IBM Aspera Faspex 安全漏洞

IBM Aspera Faspex is an International Business Machines IBM solution for rapid global person-to-person file delivery and collaboration. A security vulnerability exists in IBM Aspera Faspex 5 5.0.14.1 and prior versions, which originates from a remote attacker who can inject malicious HTML code th...

IBM Aspera Faspex 安全漏洞

IBM Aspera Faspex is an International Business Machines IBM solution for rapid global person-to-person document delivery and collaboration. A security vulnerability exists in IBM Aspera Faspex versions 5.0.0 through 5.0.13.1 that stems from a cross-domain policy file containing domains that shoul...

EUVD-2023-39899

Malicious code in bioql PyPI...

IBM Aspera Faspex Code Issue Vulnerability

IBM Aspera Faspex is IBM's high-performance file transfer solution designed to transfer large files quickly and reliably. A security vulnerability exists in IBM Aspera Faspex versions 5.0.0 through 5.0.12.1, which stems from insufficient client-side enforcement of server-side security mechanisms...

CVE-2023-27871

IBM Aspera Faspex 4.4.2 could allow a remote attacker to obtain sensitive credential information for an external user, using a specially crafted SQL query. IBM X-Force ID: 249613...

CVE-2025-33136

IBM Aspera Faspex 5.0.0 through 5.0.12 could allow an authenticated user to obtain sensitive information or perform unauthorized actions on behalf of another user due to improper protection of assumed immutable data...

IBM Aspera Faspex Log Message Disclosure Vulnerability

IBM Aspera is a set of fast file transfer and streaming solutions built on the IBM FASP protocol from International Business Machines IBM. A log information disclosure vulnerability exists in IBM Aspera Faspex, which can be exploited by an attacker to obtain sensitive information...

IBM Aspera 安全漏洞

IBM Aspera is a set of fast file transfer and streaming solutions built on the IBM FASP protocol from International Business Machines IBM. An input validation error vulnerability exists in IBM Aspera Faspex versions 5.0.0 and 5.0.1, which stems from incorrect input validation of the HOST header a...

IBM Aspera Faspex Information Disclosure Vulnerability (CNVD-2023-76768)

IBM Aspera is a set of fast file transfer and streaming solutions built on the IBM FASP protocol from International Business Machines IBM. An information disclosure vulnerability exists in IBM Aspera Faspex, which can be exploited by attackers to obtain sensitive information...

IBM Aspera Security Vulnerability

IBM Aspera is a suite of fast file transfer and streaming solutions from International Business Machines IBM built on the IBM FASP protocol. A security vulnerability exists in IBM Aspera Faspex versions prior to 5.0.6 that stems from a vulnerability that could allow a malicious actor to bypass IP...

IBM Aspera Security Vulnerability

IBM Aspera is a suite of fast file transfer and streaming solutions from International Business Machines IBM built on the IBM FASP protocol. A security vulnerability exists in IBM Aspera Faspex version 5.0.5, which stems from a vulnerability that could allow a remote attacker to collect or persua...

IBM Aspera 安全漏洞

IBM Aspera is an IBM FASP protocol-based fast file transfer and streaming solution from International Business Machines IBM. IBM Aspera Faspex version 5.0.4 is vulnerable to an access control error, which stems from the existence of improper access control of the application. An authenticated...

IceFire Ransomware Exploits IBM Aspera Faspex to Attack Linux-Powered Enterprise Networks

A previously known Windows-based ransomware strain known as IceFire has expanded its focus to target Linux enterprise networks belonging to several media and entertainment sector organizations across the world. The intrusions entail the exploitation of a recently disclosed deserialization...

CVE-2022-47986

IBM Aspera Faspex 4.4.2 Patch Level 1 and earlier could allow a remote attacker to execute arbitrary code on the system, caused by a YAML deserialization flaw. By sending a specially crafted obsolete API call, an attacker could exploit this vulnerability to execute arbitrary code on the system. T...