Lucene search
K

23 matches found

Positive Technologies
Positive Technologies
added 2026/02/11 12:0 a.m.7 views

PT-2026-7539

A buffer overflow vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains a user account, they can then exploit the vulnerability to modify memory or crash processes. We have already fixed the vulnerability in the following version: QuTS hero...

8.1CVSS5.9AI score0.00398EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/01/02 12:0 a.m.4 views

QNAP Systems QTS和QNAP Systems QuTS hero 缓冲区错误漏洞

QNAP Systems QTS and QNAP Systems QuTS hero are both a software with data storage and management capabilities from QNAP Systems, Inc. of Taiwan, China. A buffer error vulnerability exists in QNAP Systems QTS and QNAP Systems QuTS hero that originates from an out-of-bounds read and could result in...

6.9CVSS6.7AI score0.00286EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/12/26 1:58 p.m.23 views

CVE-2025-36192 Missing Authorization with the DS8900F and DS8A00 Hardware Management Console

IBM DS8A00 R10.1 10.10.106.0 and IBM DS8A00 R10.0 10.1.3.010.2.45.0 and IBM DS8900F R9.4 89.40.83.089.42.18.089.44.5.0 IBM System Storage DS8000 could allow a local user with authorized CCW update permissions to delete or corrupt backups due to missing authorization in IBM Safeguarded Copy / GDPS...

6.7CVSS0.00105EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 5:18 a.m.5 views

CVE-2023-30434

IBM Storage Scale IBM Spectrum Scale 5.1.0.0 through 5.1.2.9, 5.1.3.0 through 5.1.6.1 and IBM Elastic Storage Systems 6.1.0.0 through 6.1.2.5, 6.1.3.0 through 6.1.6.0 could allow a local user to cause a kernel panic. IBM X-Force ID: 252187...

6.2CVSS6.2AI score0.00205EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/03/28 12:0 a.m.2 views

Dell Unity 操作系统命令注入漏洞

Dell Unity is a set of virtual Unity storage environments from Dell USA. An OS command injection vulnerability exists in Dell Unity 5.4 and earlier versions, which can be exploited by an attacker to execute arbitrary operating system commands on the system...

7.8CVSS8AI score0.0055EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2024/07/12 3:44 p.m.57 views

Security Bulletin: Vulnerability with Perl, Snappy, Psf Request, spring-web-5.3.33.jar , Apache HTTP Server, OpenJDK, affect IBM Cloud Object Storage Systems (July 2024v1)

Summary Vulnerability with Perl CVE-2023-47038, Snappy CVE-2024-36124, Psf Request CVE-2024-35195, spring-web-5.3.33.jar CVE-2024-22262 , Apache HTTP Server, CVE-2024-24795, CVE-2023-38709 OpenJDK CVE-2024-21094, CVE-2024-21011, CVE-2024-21085, CVE-2024-21068, CVE-2024-21012,. This vulnerability...

8.1CVSS8.1AI score0.03914EPSS
Exploits2Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/05/20 12:0 a.m.5 views

The vulnerabilities of the System Management Module (SMM/SMM2) and the Fan Power Controller (FPC) in the microprogramming software for Lenovo ThinkSystem, ThinkAgile, NeXtScale storage systems, as well as Lenovo CP-CB-10 laptops, allow attackers to execute arbitrary commands.

The vulnerability of the System Management Module SMM/SMM2 and the Fan Power Controller FPC in the microprogramming operating systems of Lenovo’s ThinkSystem, ThinkAgile, NeXtScale storage systems, and Lenovo CP-CB-10 laptops exists due to the failure to take measures to neutralize the special...

9CVSS5.9AI score0.00665EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2024/04/16 12:0 a.m.6 views

The vulnerability of the operating environment for managing and maintaining the Dell Unity Operating Environment (DELL Unity Operating Environment) relates to the lack of protection for SQL query structures, which allows attackers to exploit the protected information.

