Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities
CVE-2025-36440
IBM Concert 1.0.0 through 2.2.0 could allow a local user to obtain sensitive information due to missing function level access control.
CVSS Score
5.1
EPSS Score
0.0
Published
2026-03-25
CVE-2025-64646
IBM Concert 1.0.0 through 2.2.0 could allow an attacker to access sensitive information in memory due to the buffer not properly clearing resources.
CVSS Score
6.2
EPSS Score
0.0
Published
2026-03-25
CVE-2025-64647
IBM Concert 1.0.0 through 2.2.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information
CVSS Score
5.9
EPSS Score
0.0
Published
2026-03-25
CVE-2025-64648
IBM Concert 1.0.0 through 2.2.0 transmits data in clear text that could allow an attacker to obtain sensitive information using man in the middle techniques.
CVSS Score
5.9
EPSS Score
0.0
Published
2026-03-25
CVE-2025-14912
IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks.
CVSS Score
5.4
EPSS Score
0.0
Published
2026-03-25
CVE-2025-14915
IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.3 IBM WebSphere Application Server Liberty is affected by privilege escalation. A privileged user could gain additional access to the application server.
CVSS Score
6.5
EPSS Score
0.0
Published
2026-03-25
CVE-2025-14917
IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.3 IBM WebSphere Application Server Liberty could provide weaker than expected security when administering security settings.
CVSS Score
6.7
EPSS Score
0.0
Published
2026-03-25
CVE-2025-14974
IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is vulnerable due to Insecure Direct Object Reference (IDOR).
CVSS Score
5.7
EPSS Score
0.0
Published
2026-03-25
CVE-2025-36258
IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 product stores user credentials and other sensitive information in plain text which can be read by a local user.
CVSS Score
7.1
EPSS Score
0.0
Published
2026-03-25
CVE-2025-14807
IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or session hijacking.
CVSS Score
6.5
EPSS Score
0.0
Published
2026-03-25


Products
Pricing
Contact Us

Shodan ® - All rights reserved