205 matches found
QNAP operating system 代码问题漏洞
QNAP QTS is a NAS operating system developed by QNAPSystems, Inc. designed for network attached storage devices, providing data management, backup, multimedia entertainment, etc. QNAP QuTS hero is an enterprise-grade operating system developed by QNAP for its networked storage devices NAS, which ...
CVE-2025-36088 IBM TS4500 cross-site scripting
IBM TS4500 1.11.0.0-D00, 1.11.0.1-C00, 1.11.0.2-C00, and 1.10.00-F00 web GUI is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosu...
The vulnerability of the MFlash secure data exchange platform, related to authentication errors, allows attackers to escalate their privileges.
The vulnerability of the MFlash secure data exchange platform is related to authentication errors. Exploiting this vulnerability allows a malicious actor to enhance their privileges and use the file storage system beyond the architectural limitations by intercepting API responses...
CVE-2022-43869
IBM Spectrum Scale 5.1.0.0 through 5.1.2.8 and 5.1.3.0 through 5.1.5.1 and IBM Elastic Storage System 6.1.0.0 through 6.1.2.4 and 6.1.3.0 through 6.1.4.1 could allow an authenticated user to cause a denial of service through the GUI using a format string attack. IBM X-Force ID: 239539...
Dell PowerScale OneFS Authorization Logic Error Vulnerability
PowerScale OneFS is a distributed storage operating system developed by Dell to provide unified file system management and high availability services for enterprise-class storage environments. Dell PowerScale OneFS suffers from an authorization logic error vulnerability that stems from not proper...
FAST LTA Silent Brick WebUI 安全漏洞
The FAST LTA Silent Brick WebUI is a web-based user interface for a Silent Brick data storage system from FAST LTA. A security vulnerability exists in FAST LTA Silent Brick WebUI versions prior to 2.63, which stems from reflective cross-site scripting and could allow an attacker to inject malicio...
The vulnerability of the QuTS operating systems and QTS network devices involves an improper definition of symbolic links before accessing files. This allows attackers to execute arbitrary code and elevate their privileges to the root level.
The vulnerability of the QuTS operating systems and QTS network devices involves an improper definition of symbolic links before accessing files. Exploiting this vulnerability allows a remote attacker to execute arbitrary code and elevate their privileges to the root level...
QNAP Systems QTS 安全漏洞
QNAP Systems QTS is an entry-level operating system from China's Weilian Technology QNAP Systems. A security vulnerability exists in QNAP Systems QTS prior to version 5.2.1.2930 build 20241025 and prior to QuTS hero h5.2.1.2929 build 20241025, which stems from a buffer duplication vulnerability...
Security Bulletin: There are multiple vulnerabilities in IBM WebSphere Application Server that can affect IBM Elastic Storage System that are now included
Summary There are multiple vulnerabilities in IBM WebSphere Application Server, used by IBM Storage Scale Elastic Storage System, which could provide weaker than expected security that are now fixed. Vulnerability Details CVEID:CVE-2024-25026 DESCRIPTION: IBM WebSphere Application Server 8.5, 9.0...
WBSAirback Code Execution Vulnerability
WBSAirback is a next generation storage and backup system from WBSAirback. A code execution vulnerability exists in WBSAirback version 21.02.04, which can be exploited by an attacker to execute arbitrary code...
WBSAirback cross-site scripting vulnerability (CNVD-2024-27121)
WBSAirback is a next generation storage and backup system from WBSAirback. A cross-site scripting vulnerability exists in WBSAirback version 21.02.04, which can be exploited by an attacker to execute arbitrary Web script or HTML by injecting a crafted payload...
PT-2024-4538 · Qnap · Qnap Qts +1
Name of the Vulnerable Software and Affected Versions: QNAP QTS versions prior to 5.1.7.2770 build 20240520 QNAP QuTS hero versions prior to h5.1.7.2770 build 20240520 Description: A buffer copy without checking the size of input issue has been reported, potentially allowing authenticated users t...
The vulnerability of the svc_topstats utility in the Dell Unity Operating Environment (OE) system allows a hacker to overwrite any files with root privileges.
The vulnerability of the svctopstats utility in the Dell Unity Operating Environment OE storage system exists because measures to neutralize special elements used in the operating system commands have not been taken. Exploiting this vulnerability could allow a malicious individual to rewrite any...
The vulnerability of the svc_cbr utility in the operating system for Dell Unity Operating Environment storage systems allows a perpetrator to execute arbitrary operating system commands.
The vulnerability of the svccbr utility in the Dell Unity Operating Environment OE storage system exists due to the lack of measures taken to neutralize the special elements used in the operating system’s commands. Exploiting this vulnerability can allow an attacker to execute arbitrary operating...
WBSAirback Code Execution Vulnerability (CNVD-2024-27125)
WBSAirback is a next generation storage and backup system from WBSAirback. A code execution vulnerability exists in WBSAirback version 21.02.04, which can be exploited by an attacker to execute arbitrary code...
IBM DS8900F HMC 信息泄露漏洞
The IBM DS8900F HMC is an enterprise-class disk storage system from International Business Machines IBM for storing and managing large-scale enterprise data. An information disclosure vulnerability exists in the IBM DS8900F HMC, which can be exploited by an attacker to read arbitrary files after...
IBM DS8900F HMC 安全漏洞
The IBM DS8900F HMC is an enterprise-class disk storage system from International Business Machines IBM for storing and managing large-scale enterprise data. The IBM DS8900F HMC suffers from an arbitrary file deletion vulnerability that can be exploited by an attacker to arbitrarily delete files...
The vulnerability of the file loading function of the corporate cloud storage system HGiga OAKlouds allows a attacker to execute arbitrary code.
The vulnerability of the file loading function of the corporate cloud storage system HGiga OAKlouds relates to the unlimited loading of dangerous types of files. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code by sending a specially crafted file...
QNAP Multiple Products Path Traversal Vulnerability
QNAP Systems QTS is an operating system used by China Weilian Technology QNAP Systems for entry to mid-level QNAP NAS. A path traversal vulnerability exists in multiple QNAP products that stems from the presence of a path traversal vulnerability. The vulnerability could allow an authenticated...
CVE-2023-46742
CubeFS is an open-source cloud-native file storage system. CubeFS prior to version 3.3.1 was found to leak users secret keys and access keys in the logs in multiple components. When CubeCS creates new users, it leaks the users secret key. This could allow a lower-privileged user with access to th...