CVE-2025-36192

IBM DS8A00 R10.1 10.10.106.0 and IBM DS8A00 R10.0 10.1.3.010.2.45.0 and IBM DS8900F R9.4 89.40.83.089.42.18.089.44.5.0 IBM System Storage DS8000 could allow a local user with authorized CCW update permissions to delete or corrupt backups due to missing authorization in IBM Safeguarded Copy / GDPS...

EUVD-2025-205442

IBM DS8A00 R10.1 10.10.106.0 and IBM DS8A00 R10.0 10.1.3.010.2.45.0 and IBM DS8900F R9.4 89.40.83.089.42.18.089.44.5.0 IBM System Storage DS8000 could allow a local user with authorized CCW update permissions to delete or corrupt backups due to missing authorization in IBM Safeguarded Copy / GDPS...

CVE-2025-36192

CVE-2025-36192 affects IBM System Storage DS8000 family (DS8A00 with R10.0–R10.1 and DS8900F with R9.4). The root cause is missing authorization in Safeguarded Copy / GDPS logical corruption protection, enabling a local user with authorized CCW update permissions to delete or corrupt backups. IBM...

CVE-2025-36192 Missing Authorization with the DS8900F and DS8A00 Hardware Management Console

IBM DS8A00 R10.1 10.10.106.0 and IBM DS8A00 R10.0 10.1.3.010.2.45.0 and IBM DS8900F R9.4 89.40.83.089.42.18.089.44.5.0 IBM System Storage DS8000 could allow a local user with authorized CCW update permissions to delete or corrupt backups due to missing authorization in IBM Safeguarded Copy / GDPS...

PT-2025-53585

Name of the Vulnerable Software and Affected Versions IBM DS8A00 versions 10.10.106.0 IBM DS8A00 versions 10.1.3.010.2.45.0 IBM DS8900F versions 89.40.83.089.42.18.089.44.5.0 Description IBM System Storage DS8000 may allow a local user with authorized CCW update permissions to delete or corrupt...

EUVD-2020-30846

SpinetiX Fusion Digital Signage 3.4.8 and lower contains an authenticated path traversal vulnerability that allows attackers to manipulate file backup and deletion operations through unverified input parameters. Attackers can exploit path traversal techniques in index.php to write backup files to...

EUVD-2022-3274

Malicious code in bioql PyPI...

CVE-2022-28527

dhcms v20170919 was discovered to contain an arbitrary folder deletion vulnerability via /admin.php?r=admin/AdminBackup/del...

Google Pixel: Cropped or edited images can be recovered

Most of us have a camera on us at all times, and so photo taking and image sharing has become almost ubiquitous. But when sharing an image, you want to have control over what you share. And that might lead you to crop images, or redact parts of them. Maybe you cropped out a person that didn't wan...

htmly 安全漏洞

HTMLy is a PHP-based open source blogging platform. A security vulnerability exists in htmly version 2.8.1, which stems from the vulnerability to arbitrary file deletion on the local host when deleting backup files in htmly 2.8.1. The vulnerability could allow a remote attacker to delete arbitrar...

VMware Carbon Black Threat Analysis: FTCODE Ransomware

FTCODE is a fully PowerShell-based ransomware. It is distributed via malicious document files that contain macros or using VBScript to download and launch the malicious PowerShell script. FTCODE ransomware will scan a specific list of file extensions and encrypt them with Rijndael algorithm. Othe...

Sodinokibi ransomware exploits WebLogic Server vulnerability

This blog was authored by Pierre Cadieux, Colin Grady, Jaeson Schultz and Matt Valites Attackers are actively exploiting a recently disclosed vulnerability in Oracle WebLogic to install a new variant of ransomware called "Sodinokibi." Sodinokibi attempts to encrypt data in a user's directory and...

CVE-2016-1502

NetApp SnapCenter Server 1.0 and 1.0P1 allows remote attackers to partially bypass authentication and then list and delete backups via unspecified vectors...

CVE-2016-1502

CVE-2016-1502 affects NetApp SnapCenter Server versions 1.0 and 1.0P1, where an attacker can remotely bypass authentication and subsequently list and delete backups via unspecified vectors. The NVD entry rates this as HIGH (CVSSv3 base 7.3) with network attack vector, no privileges required, and ...

ManageEngine ServiceDesk Plus 8.0.0 Build 8013 Improper User Privileges

No description provided by source. ================================================================================ Secur-I Research Group Security Advisory SRG-2011-002 ================================================================================ Title : ManageEngine ServiceDesk Plus Improper...

Transaction was deadlocked

When trying to delete backups in Veeam console, occur error "Transaction Process ID xx was deadlocked on lock."...

ManageEngine ServiceDesk Plus 8.0.0 Build 8013 - Improper User Privileges

================================================================================ Secur-I Research Group Security Advisory SRG-2011-002 ================================================================================ Title : ManageEngine ServiceDesk Plus Improper User Privileges Management...

ManageEngine ServiceDesk Plus 8.0 Improper User Privileges

================================================================================ Secur-I Research Group Security Advisory SRG-2011-002 ================================================================================ Title : ManageEngine ServiceDesk Plus Improper User Privileges Management...