Security Bulletin: The following vulnerabilities that can affect IBM Storage Scale Management GUI and/or system health monitoring are now fixed in 5.2.3.7 or higher and 6.0.0.2 or higher

Summary The following vulnerabilities, which can affect IBM Storage Scale Management GUI and/or system health monitoring and could provide weaker-than-expected security, are now fixed in Storage Scale 5.2.3.7 or higher or 6.0.0.2 or higher. Vulnerability Details CVEID:CVE-2025-66418 DESCRIPTION:...

Security Bulletin: A vulnerability has been identified in IBM Elastic Storage System 3000 GUI where an unauthorised user can execute commands (CVE-2020-4348)

Summary A security vulnerability has been identified in IBM Elastic Storage System 3000 GUI that could allow an unauthorised user to execute commands . A fix for this vulnerability is available. Vulnerability Details CVEID: CVE-2020-4348 DESCRIPTION: IBM Spectrum Scale 4.2.0.0 through 4.2.3.21 an...

Security Bulletin: IBM Elastic Storage System 3000 are affected by a vulnerability in IBM Spectrum Scale (CVE-2020-4412)

Summary Elastic Storage System 3000 is affected by a vulnerability in IBM Spectrum Scale which could cause a denial of service. Vulnerability Details CVEID: CVE-2020-4412 DESCRIPTION: The Spectrum Scale 4.2.0.0 through 4.2.3.21 and 5.0.0.0 through 5.0.4.3 file system component is affected by a...

Security Bulletin: A vulnerability has been identified in IBM Elastic Storage System GUI where authorised user can execute unauthorized function (CVE-2020-4378)

Summary A security vulnerability has been identified in all levels of IBM Elastic Storage System 3000 GUI. A fix for this vulnerability is available. Vulnerability Details CVEID: CVE-2020-4378 DESCRIPTION: IBM Spectrum Scale 5.0.0.0 through 5.0.4.4 could allow a privileged authenticated user to...

Security Bulletin: IBM Elastic Storage System 3000 GUI is affected by verbose error message (CVE-2020-4357)

Summary A security vulnerability has been identified in all levels of IBM Elastic Storage System 3000 GUI. A fix for this vulnerability is available. Vulnerability Details CVEID: CVE-2020-4357 DESCRIPTION: IBM Spectrum Scale 5.0.0.0 through 5.0.4.4 could allow a remote attacker to obtain sensitiv...

OpenEMR <= 6.0.0.2 XSS Vulnerability

OpenEMR is prone to an cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:open-emr:openemr";...

Security Bulletin: Apache Commons Codec Vulnerability Affects IBM Control Center

Summary Apache Commons Codec could allow a remote attacker to obtain sensitive information, caused by the improper validation of input. Vulnerability Details Third Party Entry: 177835 DESCRIPTION: Apache Commons Codec information disclosure CVSS Base score: 7.5 CVSS Temporal Score: See:...

Security Bulletin: Multiple Java Vulnerabilities Impact IBM Control Center

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Version 7 and 8 that is used by IBM Control Center. These issues were disclosed as part of the IBM Java SDK updates in July 2020 Vulnerability Details CVEID: CVE-2020-14578 DESCRIPTION: An unspecified...

CVE-2019-13932

A vulnerability has been identified in XHQ All versions V6.0.0.2. The web application requests could be manipulated, causing the the application to behave in unexpected ways for legitimate users. Successful exploitation does not require for an attacker to be authenticated. A successful attack cou...

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect Rational Directory Administrator (CVE-2015-0488, CVE-2015-1916)

Summary There are multiple vulnerabilities in IBM Runtime Environment Java Technology Edition, Version 6 that is used by Rational Directory Administrator. These issues were disclosed as part of the IBM Java SDK updates in April 2015. Vulnerability Details CVEID: CVE-2015-0488 DESCRIPTION: An...

The Serv-U 6.0.0.2 Default Account and password little understood-vulnerability warning-the black bar safety net

Today, get a webshell. Find the serv-u directory. See ServUDaemon. ini GLOBAL Version=6.0.0.2 OpenFilesDownloadMode=Exclusive PacketTimeOut=3 0 0 LocalSetupPassword=ah6A0ED50ADD0A516DA36992DB43F3AA39 6.0.0.2 version. Once saw which said 6. 0 version of the default local administrative account and...