Lucene search
+L

151 matches found

CVE
CVE
added 1 hour ago10 views

CVE-2026-13473

IBM Storage Protect Client 8.1.0.0 through 8.1.27.0, 8.1.27.1, and 8.2.0.0 through 8.2.1.0 IBM Storage Protect is vulnerable to a heap-based buffer overflow, caused by improper bounds checking. A remote attacker could overflow a buffer and execute arbitrary code on the system or cause the server ...

8.1CVSS6.5AI score
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/26 6:8 a.m.4 views

Security Bulletin: Vulnerabilities in cryptography, pyOpenSSL & golang affect IBM Storage Protect Plus

Summary IBM Storage Protect Plus Microsoft File Systems Backup and Restore can be affected by vulnerabilities in pyOpenSSL & cryptography. IBM Storage Protect Plus Guest Applications is affected by vulnerabilities in golang Vulnerability Details CVEID:CVE-2026-26007 DESCRIPTION: cryptography is a...

9.8CVSS5.9AI score0.02593EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/25 6:37 p.m.9 views

Security Bulletin: Vulnerabilities in Spring, Tomcat, Netty, Picomatch might affect IBM Storage Protect Plus

Summary IBM Storage Protect Plus can be affected by vulnerabilities in Spring, Tomcat, Netty, Picomatch . Vulnerabilities include stack-based buffer overflow, improper encoding or escaping of output, deserialization of untrusted data, improper restriction of operations within the bounds of a memo...

9.1CVSS7.3AI score0.0504EPSS
Exploits4Affected Software1
NVD
NVD
added 2026/06/22 4:16 p.m.14 views

CVE-2026-12628

IBM Storage Protect Client 8.1.0.0 through 8.2.1.0 and IBM Storage Protect Snapshot For Windows 8.1.0.0 through 8.2.1.0 could allow a remote attacker to bypass authentication due to the use of a hardcoded credential in the FlashCopy Manager FCM authentication mechanism. The application contains a...

9.1CVSS0.00357EPSS
Exploits0References1
CVE
CVE
added 2026/06/22 1:43 p.m.30 views

CVE-2026-12628

CVE-2026-12628 affects IBM Storage Protect Client (8.1.0.0–8.2.1.0) and IBM Storage Protect Snapshot for Windows (8.1.0.0–8.2.1.0). The IBM security bulletin confirms a hardcoded credential in the FlashCopy Manager (FCM) authentication mechanism and multiple authentication code paths, enabling re...

9.1CVSS6AI score0.00357EPSS
Exploits0References1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/04/21 7:28 a.m.5 views

Security Bulletin: IBM Storage Protect Operations Center is affected by vulnerabilities in the dojo-profile library that could allow prototype pollution or improper handling of crafted PNG inputs (CVE-2021-23450, CVE-2008-6681, CVE-2010-2273).

Summary IBM Storage Protect Operations Center uses the dojo-profile library in certain components. Vulnerabilities in this library may allow prototype pollution or improper handling of specially crafted PNG files, which could lead to memory corruption or denial-of-service conditions in applicatio...

9.8CVSS6.8AI score0.30367EPSS
Exploits3Affected Software1
CNVD
CNVD
added 2026/04/10 12:0 a.m.11 views

IBM Storage Protect Server SQL Injection Vulnerability

IBM Storage Protect Server is an enterprise-class data backup and recovery management system from International Business Machines IBM. A SQL injection vulnerability exists in IBM Storage Protect Server version 8.2.0. The vulnerability stems from the application's lack of validation of externally...

8.8CVSS5.8AI score0.00253EPSS
Exploits0
NVD
NVD
added 2026/04/01 1:16 a.m.4 views

CVE-2025-13855

IBM Storage Protect Server 8.2.0 IBM Storage Protect Plus Server is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify, or delete information in the back-end database...

8.8CVSS0.00253EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/04/01 12:23 a.m.34 views

CVE-2025-13855 IBM Storage Protect Server is affected by a vulnerability that could allow authenticated users to access administrative metadata through the JSON-RPC endpoint .

IBM Storage Protect Server 8.2.0 IBM Storage Protect Plus Server is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify, or delete information in the back-end database...

7.6CVSS0.00253EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/31 3:38 a.m.8 views

Security Bulletin: Vulnerability in IBM Java, Websphere, OpenSSL, libcurl, and Apache Commons may affect IBM Storage Protect Backup-Archive Client, IBM Storage Protect for Virtual Environments and IBM Storage Protect for Space Management

Summary IBM Spectrum Protect Backup-Archive Client, IBM Storage Protect for Virtual Environments and IBM Storage Protect for Space Management can be affected by logging and security vulnerabilities. This update improves reliability of Java object property handling, modern logging frameworks and...

7.5CVSS7.8AI score0.66594EPSS
Exploits0Affected Software3
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/27 1:0 a.m.7 views

Security Bulletin: IBM Storage Protect Server is affected by vulnerabilities in IBM SDK, Java Technology Edition that could allow denial-of-service or information exposure in applications using the affected Java components.

