Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

10 matches found

NVD
NVDadded 2026/03/10 8:16 p.m.0 views

CVE-2025-36227

IBM Aspera Faspex 5 5.0.0 through 5.0.14.3 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or session hijackin...

5.4CVSS0.00012EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2026/03/10 7:57 p.m.2 views

CVE-2025-36227 Multiple vulnerabilities in IBM Aspera Faspex

IBM Aspera Faspex 5 5.0.0 through 5.0.14.3 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or session hijackin...

5.4CVSS5.7AI score0.00012EPSS
Exploits0References1
NVD
NVDadded 2025/12/26 3:15 p.m.1 views

CVE-2025-36228

IBM Aspera Faspex 5 5.0.0 through 5.0.14.1 may allow inconsistent permissions between the user interface and backend API allowed users to access features that appeared disabled, potentially leading to misuse...

3.8CVSS0.00011EPSS
Exploits0References1
NVD
NVDadded 2025/12/26 3:15 p.m.2 views

CVE-2025-36229

IBM Aspera Faspex 5 5.0.0 through 5.0.14.1 could allow authenticated users to enumerate sensitive information of data due by enumerating package identifiers...

4.3CVSS0.00008EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/10/10 2:26 p.m.2 views

CVE-2023-37401

IBM Aspera Faspex 5.0.0 through 5.0.13.1 uses a cross-domain policy file that includes domains that should not be trusted...

5.3CVSS6.7AI score0.00032EPSS
Exploits0References1
OSV
OSVadded 2025/04/13 12:15 p.m.1 views

CVE-2025-3423

IBM Aspera Faspex 5.0.0 through 5.0.11 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session...

5.4CVSS5.5AI score
Exploits0References1
CNNVD
CNNVDadded 2025/04/13 12:0 a.m.2 views

IBM Aspera Faspex 跨站脚本漏洞

IBM Aspera Faspex is an International Business Machines IBM solution for rapid global person-to-person file delivery and collaboration. A cross-site scripting vulnerability exists in IBM Aspera Faspex versions 5.0.0 through 5.0.11, which stems from a cross-site scripting attack that could lead to...

5.4CVSS5.8AI score0.00214EPSS
Exploits0References3
OSV
OSVadded 2025/01/29 5:15 p.m.2 views

CVE-2023-37413

IBM Aspera Faspex 5.0.0 through 5.0.10 could disclose sensitive username information due to an observable response discrepancy...

5.3CVSS5.7AI score0.00114EPSS
Exploits0References1
OSV
OSVadded 2024/04/19 4:15 p.m.3 views

CVE-2023-37396

IBM Aspera Faspex 5.0.0 through 5.0.7 could allow a local user to obtain sensitive information due to improper encryption of certain data. IBM X-Force ID: 259671...

5.5CVSS5.8AI score
Exploits0References2
OSV
OSVadded 2022/05/24 10:15 p.m.1 views

CVE-2022-22497

IBM Aspera Faspex 4.4.1 and 5.0.0 could allow unauthorized access due to an incorrectly computed security token. IBM X-Force ID: 226951...

7.5CVSS5.8AI score0.00286EPSS
Exploits0References2
Rows per page
Query Builder