Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities
CVE-2025-27904
IBM DB2 Recovery Expert for LUW 5.5 Interim Fix 002 IBM Db2 Recovery Expert for Linux, UNIX and Windows is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.
CVSS Score
6.5
EPSS Score
0.0
Published
2026-02-17
CVE-2025-13108
IBM DB2 Merge Backup for Linux, UNIX and Windows 12.1.0.0 could allow an attacker to access sensitive information in memory due to the buffer not properly clearing resources.
CVSS Score
5.5
EPSS Score
0.0
Published
2026-02-17
CVE-2025-27898
IBM DB2 Recovery Expert for LUW 5.5 Interim Fix 002 does not invalidate session after a timeout which could allow an authenticated user to impersonate another user on the system.
CVSS Score
6.3
EPSS Score
0.0
Published
2026-02-17
CVE-2023-38265
IBM Cloud Pak System 2.3.3.6, 2.3.3.7, 2.3.4.0, 2.3.4.1, and 2.3.5.0 could disclose folder location information to an unauthenticated attacker that could aid in further attacks against the system.
CVSS Score
5.3
EPSS Score
0.0
Published
2026-02-17
CVE-2026-26731
TOTOLINK A3002RU V2.1.1-B20211108.1455 was discovered to contain a stack-based buffer overflow via the routernamer`parameter in the formDnsv6 function.
CVSS Score
8.8
EPSS Score
0.001
Published
2026-02-17
CVE-2026-26732
TOTOLINK A3002RU V2.1.1-B20211108.1455 was discovered to contain a stack-based buffer overflow via the vpnUser or vpnPassword` parameters in the formFilter function.
CVSS Score
8.8
EPSS Score
0.001
Published
2026-02-17
CVE-2026-26736
TOTOLINK A3002RU_V3 V3.0.0-B20220304.1804 was discovered to contain a stack-based buffer overflow via the static_ipv6 parameter in the formIpv6Setup function.
CVSS Score
8.8
EPSS Score
0.001
Published
2026-02-17
CVE-2025-36018
IBM Concert 1.0.0 through 2.1.0 for Z hub componentĀ is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.
CVSS Score
6.5
EPSS Score
0.0
Published
2026-02-17
CVE-2025-36019
IBM Concert 1.0.0 through 2.1.0 for Z hub framework is vulnerable to cross-site scripting. This vulnerability allows an unauthenticated attacker to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
CVSS Score
6.1
EPSS Score
0.001
Published
2026-02-17
CVE-2024-43178
IBM Concert 1.0.0 through 2.1.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.
CVSS Score
5.9
EPSS Score
0.0
Published
2026-02-17


Products
Pricing
Contact Us

Shodan ® - All rights reserved