CVE-2024-31882

MEDIUM Year: 2024
CVSS v3 Score
6.5
Medium
Weakness Type
CWE-943
View all →

Vulnerability Description

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.1 and 11.5 is vulnerable to a denial of service, under specific non default configurations, as the server may crash when using a specially crafted SQL statement by an authenticated user. IBM X-Force ID: 287614.

Related Vulnerabilities

CVE-2021-1349

MEDIUM
CVSS:6.5(Medium)

A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct Cypher query language injection attacks on an affected s...

CWE-9432021

CVE-2021-34712

MEDIUM
CVSS:6.5(Medium)

A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct cypher query language injection attacks on an affected s...

CWE-9432021

CVE-2024-35136

MEDIUM
CVSS:6.5(Medium)

IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) federated server 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted query under certain non default cond...

CWE-9432024

CVE-2020-5257

HIGH
CVSS:8.1(High)

In Administrate (rubygem) before version 0.13.0, when sorting by attributes on a dashboard, the direction parameter was not validated before being interpolated into the SQL query. This could present a...

CWE-9432020

CVE-2017-12904

HIGH
CVSS:8.8(High)

Improper Neutralization of Special Elements used in an OS Command in bookmarking function of Newsbeuter versions 0.7 through 2.9 allows remote attackers to perform user-assisted code execution by craf...

CWE-9432017

CVE-2018-7829

HIGH
CVSS:8.8(High)

An Improper Neutralization of Special Elements in Query vulnerability exists in the 1st Gen. Pelco Sarix Enhanced Camera and Spectra Enhanced PTZ Camera which allows an attacker to execute arbitrary s...

CWE-9432018