Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Aspera Streaming Security Vulnerabilities

cve
cve

CVE-2020-4432

Certain IBM Aspera applications are vulnerable to command injection after valid authentication, which could allow an attacker with intimate knowledge of the system to execute commands in a SOAP API. IBM X-Force ID: 180810.

7.5CVSS

7.8AI Score

0.001EPSS

2020-06-10 01:15 PM
26
cve
cve

CVE-2020-4433

Certain IBM Aspera applications are vulnerable to a stack-based buffer overflow, caused by improper bounds checking. This could allow a remote attacker with intimate knowledge of the server to execute arbitrary code on the system with the privileges of root or cause server to crash. IBM X-Force ID:...

7.5CVSS

7.8AI Score

0.005EPSS

2020-06-10 01:15 PM
31
cve
cve

CVE-2020-4434

Certain IBM Aspera applications are vulnerable to buffer overflow based on the product configuration and valid authentication, which could allow an attacker with intimate knowledge of the system to execute arbitrary code or perform a denial-of-service (DoS) through the http fallback service. IBM X-...

7.5CVSS

7.8AI Score

0.002EPSS

2020-06-10 01:15 PM
23
cve
cve

CVE-2020-4435

Certain IBM Aspera applications are vulnerable to arbitrary memory corruption based on the product configuration, which could allow an attacker with intimate knowledge of the system to execute arbitrary code or perform a denial-of-service (DoS) through the http fallback service. IBM X-Force ID: 180...

7.5CVSS

7.8AI Score

0.001EPSS

2020-06-10 01:15 PM
25
cve
cve

CVE-2020-4436

Certain IBM Aspera applications are vulnerable to buffer overflow after valid authentication, which could allow an attacker with intimate knowledge of the system to execute arbitrary code through a service. IBM X-Force ID: 180902.

7.5CVSS

7.8AI Score

0.002EPSS

2020-06-10 01:15 PM
20
cve
cve

CVE-2021-38870

IBM Aspera Cloud is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 208343.

5.4CVSS

5.1AI Score

0.001EPSS

2021-09-23 06:15 PM
18
cve
cve

CVE-2023-27283

IBM Aspera Orchestrator 4.0.1 could allow a remote attacker to enumerate usernames due to observable response discrepancies. IBM X-Force ID: 248545.

5.3CVSS

6.4AI Score

0.0004EPSS

2024-05-04 02:16 PM
30
cve
cve

CVE-2023-27284

IBM Aspera Cargo 4.2.5 and IBM Aspera Connect 4.2.5 are vulnerable to a buffer overflow, caused by improper bounds checking. An attacker could overflow a buffer and execute arbitrary code on the system. IBM X-Force ID: 248616.

9.8CVSS

9.4AI Score

0.003EPSS

2023-04-02 09:15 PM
34
cve
cve

CVE-2023-27286

IBM Aspera Cargo 4.2.5 and IBM Aspera Connect 4.2.5 are vulnerable to a buffer overflow, caused by improper bounds checking. An attacker could overflow a buffer and execute arbitrary code on the system. IBM X-Force ID: 248616.

9.8CVSS

9.4AI Score

0.003EPSS

2023-04-02 09:15 PM
34
cve
cve

CVE-2023-37407

IBM Aspera Orchestrator 4.0.1 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request. IBM X-Force ID: 260116.

8.8CVSS

7.1AI Score

0.0004EPSS

2024-05-03 04:15 PM
45