Lucene search
K

1411 matches found

CNNVD
CNNVD
added 2026/03/17 12:0 a.m.12 views

IBM DB2 Recovery Expert 安全漏洞

IBM DB2 Recovery Expert is a database recovery tool developed by IBM. Version 5.5 IF 2 of IBM Db2 Recovery Expert contains a security vulnerability. This vulnerability stems from an insecure mechanism used to verify data integrity during transmission, which could allow attackers to modify or...

9.1CVSS5.8AI score0.00152EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/16 9:36 p.m.6 views

Security Bulletin: IBM WebSphere Application Server Liberty, which is bundled with IBM Enterprise Application Runtimes, is affected by a denial of service vulnerability due to jose4j (CVE-2024-29371)

Summary IBM WebSphere Application Server Liberty, which is bundled with IBM Enterprise Application Runtimes, is affected by a denial of service vulnerability due to jose4j. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions...

7.5CVSS7.3AI score0.00244EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/09 3:12 p.m.4 views

Security Bulletin: IBM WebSphere Application Server Liberty, which is bundled with IBM WebSphere Hybrid Edition, is affected by a vulnerability that could provide weaker than expected security (CVE-2025-14923)

Summary IBM WebSphere Application Server Liberty, which is bundled with IBM WebSphere Hybrid Edition, is affected by a vulnerability that could provide weaker than expected security when using the Security Utility to administer security settings. Vulnerability Details Refer to the security...

9.8CVSS5.8AI score0.00173EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/04 3:3 p.m.6 views

Security Bulletin: SPSS Collaboration and Deployment Services is affected by multiple vulnerabilities in IBM WebSphere Application Server Liberty

Summary SPSS Collaboration and Deployment Services is affected by multiple vulnerabilities in IBM WebSphere Application Server Liberty CVE-2025-12635, CVE-2025-14914. This has been addressed in the remediation section. Vulnerability Details CVEID:CVE-2025-12635 DESCRIPTION: IBM WebSphere...

7.6CVSS6AI score0.0039EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2026/02/19 1:28 a.m.10 views

CVE-2025-27899

IBM DB2 Recovery Expert for LUW 5.5 Interim Fix 002 discloses sensitive information in an environment variable that could aid in further attacks against the system...

5.3CVSS5.4AI score0.00197EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/02/19 1:28 a.m.6 views

CVE-2025-27904

IBM DB2 Recovery Expert for LUW 5.5 Interim Fix 002 IBM Db2 Recovery Expert for Linux, UNIX and Windows is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts...

6.5CVSS5.5AI score0.00112EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/02/19 1:27 a.m.11 views

CVE-2025-27898

IBM DB2 Recovery Expert for LUW 5.5 Interim Fix 002 does not invalidate session after a timeout which could allow an authenticated user to impersonate another user on the system...

6.3CVSS5.5AI score0.00154EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2026/02/18 11:30 a.m.24 views

Security Bulletin: Denial of Service vulnerability affect IBM Business Automation Workflow traditional - CVE-2025-46392

Summary IBM Business Automation Workflow embedded Navigator packages a vulnerable version of Apache commons-configuration. Vulnerability Details CVEID:CVE-2025-46392 DESCRIPTION: Uncontrolled Resource Consumption vulnerability in Apache Commons Configuration 1.x. There are a number of issues in...

6.5CVSS6.3AI score0.01663EPSS
Exploits0Affected Software1
NVD
NVD
added 2026/02/17 10:18 p.m.12 views

CVE-2025-33135

IBM Financial Transaction Manager for ACH Services and Check Services for Multi-Platform 3.0.0.0 through 3.0.5.4 Interim Fix 027 IBM Financial Transaction Manager for Check Services v3 Multiplatforms is vulnerable to cross-site scripting. This vulnerability allows an unauthenticated attacker to...

6.1CVSS0.00172EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/02/17 9:37 p.m.6 views

CVE-2025-33135 IBM Financial Transaction Manager for ACH Services and Check Services is impacted by multiple vulnerabilities

IBM Financial Transaction Manager for ACH Services and Check Services for Multi-Platform 3.0.0.0 through 3.0.5.4 Interim Fix 027 IBM Financial Transaction Manager for Check Services v3 Multiplatforms is vulnerable to cross-site scripting. This vulnerability allows an unauthenticated attacker to...

6.1CVSS5.1AI score0.00172EPSS
Exploits0References1
OSV
OSV
added 2026/02/17 8:22 p.m.3 views

CVE-2025-27900

IBM DB2 Recovery Expert for LUW 5.5 Interim Fix 002 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a...

6.1CVSS5.6AI score0.00137EPSS
Exploits0References1
OSV
OSV
added 2026/02/17 8:22 p.m.5 views

CVE-2025-27899

IBM DB2 Recovery Expert for LUW 5.5 Interim Fix 002 discloses sensitive information in an environment variable that could aid in further attacks against the system...

5.3CVSS5.8AI score0.00197EPSS
Exploits0References1
NVD
NVD
added 2026/02/17 8:22 p.m.5 views

CVE-2025-27904

IBM DB2 Recovery Expert for LUW 5.5 Interim Fix 002 IBM Db2 Recovery Expert for Linux, UNIX and Windows is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts...

6.5CVSS0.00112EPSS
Exploits0References1
OSV
OSV
added 2026/02/17 8:22 p.m.4 views

CVE-2025-27904

IBM DB2 Recovery Expert for LUW 5.5 Interim Fix 002 IBM Db2 Recovery Expert for Linux, UNIX and Windows is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts...

6.5CVSS5.7AI score0.00112EPSS
Exploits0References1
NVD
NVD
added 2026/02/17 8:22 p.m.10 views

CVE-2025-27898

IBM DB2 Recovery Expert for LUW 5.5 Interim Fix 002 does not invalidate session after a timeout which could allow an authenticated user to impersonate another user on the system...

6.3CVSS0.00154EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/02/17 7:50 p.m.27 views

CVE-2025-27899 Multiple vulnerabilities in IBM Java SDK affecting Db2 Recovery Expert for Linux, Unix and Windows

IBM DB2 Recovery Expert for LUW 5.5 Interim Fix 002 discloses sensitive information in an environment variable that could aid in further attacks against the system...

5.3CVSS0.00197EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/02/17 7:48 p.m.5 views

CVE-2025-27900

IBM DB2 Recovery Expert for LUW 5.5 Interim Fix 002 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a...

6.8CVSS5.5AI score0.00137EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/02/17 7:35 p.m.7 views

CVE-2025-27901

IBM DB2 Recovery Expert for LUW 5.5 Interim Fix 002 IBM Db2 Recovery Expert for Linux, UNIX and Windows is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system,...

6.5CVSS5.4AI score0.00168EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/02/17 7:30 p.m.5 views

CVE-2025-27904

IBM DB2 Recovery Expert for LUW 5.5 Interim Fix 002 IBM Db2 Recovery Expert for Linux, UNIX and Windows is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts...

6.5CVSS5.5AI score0.00112EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/02/17 12:0 a.m.9 views

PT-2026-20243

Name of the Vulnerable Software and Affected Versions IBM Financial Transaction Manager for ACH Services and Check Services for Multi-Platform versions 3.0.0.0 through 3.0.5.4 Interim Fix 027 Description The software is susceptible to cross-site scripting. An unauthenticated attacker can embed...

6.1CVSS5.1AI score0.00172EPSS
Exploits0References4
Rows per page
Query Builder