Lucene search
K

18 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-43882

Malicious code in bioql PyPI...

7.5CVSS6.2AI score0.01633EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2025/03/26 2:17 a.m.41 views

Security Bulletin: Directory traversal attack in IBM Spectrum Protect Plus Microsoft File Systems Backup and Restore (CVE-2022-40608)

Summary The IBM Spectrum Protect Plus Microsoft File Systems restore operation is vulnerable to a directory traversal attack which can result in gaining access to unauthorized files . Vulnerability Details CVEID:CVE-2022-40608 DESCRIPTION: IBM Spectrum Protect Plus Microsoft File Systems restore...

7.5CVSS7.4AI score0.01633EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/06/27 8:34 a.m.42 views

Security Bulletin: Vulnerabilities in Jinja, idna & cryptography can affect IBM Storage Protect Plus Microsoft File Systems Backup and Restore

Summary IBM Storage Protect Plus Microsoft File Systems Backup and Restore can be affected by vulnerabilities in Jinja, idna & cryptography which include cross-site scripting & a denial of service, as described by the CVEs in the "Vulnerability Details" section. These vulnerabilities have been...

7.5CVSS7.7AI score0.01386EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/11/02 11:47 a.m.30 views

Security Bulletin: Vulnerabilities in urllib3, Python and Tornado can affect IBM Storage Protect Plus Microsoft File Systems Backup and Restore [CVE-2023-43804,CVE-2023-40217,263690]

Summary IBM Storage Protect Plus Microsoft File Systems Backup and Restore can be affected by vulnerabilities in urllib3, Python and Tornado which include obtaining sensitive information, bypass security restrictions and bypass web application firewall protection, and conduct XSS attacks, as...

8.1CVSS6.6AI score0.01207EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/06/19 9:3 a.m.139 views

Security Bulletin: Vulnerabilities in Flask and Pallets Werkzeug may affect IBM Spectrum Protect Plus Microsoft File Systems Backup and Restore (CVE-2023-30861, CVE-2023-25577, CVE-2023-23934)

Summary IBM Spectrum Protect Plus Microsoft File Systems Backup and Restore can be affected by vulnerabilities in Flask and Pallets Werkzeug include obtain sensitive information, denial of service attacks and bypass security restrictions, as described by the CVEs in the "Vulnerability Details"...

7.5CVSS6.9AI score0.0142EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/02/01 10:43 a.m.70 views

Security Bulletin: Vulnerabilities in Certifi, Setuptools and Python may affect IBM Spectrum Protect Plus Microsoft File Systems Backup and Restore (CVE-2022-23491, CVE-2022-40897, CVE-2022-45061)

Summary IBM Spectrum Protect Plus Microsoft File Systems Backup and Restore can be affected by vulnerabilities in Certifi, Setuptools and Python. Vulnerabilities include error with TurstCor's owenership of certificates and denial of service attacks, as described by the CVEs in the "Vulnerability...

7.5CVSS7.3AI score0.02617EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/12/09 9:48 a.m.17 views

Security Bulletin: Vulnerability in Python Cryptographic Authority cryptography affects IBM Spectrum Protect Plus Microsoft File Systems Backup and Restore

Summary IBM Spectrum Protect Plus Microsoft File Systems Backup and Restore may be affected by a Python Cryptographic Authority cryptography buffer overflow vulnerability has been addressed. Vulnerability Details IBM X-Force ID: 239927 DESCRIPTION: Python Cryptographic Authority cryptography is...

8.3AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/10/12 12:0 a.m.7 views

The vulnerability of the backup and recovery functions of Microsoft File Systems for the IBM Spectrum Protect Plus data protection software allows a perpetrator to disclose protected information.

The vulnerability of the backup and recovery functions of Microsoft’s file systems in the IBM Spectrum Protect Plus data protection platform is related to an incorrect limitation on the path name to the restricted-access directory. Exploiting this vulnerability could allow a malicious actor to...

5.9CVSS6.5AI score0.01633EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2022/09/19 6:15 p.m.24 views

CVE-2022-40608

IBM Spectrum Protect Plus 10.1.6 through 10.1.11 Microsoft File Systems restore operation can download any file on the target machine by manipulating the URL with a directory traversal attack. This results in the restore operation gaining access to files which the operator should not have access...

7.5CVSS0.01633EPSS
Exploits0References2
Prion
Prion
added 2022/09/19 6:15 p.m.19 views

Directory traversal

IBM Spectrum Protect Plus 10.1.6 through 10.1.11 Microsoft File Systems restore operation can download any file on the target machine by manipulating the URL with a directory traversal attack. This results in the restore operation gaining access to files which the operator should not have access...

5CVSS7.1AI score0.01633EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2022/09/19 5:25 p.m.22 views

CVE-2022-40608

IBM Spectrum Protect Plus 10.1.6 through 10.1.11 Microsoft File Systems restore operation can download any file on the target machine by manipulating the URL with a directory traversal attack. This results in the restore operation gaining access to files which the operator should not have access...

5.9CVSS7.2AI score0.01633EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2022/09/17 1:49 p.m.53 views

Security Bulletin: Vulnerability in Pallets Werkzeug may affect IBM Spectrum Protect Plus Microsoft File Systems Backup and Restore (CVE-2022-29361)

Summary HTTP request smuggling vulnerability in Pallets Werkzeug can affect IBM Spectrum Protect Plus Microsoft File Systems Backup and Restore. Vulnerability Details CVEID:CVE-2022-29361 DESCRIPTION: Pallets Werkzeug is vulnerable to HTTP request smuggling, caused by improper parsing of HTTP...

9.8CVSS8.9AI score0.07663EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/09/01 9:12 a.m.31 views

Security Bulletin: Vulnerability in Urllib3 affects IBM Spectrum Protect Plus Microsoft File Systems Backup and Restore (CVE-2021-33503)

Summary Denial of Service vulnerability in Urllib3 may affect IBM Spectrum Protect Plus Microsoft® File Systems backup and restore. Vulnerability Details CVEID: CVE-2021-33503 DESCRIPTION: urllib3 is vulnerable to a denial of service, caused by a regular expression denial of service ReDoS flaw du...

7.5CVSS1.4AI score0.03273EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/06/28 8:41 p.m.59 views

Security Bulletin: Vulnerabilities in Python, Tornado, and Urllib3 affect IBM Spectrum Protect Plus Microsoft File Systems Backup and Restore

Summary IBM Spectrum Protect Plus Microsoft® File Systems backup and restore may be affected by vulnerabilities in Python, Tornado. and Urllib3 such as server-side request forgery, HTTP response splitting, buffer overflow, and man-in-the-middle attacks. Vulnerability Details CVEID: CVE-2021-29921...

9.8CVSS1.2AI score0.23293EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/04/24 6:15 a.m.22 views

Security Bulletin: Information Disclosure in IBM Spectrum Protect Plus Microsoft File Systems backup and restore log files (CVE-2021-20536)

Summary IBM Spectrum Protect Plus Microsoft® File Systems backup and restore log files may contain sensitive information. Vulnerability Details CVEID: CVE-2021-20536 DESCRIPTION: IBM Spectrum Protect Plus File Systems Agent stores potentially sensitive information in log files that could be read ...

6.2CVSS0.6AI score0.00266EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/04/24 6:7 a.m.31 views

Security Bulletin: Vulnerability in Python affects IBM Spectrum Protect Plus Microsoft File Systems backup and restore (CVE-2020-25659)

Summary Vulnerability in python-cryptography may affect IBM Spectrum Protect Plus Microsoft® File Systems backup and restore. Vulnerability Details CVEID: CVE-2020-25659 DESCRIPTION: python-cryptography could allow a remote attacker to obtain sensitive information, caused by a Bleichenbacher timi...

5.9CVSS0.6AI score0.02454EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/12/04 6:34 a.m.35 views

Security Bulletin: Vulnerability in Urllib3 affects IBM Spectrum Protect Container and Microsoft File Systems Agents (CVE-2020-26137)

Summary Urllib3 is vulnerable to CRLF injection which could allow a remote attacker to perform cross-site scripting, cache poisoning, or session hijacking attacks. This vulnerability may affect the IBM Spectrum Protect Plus Container agent for Kubernetes and the IBM Spectrum Protect Plus Microsof...

6.5CVSS1.3AI score0.02269EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/12/04 6:2 a.m.25 views

Security Bulletin: Vulnerability in PyYAML affects IBM Spectrum Protect Plus Container and Microsoft File Systems Agents (CVE-2020-1747)

Summary There is a vulnerability in PyYAML that could allow a remote attacker to execute arbitrary code on the system. This vulnerability may affect the IBM Spectrum Protect Plus Container agent for Kubernetes and the IBM Spectrum Protect Plus Microsoft® Windows File Systems agent. Vulnerability...

10CVSS2.5AI score0.05299EPSS
Exploits1Affected Software1
Rows per page
Query Builder