Summary IBM Storage Protect Server is affected by multiple vulnerabilities in IBM SDK, Java Technology Edition may allow attackers to exploit weaknesses in certain Java components. These issues could lead to denial-of-service conditions or unintended information exposure in applications that rely...

7.5CVSS5.9AI score0.00864EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/27 12:59 a.m.12 views

Security Bulletin:IBM Storage Protect Server is vulnerable to an unauthenticated attacker with network access via multiple protocols and TLS due to IBM SDK, Java (CVE-2026-21945, CVE-2026-21932, CVE-2026-21933, CVE-2026-21925).

Summary IBM SDK, Java is vulnerable to unauthenticated attacker with network access via multiple protocols and TLS, IBM Storage Protect Server uses IBM SDK, Java and may be affected by this vulnerability. Vulnerability Details CVEID:CVE-2026-21945 DESCRIPTION: Java SE is vulnerable to a denial of...

7.5CVSS5.8AI score0.00864EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/27 12:56 a.m.5 views

Security Bulletin: IBM Storage Protect Operations Center is affected by a vulnerability in IBM WebSphere Application Server Liberty that could allow a security configuration attack (CVE-2025-12635).

Summary IBM Spectrum Protect Operations Center uses IBM WebSphere Application Server Liberty in certain components; a vulnerability in Liberty may allow a security configuration attack that could impact the security of the affected environment under specific conditions. Vulnerability Details...

5.4CVSS5.5AI score0.00141EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/27 12:48 a.m.6 views

Security Bulletin: IBM Storage Protect Server is affected by vulnerabilities in the Eclipse Jetty web server library that could lead to denial-of-service due to issues in certificate and protocol handling (CVE-2024-6763, CVE-2024-8184).

Summary IBM Storage Protect Server uses the Eclipse Jetty web server library in certain components. Vulnerabilities related to certificate and protocol handling in the Jetty library may allow specially crafted requests to trigger denial-of-service conditions in applications using the affected...

6.5CVSS6.8AI score0.01037EPSS
Exploits1Affected Software1
RedhatCVE
RedhatCVE
added 2026/01/09 9:24 a.m.11 views

CVE-2023-40368

IBM Storage Protect 8.1.0.0 through 8.1.19.0 could allow a privileged user to obtain sensitive information from the administrative command line client. IBM X-Force ID: 263456...

4.4CVSS5.9AI score0.00189EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2025/12/05 1:44 p.m.5 views

Security Bulletin: Denial of Service vulnerability in WebSphere Application Server Liberty affects IBM Spectrum Protect Operations Center (CVE-2025-36047)

Summary IBM WebSphere Application Server Liberty is vulnerable to DoS by sending a specially-crafted request attack which can affect IBM Spectrum Protect formerly Tivoli Storage Manager Operations Center Vulnerability Details CVEID:CVE-2025-36047 DESCRIPTION: IBM WebSphere Application Server...

7.5CVSS5.5AI score0.00451EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/12/05 1:43 p.m.5 views

Security Bulletin: IBM Storage Protect Server is susceptible to a vulnerability due to Golang net library

Summary Golang net library is used by the IBM Storage Protect Server Object Agent and OSSM component. Golang net is vulnerable to IPv6 zone ID mishandling leading to proxy bypass, This bulletin identifies the steps to address the vulnerabilities. CVE-2025-22870. Vulnerability Details...

4.4CVSS6.6AI score0.00393EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/12/05 1:43 p.m.6 views

Security Bulletin: IBM Storage Protect Server is susceptible to a vulnerability due to Golang crypto library

Summary Golang crypto library is used by the IBM Storage Protect Server Object Agent and OSSM component. Golang crypto is vulnerable to Denial of Service, This bulletin identifies the steps to address the vulnerabilities. CVE-2025-22869. Vulnerability Details CVEID:CVE-2025-22869 DESCRIPTION: SSH...

7.5CVSS6.5AI score0.00868EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/12/05 1:42 p.m.7 views

Security Bulletin: IBM Storage Protect Server is susceptible to a vulnerability due to Golang glog library

Summary Golang glog library is used by the IBM Storage Protect Server OSSM component. Golang glog is vulnerable to improper handling of log file existence, This bulletin identifies the steps to address the vulnerabilities. CVE-2024-45339. Vulnerability Details CVEID:CVE-2024-45339 DESCRIPTION: Wh...

7.1CVSS7.5AI score0.0029EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/12/05 1:40 p.m.7 views

Security Bulletin: Cross Site Scripting vulnerability in WebSphere Application Server Liberty affects IBM Spectrum Protect Operations Center (CVE-2025-36000)

Summary IBM WebSphere Application Server Liberty is vulnerable to stored cross-site scripting which can affect IBM Spectrum Protect formerly Tivoli Storage Manager Operations Center Vulnerability Details CVEID:CVE-2025-36000 DESCRIPTION: IBM WebSphere Application Server Liberty 17.0.0.3 through...

4.8CVSS5.8AI score0.00177EPSS
Exploits0Affected Software1
Rows per page
Query Builder