Lucene search
+L

808 matches found

ibm
ibm
added 5 days ago13 views

Security Bulletin: IBM Storage Scale System: Vulnerability in Linux kernel crypto subsystem could allow local privilege escalation (CVE-2026-31431)

Summary IBM Storage Scale Systems is affected by a security vulnerability identified in the Linux kernel's cryptographic interface CVE-2026-31431 that could allow a local user with low privileges to escalate to root privileges. The vulnerability has a CVSS score of 7.8 High and requires local...

7.8CVSS6.6AI score0.96267EPSS
Exploits230Affected Software1
ibm
ibm
added 2026/07/04 1:34 a.m.11 views

Security Bulletin: Due to IBM Storage Scale, IBM Cloud Pak System is affected by multiple vulnerabilities [CVE-2025-48976, CVE-2025-30204, CVE-2025-1137].

Summary Execute privileged command and denial of service vulnerabilities found in IBM Storage Scale previously known as IBM Spectrum Scale affect IBM Cloud Pak System. These vulnerabilities were addressed in IBM Cloud Pak System v2.3.6.1 and IBM Cloud Pak System v2.3.5.1 Vulnerability Details...

8.8CVSS7.1AI score0.64718EPSS
Exploits1Affected Software2
ibm
ibm
added 2026/06/30 11:9 a.m.6 views

Security Bulletin: Due to use of IBM Storage Scale, IBM Cloud Pak System is affected by multiple vulnerabilities

Summary Vulnerabilities found in IBM Storage Scale affect IBM Cloud Pak System. These vulnerabilities were addressed in IBM Cloud Pak System v2.3.5.1. Vulnerability Details CVEID:CVE-2025-55163 DESCRIPTION: Netty is an asynchronous, event-driven network application framework. Prior to versions...

8.8CVSS6AI score0.02164EPSS
Exploits3Affected Software3
ibm
ibm
added 2026/06/26 5:3 p.m.5 views

Security Bulletin: Vulnerabilities in Spring Security, Handlebars, Apache MINA and Apache Tomcat might affect IBM Storage Defender Copy Data Management

Summary IBM Storage Defender Copy Data Management can be affected by vulnerabilities in Spring Security, Handlebars, Apache MINA and Apache Tomcat. Vulnerabilities include an authorization bypass, providing the power necessary to let users build semantic templates, allowing arbitrary code to be...

9.8CVSS6.5AI score0.0178EPSS
Exploits5Affected Software1
ibm
ibm
added 2026/06/26 5:3 p.m.3 views

Security Bulletin: Vulnerabilities in jackson-core and UUID might affect IBM Storage Defender Copy Data Management

Summary IBM Storage Defender Copy Data Management can be affected by vulnerabilities in jackson-core and UUID. Vulnerabilities include jackson-core will throw a StreamConstraintsException if the limit is reached, vulnerable to a Denial of Service DoS attack and making unexpected writes when...

8.7CVSS5.8AI score0.00634EPSS
Exploits1Affected Software1
ibm
ibm
added 2026/06/26 4:53 p.m.3 views

Security Bulletin: Vulnerabilities in lodash, cryptography and axios might affect IBM Storage Defender Sentinel Anomaly Scan Engine.

Summary IBM Storage Defender Sentinel Anomaly Scan Engine can be affected by lodash, cryptography and axios. Vulnerabilities include allowing an attacker to perform prototype pollution, create buffer overflows, improper validation of certificates and connect to internal services. More details are...

9.8CVSS7.7AI score0.01735EPSS
Exploits5Affected Software1
ibm
ibm
added 2026/06/26 10:31 a.m.10 views

Security Bulletin: Due to use of IBM Storage Scale , IBM Cloud Pak System is affected by multiple vulnerabilities

Summary Multiple vulnerabilities in IBM Storage Scale which could provide weaker than expected security were addressed in IBM Cloud Pak System. Vulnerability Details CVEID:CVE-2024-45296 DESCRIPTION: path-to-regexp turns path strings into a regular expressions. In certain cases, path-to-regexp wi...

7.5CVSS6.8AI score0.99019EPSS
Exploits14Affected Software1
ibm
ibm
added 2026/06/26 6:8 a.m.3 views

Security Bulletin: Vulnerabilities in cryptography, pyOpenSSL & golang affect IBM Storage Protect Plus

Summary IBM Storage Protect Plus Microsoft File Systems Backup and Restore can be affected by vulnerabilities in pyOpenSSL & cryptography. IBM Storage Protect Plus Guest Applications is affected by vulnerabilities in golang Vulnerability Details CVEID:CVE-2026-26007 DESCRIPTION: cryptography is a...

9.8CVSS5.9AI score0.02593EPSS
Exploits1Affected Software1
ibm
ibm
added 2026/06/25 6:37 p.m.7 views

Security Bulletin: Vulnerabilities in Spring, Tomcat, Netty, Picomatch might affect IBM Storage Protect Plus

Summary IBM Storage Protect Plus can be affected by vulnerabilities in Spring, Tomcat, Netty, Picomatch . Vulnerabilities include stack-based buffer overflow, improper encoding or escaping of output, deserialization of untrusted data, improper restriction of operations within the bounds of a memo...

9.1CVSS7.3AI score0.0504EPSS
Exploits4Affected Software1
ibm
ibm
added 2026/06/22 9:4 p.m.11 views

Security Bulletin: The following vulnerabilities that can affect IBM Storage Scale Container Storage Interface (CSI) are now fixed in Storage Scale Container Native 5.2.3.8 / CSI 2.14.7 and Storage Scale Container Native 6.0.1.0 / CSI 3.1.0 or higher

Summary The following vulnerabilities, which can affect IBM Storage Scale Container Storage Interface CSI CVE-2026-9167 are now fixed in Storage Scale Container Native 5.2.3.8 / CSI 2.14.7 or higher and Storage Scale Container Native 6.0.1.0 / CSI 3.1.0 or higher. Vulnerability Details...

5.9AI score
Exploits0Affected Software1
nvd
nvd
added 2026/06/22 4:16 p.m.14 views

CVE-2026-12628

IBM Storage Protect Client 8.1.0.0 through 8.2.1.0 and IBM Storage Protect Snapshot For Windows 8.1.0.0 through 8.2.1.0 could allow a remote attacker to bypass authentication due to the use of a hardcoded credential in the FlashCopy Manager FCM authentication mechanism. The application contains a...

9.1CVSS0.00357EPSS
Exploits0References1
cve
cve
added 2026/06/22 1:43 p.m.28 views

CVE-2026-12628

CVE-2026-12628 affects IBM Storage Protect Client (8.1.0.0–8.2.1.0) and IBM Storage Protect Snapshot for Windows (8.1.0.0–8.2.1.0). The IBM security bulletin confirms a hardcoded credential in the FlashCopy Manager (FCM) authentication mechanism and multiple authentication code paths, enabling re...

9.1CVSS6AI score0.00357EPSS
Exploits0References1Affected Software1
ibm
ibm
added 2026/06/05 7:44 p.m.12 views

Security Bulletin: The following vulnerabilities that can affect IBM Storage Scale Management GUI, Cluster Export Services (CES) S3 or HDFS layer are now fixed in 5.2.3.8 and 6.0.1.0 or higher

Summary The following vulnerabilities, which can affect IBM Storage Scale Management GUI jackson-core-2.17.2.jar, CVE-2026-2950, CVE-2026-4800, Cluster Export Service CES S3 CVE-2026-33186 or HDFS layer for Hadoop deployments CVE-2026-24281, CVE-2026-24308 are now fixed in 5.2.3.8 and 6.0.1.0 or...

