61 matches found
EUVD-2026-12657
IBM Db2 Recovery Expert for Linux, UNIX and Windows 5.5 IF 2 could allow an attacker to modify or corrupt data due to an insecure mechanism used for verifying the integrity of the data during transmission...
CVE-2026-3856
IBM Db2 Recovery Expert for Linux, UNIX and Windows 5.5 IF 2 could allow an attacker to modify or corrupt data due to an insecure mechanism used for verifying the integrity of the data during transmission...
CVE-2026-3856 IBM Db2 Recovery Expert Missing Integrity Check
IBM Db2 Recovery Expert for Linux, UNIX and Windows 5.5 IF 2 could allow an attacker to modify or corrupt data due to an insecure mechanism used for verifying the integrity of the data during transmission...
Security Bulletin: CVE-2026-3856 found in IBM Db2 Recovery Expert for Linux, UNIX and Windows v5.5
Summary IBM Db2 Recovery Expert for Linux, UNIX and Windows could allow an attacker to modify or corrupt data due to an insecure mechanism used for verifying the integrity of the data during transmission. Vulnerability Details ID: CVE-2026-3856 DESCRIPTION: IBM DB2 Recovery Expert for Linux, UNIX...
IBM DB2 Recovery Expert 安全漏洞
IBM DB2 Recovery Expert is a database recovery tool developed by IBM. Version 5.5 IF 2 of IBM Db2 Recovery Expert contains a security vulnerability. This vulnerability stems from an insecure mechanism used to verify data integrity during transmission, which could allow attackers to modify or...
Security Bulletin: Multiple vulnerabilities in IBM Java SDK affecting Db2 Recovery Expert for Linux, Unix and Windows
Summary There are multiple vulnerabilities in IBM Java SDK affecting Db2 Recovery Expert for Linux, Unix and Windows. All platforms are affected, and all previous versions may also be affected. Vulnerability Details CVEID:CVE-2024-3933 DESCRIPTION: In Eclipse OpenJ9 release versions prior to 0.44...
CVE-2025-27903
IBM DB2 Recovery Expert for LUW 5.5 Interim Fix 002 IBM Db2 Recovery Expert for Linux, UNIX and Windows transmits data in a cleartext communication channel that could allow an attacker to obtain sensitive information using man in the middle techniques...
CVE-2025-27898 Multiple vulnerabilities in IBM Java SDK affecting Db2 Recovery Expert for Linux, Unix and Windows
IBM DB2 Recovery Expert for LUW 5.5 Interim Fix 002 does not invalidate session after a timeout which could allow an authenticated user to impersonate another user on the system...
CVE-2025-27898 Multiple vulnerabilities in IBM Java SDK affecting Db2 Recovery Expert for Linux, Unix and Windows
IBM DB2 Recovery Expert for LUW 5.5 Interim Fix 002 does not invalidate session after a timeout which could allow an authenticated user to impersonate another user on the system...
CVE-2025-27898
CVE-2025-27898 affects IBM DB2 Recovery Expert for LUW, version 5.5 Interim Fix 002. The issue is that sessions are not invalidated after a timeout, which could allow an authenticated user to impersonate another user on the system. Root cause is a lack of session invalidation after inactivity. Im...
CVE-2025-27899 Multiple vulnerabilities in IBM Java SDK affecting Db2 Recovery Expert for Linux, Unix and Windows
IBM DB2 Recovery Expert for LUW 5.5 Interim Fix 002 discloses sensitive information in an environment variable that could aid in further attacks against the system...
CVE-2025-27899 Multiple vulnerabilities in IBM Java SDK affecting Db2 Recovery Expert for Linux, Unix and Windows
IBM DB2 Recovery Expert for LUW 5.5 Interim Fix 002 discloses sensitive information in an environment variable that could aid in further attacks against the system...
CVE-2025-27899
CVE-2025-27899 affects IBM DB2 Recovery Expert for LUW 5.5 Interim Fix 002. Connected sources confirm that sensitive information is disclosed via an environment variable, which could aid in subsequent attacks. The NVD/IBM metadata lists CVSSv3.1 metrics (AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) with ...
CVE-2025-27900
IBM DB2 Recovery Expert for LUW 5.5 Interim Fix 002 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a...
CVE-2025-27900 Multiple vulnerabilities in IBM Java SDK affecting Db2 Recovery Expert for Linux, Unix and Windows
IBM DB2 Recovery Expert for LUW 5.5 Interim Fix 002 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a...
CVE-2025-27900 Multiple vulnerabilities in IBM Java SDK affecting Db2 Recovery Expert for Linux, Unix and Windows
IBM DB2 Recovery Expert for LUW 5.5 Interim Fix 002 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a...
CVE-2025-27900
IBM DB2 Recovery Expert for LUW 5.5 Interim Fix 002 is affected by an open redirect vulnerability that could allow a remote attacker to perform phishing by spoofing the URL and redirecting users to a malicious site. Affected component: DB2 Recovery Expert for LUW 5.5 Interim Fix 002. Underlying i...
CVE-2025-27901 Multiple vulnerabilities in IBM Java SDK affecting Db2 Recovery Expert for Linux, Unix and Windows
IBM DB2 Recovery Expert for LUW 5.5 Interim Fix 002 IBM Db2 Recovery Expert for Linux, UNIX and Windows is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system,...
CVE-2025-27901 Multiple vulnerabilities in IBM Java SDK affecting Db2 Recovery Expert for Linux, Unix and Windows
IBM DB2 Recovery Expert for LUW 5.5 Interim Fix 002 IBM Db2 Recovery Expert for Linux, UNIX and Windows is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system,...
CVE-2025-27901
CVE-2025-27901 affects IBM DB2 Recovery Expert for LUW 5.5 Interim Fix 002. The vulnerability stems from improper validation of input in the HOST header, enabling HTTP header injection. This could allow an attacker to perform cross-site scripting, cache poisoning, or session hijacking against the...