin... (Free trial)

vulnerability CVE-2018-1936

IBM DB2: buffer overflow via libdb2e.so.1

Synthesis of the vulnerability

An attacker can trigger a buffer overflow via libdb2e.so.1 of IBM DB2, in order to trigger a denial of service, and possibly to run code.
Impacted products: DB2 UDB.
Severity: 2/4.
Consequences: user access/rights, denial of service on service, denial of service on client.
Provenance: user shell.
Creation date: 02/04/2019.
Identifiers: CVE-2018-1936, ibm10741481, VIGILANCE-VUL-28910.

Description of the vulnerability

An attacker can trigger a buffer overflow via libdb2e.so.1 of IBM DB2, in order to trigger a denial of service, and possibly to run code.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability alert CVE-2019-4094

IBM DB2: privilege escalation via Shared Libraries Loading

Synthesis of the vulnerability

An attacker can bypass restrictions via Shared Libraries Loading of IBM DB2, in order to escalate his privileges.
Impacted products: DB2 UDB.
Severity: 2/4.
Consequences: administrator access/rights, privileged access/rights.
Provenance: user shell.
Creation date: 13/03/2019.
Identifiers: CVE-2019-4094, ibm10875860, VIGILANCE-VUL-28736.

Description of the vulnerability

An attacker can bypass restrictions via Shared Libraries Loading of IBM DB2, in order to escalate his privileges.
Full Vigil@nce bulletin... (Free trial)

vulnerability alert CVE-2018-1922 CVE-2018-1923 CVE-2018-1978

IBM DB2: six vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of IBM DB2.
Impacted products: DB2 UDB.
Severity: 2/4.
Consequences: privileged access/rights, user access/rights, denial of service on service.
Provenance: user shell.
Number of vulnerabilities in this bulletin: 6.
Creation date: 08/03/2019.
Identifiers: CVE-2018-1922, CVE-2018-1923, CVE-2018-1978, CVE-2018-1980, CVE-2019-4015, CVE-2019-4016, ibm10740413, VIGILANCE-VUL-28691.

Description of the vulnerability

An attacker can use several vulnerabilities of IBM DB2.
Full Vigil@nce bulletin... (Free trial)
Our database contains other pages. You can request a free trial to read them.

Display information about DB2 LUW: