Lucene search
K

12 matches found

CNVD
CNVD
added 2024/09/09 12:0 a.m.10 views

IBM Aspera Security Bypass Vulnerability (CNVD-2024-38533)

IBM Aspera is a set of fast file transfer and streaming solutions built on the IBM FASP protocol from International Business Machines IBM. A security bypass vulnerability exists in IBM Aspera versions 5.0.0 through 5.0.9, which can be exploited by an attacker to bypass intended access restriction...

7.1CVSS6.6AI score0.00308EPSS
Exploits0References1
CNVD
CNVD
added 2024/05/09 12:0 a.m.7 views

IBM Aspera User Enumeration Vulnerability

IBM Aspera is a set of fast file transfer and streaming solutions built on the IBM FASP protocol from International Business Machines IBM. A user enumeration vulnerability exists in IBM Aspera Orchestrator version 4.0.1. The vulnerability stems from a significant difference between valid and...

5.3CVSS6.6AI score0.00471EPSS
Exploits0References1
CNVD
CNVD
added 2023/06/06 12:0 a.m.13 views

IBM Aspera Connect and IBM Aspera Cargo Buffer Overflow Vulnerability

IBM Aspera is a set of fast file transfer and streaming solutions built on the IBM FASP protocol from International Business Machines IBM. A buffer overflow vulnerability exists in IBM Aspera Connect and IBM Aspera Cargo, which originates from a boundary check error and can be exploited by an...

8.4CVSS8.1AI score0.00235EPSS
Exploits0References1
CNVD
CNVD
added 2023/06/06 12:0 a.m.17 views

IBM Aspera Cargo and IBM Aspera Connect Information Disclosure Vulnerability

IBM Aspera is a set of fast file transfer and streaming solutions built on the IBM FASP protocol from International Business Machines IBM. An information disclosure vulnerability exists in IBM Aspera Cargo and IBM Aspera Connect, which can be exploited by attackers to cause unauthorized...

7.5CVSS6.2AI score0.00545EPSS
Exploits0References1
Saint
Saint
added 2023/04/13 12:0 a.m.228 views

IBM Aspera Faspex YAML deserialization

Added: 04/13/2023 Background IBM Aspera Faspex is a centralized, high-speed transfer solution using the FASP protocol. Problem A YAML deserialization vulnerability allows remote attackers to execute arbitrary commands by sending a POST request for relaypackage with specially crafted JSON content...

8.4AI score
Exploits0
Saint
Saint
added 2023/04/13 12:0 a.m.243 views

IBM Aspera Faspex YAML deserialization

Added: 04/13/2023 Background IBM Aspera Faspex is a centralized, high-speed transfer solution using the FASP protocol. Problem A YAML deserialization vulnerability allows remote attackers to execute arbitrary commands by sending a POST request for relaypackage with specially crafted JSON content...

8.4AI score
Exploits0
CNVD
CNVD
added 2023/04/06 12:0 a.m.14 views

IBM Aspera Cargo and IBM Aspera Connect Code Execution Vulnerability (CNVD-2023-76771)

IBM Aspera is a set of fast file transfer and streaming solutions built on the IBM FASP protocol from International Business Machines IBM. A code execution vulnerability exists in IBM Aspera Cargo and IBM Aspera Connect that originates from a boundary check error and can be exploited by an attack...

9.8CVSS8.3AI score0.00656EPSS
Exploits0References1
CNVD
CNVD
added 2023/04/06 12:0 a.m.17 views

IBM Aspera Cargo and IBM Aspera Connect Code Execution Vulnerabilities

IBM Aspera is a set of fast file transfer and streaming solutions built on the IBM FASP protocol from International Business Machines IBM. A code execution vulnerability exists in IBM Aspera Cargo and IBM Aspera Connect that originates from a boundary check error and can be exploited by an attack...

9.8CVSS7.8AI score0.00656EPSS
Exploits0References1
CNVD
CNVD
added 2023/02/21 12:0 a.m.27 views

IBM Aspera Faspex Cross-Site Scripting Vulnerability

IBM Aspera is an IBM FASP protocol-based fast file transfer and streaming solution from International Business Machines IBM. IBM Aspera Faspex version 4.4.1 contains a cross-site scripting vulnerability, which stems from a cross-site scripting vulnerability that could be exploited by an attacker ...

5.4CVSS2.2AI score0.00405EPSS
Exploits0References1
CNVD
CNVD
added 2022/05/26 12:0 a.m.24 views

IBM Aspera Access Control Error Vulnerability

IBM Aspera is a set of fast file transfer and streaming solutions built on the IBM FASP protocol from the U.S. IBM Aspera Faspex versions 4.4.1 and 5.0.0 have an access control error vulnerability that stems from a miscalculated security token, which could be exploited by an attacker for...

7.5CVSS4.8AI score0.01105EPSS
Exploits0References1
CNVD
CNVD
added 2022/04/18 12:0 a.m.13 views

IBM Aspera High-Speed Transfer信息泄露漏洞

IBM Aspera is a fast file transfer and streaming solution built on the IBM FASP protocol from IBM U.S.A. An information disclosure vulnerability exists in IBM Aspera High-Speed Transfer, which could be exploited by attackers to obtain information from non-sensitive operating system files to which...

4.3CVSS3.6AI score0.00676EPSS
Exploits0References1
CNVD
CNVD
added 2021/09/27 12:0 a.m.28 views

IBM Aspera Cross-Site Scripting Vulnerability

IBM Aspera is a set of fast file transfer and streaming solutions built on the IBM FASP protocol from IBM U.S. A cross-site scripting vulnerability exists in IBM Aspera Cloud, which could be exploited by an attacker to embed arbitrary JavaScript code in the Web UI to alter the intended...

6.4CVSS2.5AI score0.0048EPSS
Exploits0References1
Rows per page
Query Builder