Vulnerabilities (CVE)

Filtered by vendor Opengroup Subscribe
Total 44 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2024-31880 4 Ibm, Linux, Microsoft and 1 more 4 Db2, Linux Kernel, Windows and 1 more 2024-11-06 N/A 6.5 MEDIUM
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to a denial of service, under specific configurations, as the server may crash when using a specially crafted SQL statement by an authenticated user.
CVE-2023-24040 1 Opengroup 1 Common Desktop Environment 2024-08-02 N/A 7.1 HIGH
dtprintinfo in Common Desktop Environment 1.6 has a bug in the parser of lpstat (an invoked external command) during listing of the names of available printers. This allows low-privileged local users to inject arbitrary printer names via the $HOME/.printers file. This injection allows those users to manipulate the control flow and disclose memory contents on Solaris 10 systems. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
CVE-2023-24039 1 Opengroup 1 Common Desktop Environment 2024-08-02 N/A 7.8 HIGH
A stack-based buffer overflow in ParseColors in libXm in Common Desktop Environment 1.6 can be exploited by local low-privileged users via the dtprintinfo setuid binary to escalate their privileges to root on Solaris 10 systems. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
CVE-2013-0629 4 Adobe, Apple, Microsoft and 1 more 4 Coldfusion, Mac Os X, Windows and 1 more 2024-07-16 4.3 MEDIUM 7.5 HIGH
Adobe ColdFusion 9.0, 9.0.1, 9.0.2, and 10, when a password is not configured, allows attackers to access restricted directories via unspecified vectors, as exploited in the wild in January 2013.
CVE-2013-0625 4 Adobe, Apple, Microsoft and 1 more 4 Coldfusion, Mac Os X, Windows and 1 more 2024-07-16 6.8 MEDIUM 9.8 CRITICAL
Adobe ColdFusion 9.0, 9.0.1, and 9.0.2, when a password is not configured, allows remote attackers to bypass authentication and possibly execute arbitrary code via unspecified vectors, as exploited in the wild in January 2013.
CVE-2013-0631 4 Adobe, Apple, Microsoft and 1 more 4 Coldfusion, Mac Os X, Windows and 1 more 2024-07-16 5.0 MEDIUM 7.5 HIGH
Adobe ColdFusion 9.0, 9.0.1, and 9.0.2 allows attackers to obtain sensitive information via unspecified vectors, as exploited in the wild in January 2013.
CVE-2011-2462 4 Adobe, Apple, Microsoft and 1 more 5 Acrobat, Acrobat Reader, Mac Os X and 2 more 2024-06-28 10.0 HIGH 9.8 CRITICAL
Unspecified vulnerability in the U3D component in Adobe Reader and Acrobat 10.1.1 and earlier on Windows and Mac OS X, and Adobe Reader 9.x through 9.4.6 on UNIX, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unknown vectors, as exploited in the wild in December 2011.
CVE-2022-30333 4 Debian, Linux, Opengroup and 1 more 4 Debian Linux, Linux Kernel, Unix and 1 more 2024-06-28 5.0 MEDIUM 7.5 HIGH
RARLAB UnRAR before 6.12 on Linux and UNIX allows directory traversal to write to files during an extract (aka unpack) operation, as demonstrated by creating a ~/.ssh/authorized_keys file. NOTE: WinRAR and Android RAR are unaffected.
CVE-2023-40687 4 Ibm, Linux, Microsoft and 1 more 4 Db2, Linux Kernel, Windows and 1 more 2024-02-28 N/A 7.5 HIGH
IBM DB2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted RUNSTATS command on an 8TB table. IBM X-Force ID: 264809.
CVE-2024-1150 2 Opengroup, Snowsoftware 2 Unix, Snow Inventory Agent 2024-02-28 N/A 5.5 MEDIUM
Improper Verification of Cryptographic Signature vulnerability in Snow Software Inventory Agent on Unix allows File Manipulation through Snow Update Packages.This issue affects Inventory Agent: through 7.3.1.
CVE-2023-38727 4 Ibm, Linux, Microsoft and 1 more 4 Db2, Linux Kernel, Windows and 1 more 2024-02-28 N/A 7.5 HIGH
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted SQL statement. IBM X-Force ID: 262257.
CVE-2023-47701 4 Ibm, Linux, Microsoft and 1 more 4 Db2, Linux Kernel, Windows and 1 more 2024-02-28 N/A 7.5 HIGH
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted query. IBM X-Force ID: 266166.
CVE-2023-46167 4 Ibm, Linux, Microsoft and 1 more 4 Db2, Linux Kernel, Windows and 1 more 2024-02-28 N/A 7.5 HIGH
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 federated server is vulnerable to a denial of service when a specially crafted cursor is used. IBM X-Force ID: 269367.
CVE-2023-29258 4 Ibm, Linux, Microsoft and 1 more 4 Db2, Linux Kernel, Windows and 1 more 2024-02-28 N/A 7.5 HIGH
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.1, and 11.5 is vulnerable to a denial of service through a specially crafted federated query on specific federation objects. IBM X-Force ID: 252048.
CVE-2023-38728 4 Ibm, Linux, Microsoft and 1 more 4 Db2, Linux Kernel, Windows and 1 more 2024-02-28 N/A 7.5 HIGH
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted XML query statement. IBM X-Force ID: 262258.
CVE-2023-40235 1 Opengroup 1 Archi 2024-02-28 N/A 6.5 MEDIUM
An NTLM Hash Disclosure was discovered in ArchiMate Archi before 5.1.0. When parsing the XMLNS value of an ArchiMate project file, if the namespace does not match the expected ArchiMate URL, the parser will access the provided resource. If the provided resource is a UNC path pointing to a share server that does not accept a guest account, the host will try to authenticate on the share by using the current user's session. NOTE: this issue occurs because Archi uses an unsafe configuration of the Eclipse Modeling Framework.
CVE-2023-38719 4 Ibm, Linux, Microsoft and 1 more 4 Db2, Linux Kernel, Windows and 1 more 2024-02-28 N/A 4.4 MEDIUM
IBM Db2 11.5 could allow a local user with special privileges to cause a denial of service during database deactivation on DPF. IBM X-Force ID: 261607.
CVE-2023-40373 4 Ibm, Linux, Microsoft and 1 more 4 Db2, Linux Kernel, Windows and 1 more 2024-02-28 N/A 7.5 HIGH
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) is vulnerable to denial of service with a specially crafted query containing common table expressions. IBM X-Force ID: 263574.
CVE-2023-38720 4 Ibm, Linux, Microsoft and 1 more 4 Db2, Linux Kernel, Windows and 1 more 2024-02-28 N/A 7.5 HIGH
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 and 11.5 is vulnerable to denial of service with a specially crafted ALTER TABLE statement. IBM X-Force ID: 261616.
CVE-2023-40374 4 Ibm, Linux, Microsoft and 1 more 4 Db2, Linux Kernel, Windows and 1 more 2024-02-28 N/A 7.5 HIGH
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 is vulnerable to denial of service with a specially crafted query statement. IBM X-Force ID: 263575.