Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (67 CVEs found)

Export CSV
CVE Vendors Products Updated CVSS v3.1
CVE-2003-0837 1 Ibm 1 Db2 Universal Database 2026-04-16 N/A
Stack-based buffer overflow in IBM DB2 Universal Data Base 7.2 for Windows, before Fixpak 10a, allows attackers with "Connect" privileges to execute arbitrary code via the INVOKE command.
CVE-2001-0052 1 Ibm 1 Db2 Universal Database 2026-04-16 N/A
IBM DB2 Universal Database version 6.1 allows users to cause a denial of service via a malformed query.
CVE-2003-1049 1 Ibm 1 Db2 Universal Database 2026-04-16 N/A
IBM DB2 Universal Database 7 before FixPak 12 creates certain DMS directories with insecure permissions (777), which allows local users to modify or delete certain DB2 files.
CVE-2005-4737 1 Ibm 1 Db2 Universal Database 2026-04-16 N/A
IBM DB2 Universal Database (UDB) 820 before ESE AIX 5765F4100 allows remote authenticated users to cause a denial of service (CPU consumption) by "abnormally" terminating a connection, which prevents db2agents from being properly cleared.
CVE-2006-3066 1 Ibm 1 Db2 Universal Database 2026-04-16 N/A
Buffer overflow in the TCP/IP listener in IBM DB2 Universal Database (UDB) before 8.1 FixPak 12 allows remote attackers to cause a denial of service (application crash) via a long MGRLVLLS message inside of an EXCSAT message when establishing a connection.
CVE-2006-3067 1 Ibm 1 Db2 Universal Database 2026-04-16 N/A
Multiple unspecified vulnerabilities in IBM DB2 Universal Database (UDB) before 8.1 FixPak 12 allow remote attackers to cause a denial of service (application crash) via a (1) "long column list" in the (a) REPLACE INTO and (b) INSERT INTO portions of the LOAD command or a (2) large number of values in an IN clause, possibly related to a buffer overflow.
CVE-2010-3739 1 Ibm 1 Db2 Universal Database 2025-04-11 N/A
The audit facility in the Security component in IBM DB2 UDB 9.5 before FP6a uses instance-level audit settings to capture connection (aka CONNECT and AUTHENTICATION) events in certain circumstances in which database-level audit settings were intended, which might make it easier for remote attackers to connect without discovery.