CVE-2023-49877

IBM System Storage Virtualization Engine TS7700 3957-VEC, 3948-VED and 3957-VEC could allow a remote authenticated user to obtain sensitive information, caused by improper filtering of URLs. By submitting a specially crafted HTTP GET request, an attacker could exploit this vulnerability to view...

EUVD-2025-205442

IBM DS8A00 R10.1 10.10.106.0 and IBM DS8A00 R10.0 10.1.3.010.2.45.0 and IBM DS8900F R9.4 89.40.83.089.42.18.089.44.5.0 IBM System Storage DS8000 could allow a local user with authorized CCW update permissions to delete or corrupt backups due to missing authorization in IBM Safeguarded Copy / GDPS...

Security Bulletin: IBM System Storage Support for Microsoft Volume Shadow Copy Service and Virtual Disk Service is vulnerable to denial of service due to jackson- core. WS-2022-0468.

Summary IBM System Storage Support for Microsoft Volume Shadow Copy Service and Virtual Disk Service is vulnerable to denial of service due to jackson- core. WS-2022-0468. Vulnerability Details WSID: WS-2022-0468 DESCRIPTION: The jackson-core package is vulnerable to a Denial of Service DoS attac...

Security Bulletin: IBM System Storage Support for Microsoft Volume Shadow Copy Service and Virtual Disk Service is vulnerable to an improper input validation vulnerability due to Apache Axis. CVE-2023-51441.

Summary IBM System Storage Support for Microsoft Volume Shadow Copy Service and Virtual Disk Service is vulnerable to an improper input validation vulnerability due to Apache Axis. CVE-2023-51441. Vulnerability Details CVEID:CVE-2023-51441 DESCRIPTION: UNSUPPORTED WHEN ASSIGNED Improper Input...

EUVD-2008-3150

Malware in sbrugna...

EUVD-2012-2165

Malware in sbrugna...

EUVD-2021-25366

Malware in sbrugna...

EUVD-2014-3069

Malware in sbrugna...

EUVD-2012-2166

Malware in sbrugna...

EUVD-2024-19887

Malicious code in bioql PyPI...

EUVD-2025-19624

Malicious code in bioql PyPI...

EUVD-2025-19623

Malicious code in bioql PyPI...

EUVD-2023-53778

Malicious code in bioql PyPI...

CVE-2025-36056

IBM System Storage Virtualization Engine TS7700 3957 VED R5.4 8.54.2.17, R6.0 8.60.0.115, 3948 VED R5.4 8.54.2.17, R6.0 8.60.0.115, and 3948 VEF R6.0 8.60.0.115 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI...

CVE-2025-2141

IBM System Storage Virtualization Engine TS7700 3957 VED R5.4 8.54.2.17, R6.0 8.60.0.115, 3948 VED R5.4 8.54.2.17, R6.0 8.60.0.115, and 3948 VEF R6.0 8.60.0.115 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI...

CVE-2025-36056

IBM System Storage Virtualization Engine TS7700 3957 VED R5.4 8.54.2.17, R6.0 8.60.0.115, 3948 VED R5.4 8.54.2.17, R6.0 8.60.0.115, and 3948 VEF R6.0 8.60.0.115 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI...

CVE-2025-2141

IBM System Storage Virtualization Engine TS7700 3957 VED R5.4 8.54.2.17, R6.0 8.60.0.115, 3948 VED R5.4 8.54.2.17, R6.0 8.60.0.115, and 3948 VEF R6.0 8.60.0.115 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI...

CVE-2025-2141

IBM System Storage Virtualization Engine TS7700 3957 VED R5.4 8.54.2.17, R6.0 8.60.0.115, 3948 VED R5.4 8.54.2.17, R6.0 8.60.0.115, and 3948 VEF R6.0 8.60.0.115 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI...

CVE-2025-2141 IBM System Storage Virtualization Engine TS7700 cross-site scripting

IBM System Storage Virtualization Engine TS7700 3957 VED R5.4 8.54.2.17, R6.0 8.60.0.115, 3948 VED R5.4 8.54.2.17, R6.0 8.60.0.115, and 3948 VEF R6.0 8.60.0.115 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI...

CVE-2025-2141

CVE-2025-2141 affects IBM System Storage Virtualization Engine TS7700 (models 3957-VED, 3948-VED, 3948-VEF) with firmware 8.54.2.17/8.60.0.115. The issue is a cross-site scripting vulnerability in the management Web UI that allows an authenticated user to embed arbitrary JavaScript, potentially l...