CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Cvelist•added 2026/02/17 7:48 p.m.•22 views

CVE-2025-27900 Multiple vulnerabilities in IBM Java SDK affecting Db2 Recovery Expert for Linux, Unix and Windows

IBM DB2 Recovery Expert for LUW 5.5 Interim Fix 002 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a...

6.8CVSS0.00039EPSS

ATTACKERKB•added 2026/02/17 7:48 p.m.•2 views

CVE-2025-27900

6.8CVSS5.5AI score0.00039EPSS

ATTACKERKB•added 2026/02/17 7:35 p.m.•3 views

CVE-2025-27901

IBM DB2 Recovery Expert for LUW 5.5 Interim Fix 002 IBM Db2 Recovery Expert for Linux, UNIX and Windows is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system,...

6.5CVSS5.4AI score0.00052EPSS

Vulnrichment•added 2026/02/17 7:35 p.m.•3 views

CVE-2025-27901 Multiple vulnerabilities in IBM Java SDK affecting Db2 Recovery Expert for Linux, Unix and Windows

6.5CVSS5.4AI score0.00052EPSS

Cvelist•added 2026/02/17 7:35 p.m.•23 views

CVE-2025-27901 Multiple vulnerabilities in IBM Java SDK affecting Db2 Recovery Expert for Linux, Unix and Windows

6.5CVSS0.00052EPSS

CVE•added 2026/02/17 7:35 p.m.•5 views

CVE-2025-27901

IBM Db2 Recovery Expert for Linux, UNIX and Windows is vulnerable to HTTP header injection (improper validation of HOST headers). Exploitation could enable cross-site scripting, cache poisoning, or session hijacking. Affected product/version: DB2 Recovery Expert for LUW 5.5 IF 2. Remediation: upg...

6.5CVSS5.4AI score0.00052EPSS

ATTACKERKB•added 2026/02/17 7:32 p.m.•4 views

CVE-2025-27903

IBM DB2 Recovery Expert for LUW 5.5 Interim Fix 002 IBM Db2 Recovery Expert for Linux, UNIX and Windows transmits data in a cleartext communication channel that could allow an attacker to obtain sensitive information using man in the middle techniques...

5.9CVSS5.5AI score0.00016EPSS

Vulnrichment•added 2026/02/17 7:32 p.m.•3 views

CVE-2025-27903 Multiple vulnerabilities in IBM Java SDK affecting Db2 Recovery Expert for Linux, Unix and Windows

5.9CVSS5.5AI score0.00016EPSS

CVE•added 2026/02/17 7:32 p.m.•5 views

CVE-2025-27903

CVE-2025-27903 affects IBM Db2 Recovery Expert for Linux, UNIX and Windows (DB2 Recovery Expert for LUW, 5.5 IF 2). The IBM bulletin states the vulnerability allows a remote attacker to obtain sensitive information by transmitting data in a cleartext channel (man-in-the-middle risk). Base score 5...

5.9CVSS5.5AI score0.00016EPSS

Cvelist•added 2026/02/17 7:30 p.m.•22 views

CVE-2025-27904 Multiple vulnerabilities in IBM Java SDK affecting Db2 Recovery Expert for Linux, Unix and Windows

IBM DB2 Recovery Expert for LUW 5.5 Interim Fix 002 IBM Db2 Recovery Expert for Linux, UNIX and Windows is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts...

6.5CVSS0.00019EPSS

ATTACKERKB•added 2026/02/17 7:30 p.m.•3 views

CVE-2025-27904

6.5CVSS5.5AI score0.00019EPSS

Vulnrichment•added 2026/02/17 7:30 p.m.•2 views

CVE-2025-27904 Multiple vulnerabilities in IBM Java SDK affecting Db2 Recovery Expert for Linux, Unix and Windows

6.5CVSS5.4AI score0.00019EPSS

CVE•added 2026/02/17 7:30 p.m.•6 views

CVE-2025-27904

CVE-2025-27904 is a CSRF vulnerability in IBM Db2 Recovery Expert for LUW. Affected product: DB2 Recovery Expert for Linux, UNIX and Windows (5.5 IF 2). Description confirms that an attacker could trigger malicious actions transmitted from a trusted user session due to cross-site request forgery....

6.5CVSS5.5AI score0.00019EPSS

Cvelist•added 2026/02/17 7:14 p.m.•33 views

CVE-2025-33130 Fixes to common vulnerabilities found in IBM Db2 Merge Backup for Linux, UNIX and Windows

IBM DB2 Merge Backup for Linux, UNIX and Windows 12.1.0.0 could allow an authenticated user to cause the program to crash due to a buffer being overwritten when it is allocated on the stack...

6.5CVSS0.00062EPSS

CVE•added 2026/02/17 7:14 p.m.•8 views

CVE-2025-33130

IBM Db2 Merge Backup for Linux, UNIX and Windows 12.1.0.0 is affected by CVE-2025-33130 due to a buffer being overwritten on the stack, allowing an authenticated user to crash the program. The root cause is a stack-allocated buffer overwrite, leading to a possible denial of service without remote...

Vulnrichment•added 2026/02/17 7:14 p.m.•3 views

CVE-2025-33130 Fixes to common vulnerabilities found in IBM Db2 Merge Backup for Linux, UNIX and Windows

IBM DB2 Merge Backup for Linux, UNIX and Windows 12.1.0.0 could allow an authenticated user to cause the program to crash due to a buffer being overwritten when it is allocated on the stack...

Vulnrichment•added 2026/02/17 7:13 p.m.•4 views

CVE-2025-33124 Fixes to common vulnerabilities found in IBM Db2 Merge Backup for Linux, UNIX and Windows

IBM DB2 Merge Backup for Linux, UNIX and Windows 12.1.0.0 could allow an authenticated user to cause the program to crash due to the incorrect calculation of a buffer size...

Cvelist•added 2026/02/17 7:13 p.m.•22 views

CVE-2025-33124 Fixes to common vulnerabilities found in IBM Db2 Merge Backup for Linux, UNIX and Windows

IBM DB2 Merge Backup for Linux, UNIX and Windows 12.1.0.0 could allow an authenticated user to cause the program to crash due to the incorrect calculation of a buffer size...

6.5CVSS0.00062EPSS

CVE•added 2026/02/17 7:13 p.m.•5 views

CVE-2025-33124

CVE-2025-33124 affects IBM Db2 Merge Backup for Linux, UNIX and Windows v12.1.0.0. An authenticated user can crash the program due to an incorrect calculation of a buffer size in the affected component. The vulnerability is described in IBM’s bulletin and Red Hat/NVD entries, with an exploit path...