9.8CVSS6.7AI score0.01735EPSS
Exploits1Affected Software1
ibm
ibm
added 2026/05/18 5:24 p.m.22 views

Security Bulletin: Storage Virtualize Ansible Collection is affected by a vulnerability in the paramiko package

Summary Storage Virtualize Ansible Collection uses the paramiko package to provide common ssh capability. paramiko-4.0.0-py3-none-any.whl is vulnerable to CVE-2026-44405. Vulnerability Details CVEID:CVE-2026-44405 DESCRIPTION: In Paramiko through 4.0.0 before a448945, rsakey.py allows the SHA-1...

3.4CVSS5.8AI score0.00114EPSS
Exploits0Affected Software1
ibm
ibm
added 2026/05/05 6:22 p.m.30 views

Security Bulletin: Vulnerabilities in Spring WebFlux, Jenkins, Spring Securiy, Spring Framework, and Node.js lodash might affect IBM Storage Defender Copy Data Management.

Summary IBM Storage Defender Copy Data Management can be affected by vulnerabilities in Spring WebFlux, Jenkins, Spring Securiy, Spring Framework, and Node.js lodash. Vulnerabilities include an attacker, local attacker, remote attacker and authenticated attacker could exploit these vulnerabilitie...

9.8CVSS8.7AI score0.2241EPSS
Exploits16Affected Software1
ibm
ibm
added 2026/05/04 4:20 p.m.11 views

Security Bulletin: Vulnerabilities in Apache Tomcat might affect IBM Storage Defender Copy Data Management

Summary IBM Storage Defender Copy Data Management can be affected by vulnerabilities in Apache Tomcat. Vulnerabilities include Insertion of Sensitive Information into Log File vulnerability in the cloud membership for clustering component of Apache Tomcat exposed the Kubernetes bearer token and...

7.5CVSS5.8AI score0.00469EPSS
Exploits0Affected Software1
ibm
ibm
added 2026/05/04 4:20 p.m.16 views

Security Bulletin: Vulnerabilities in Apache Tomcat and Lodash might affect IBM Storage Defender Copy Data Management

Summary IBM Storage Defender Copy Data Management can be affected by vulnerabilities in Apache Tomcat and Lodash. Vulnerabilities include Improper Input Validation vulnerability in Apache Tomcat, Inconsistent Interpretation of HTTP Requests 'HTTP Request/Response Smuggling' vulnerability in Apach...

9.1CVSS7.3AI score0.00715EPSS
Exploits2Affected Software1
euvd
euvd
added 2026/04/23 12:31 a.m.7 views

EUVD-2026-25136

IBM Total Storage Service Console TSSC / TS4500 IMC 9.2, 9.3, 9.4, 9.5, 9.6 TSSC/IMC could allow an unauthenticated user to execute arbitrary commands with normal user privileges on the system due to improper validation of user supplied input...

7.3CVSS6.1AI score0.0034EPSS
Exploits0References2
ibm
ibm
added 2026/04/21 7:28 a.m.5 views

Security Bulletin: IBM Storage Protect Operations Center is affected by vulnerabilities in the dojo-profile library that could allow prototype pollution or improper handling of crafted PNG inputs (CVE-2021-23450, CVE-2008-6681, CVE-2010-2273).

Summary IBM Storage Protect Operations Center uses the dojo-profile library in certain components. Vulnerabilities in this library may allow prototype pollution or improper handling of specially crafted PNG files, which could lead to memory corruption or denial-of-service conditions in applicatio...

9.8CVSS6.8AI score0.30367EPSS
Exploits3Affected Software1
ibm
ibm
added 2026/04/10 2:40 p.m.6 views

Security Bulletin: Vulnerabilities in Apache Tomcat and hoek might affect IBM Storage Defender Copy Data Management

Summary IBM Storage Defender Copy Data Management can be affected by vulnerabilities in Apache Tomcat and hoek. Vulnerabilities include Relative Path Traversal vulnerability in Apache Tomcat, Improper Neutralization of Escape, Meta, or Control Sequences vulnerability in Apache Tomcat, Improper...

9.6CVSS7.1AI score0.66535EPSS
Exploits4Affected Software1
Rows per page
Query Builder