The vulnerability of the operating environment for managing and maintaining Dell Unity Operating Environment OE storage systems is related to the lack of protection for SQL query structures. Exploiting this vulnerability can allow a malicious actor to disclose sensitive information...

6.8CVSS6.6AI score0.00421EPSS
Exploits0References2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/02/05 4:4 p.m.43 views

Security Bulletin: Vulnerability with Kernel affect IBM Cloud Object Storage Systems (Jan 2024v1)

Summary Vulnerability with Kernel - CVE-2023-45871 This vulnerability has been addressed in the latest ClevOS releases Vulnerability Details CVEID:CVE-2023-45871 DESCRIPTION: Linux Kernel is vulnerable to a buffer overflow, caused by improper bounds checking by the IGB driver in...

7.5CVSS8.9AI score0.00544EPSS
Exploits0Affected Software1
Fedora
Fedora
added 2023/10/24 1:13 a.m.46 views

[SECURITY] Fedora 37 Update: fbthrift-2023.10.16.00-1.fc37

Thrift is a serialization and RPC framework for service communication. Thrift enables these features in all major languages, and there is strong support for C++, Python, Hack, and Java. Most services at Facebook are written using Thri ft for RPC, and some storage systems use Thrift for serializin...

7.5CVSS8.7AI score0.99999EPSS
Exploits19
OSV
OSV
added 2023/05/05 3:15 p.m.2 views

CVE-2023-30434

IBM Storage Scale IBM Spectrum Scale 5.1.0.0 through 5.1.2.9, 5.1.3.0 through 5.1.6.1 and IBM Elastic Storage Systems 6.1.0.0 through 6.1.2.5, 6.1.3.0 through 6.1.6.0 could allow a local user to cause a kernel panic. IBM X-Force ID: 252187...

5.5CVSS6.1AI score0.00205EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/05/05 12:0 a.m.8 views

PT-2023-22688 · Ibm · Ibm Elastic Storage System +1

Name of the Vulnerable Software and Affected Versions: IBM Storage Scale versions 5.1.0.0 through 5.1.6.1 IBM Elastic Storage Systems versions 6.1.0.0 through 6.1.6.0 Description: The issue could allow a local user to cause a kernel panic. Recommendations: For IBM Storage Scale versions 5.1.0.0...

6.2CVSS5.1AI score0.00205EPSS
Exploits0References6
IBM Security Bulletins
IBM Security Bulletins
added 2023/03/26 3:17 a.m.42 views

Security Bulletin: Configuring Volume Throttling on Storwize V3500, V3700, V5000 and V7000 (Gen 2) with V7.5.0.0-V7.5.0.2 may cause a loss of access to data

Summary Abstract Changing the volume throttling attribute on a Storwize V3500, V3700, V5000 or V7000 Gen 2 system with V7.5.0.0-V7.5.0.2 may cause node canisters in the system to go offline with a node error 564, requiring manual recovery. Content Vulnerability Details Abstract Changing the volum...

2.1AI score
Exploits0
hivepro
hivepro
added 2023/01/30 1:10 p.m.6 views

Cyber Attack on Ukrainian National Information Agency

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary On 17th January 2023, the Ukrainian National Information Agency "Ukrinform" suffered a partial cyber attack. The Government Computer Emergency Response Team of Ukraine CERT-UA initiated an investigation...

2.9AI score
Exploits0
Fedora
Fedora
added 2022/12/04 1:1 a.m.26 views

[SECURITY] Fedora 36 Update: qpress-20220819-1.fc36

qpress is a portable file archiver using QuickLZ and designed to utilize fast storage systems to their max. It's often faster than file copy because the destination is smaller than the source...

5.3CVSS5.2AI score0.01299EPSS
Exploits1
OpenVAS
OpenVAS
added 2022/12/04 12:0 a.m.12 views

Fedora: Security Advisory for qpress (FEDORA-2022-e19ca639ef)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

5.3CVSS5.4AI score0.01299EPSS
Exploits1References2
Veeam
Veeam
added 2021/10/13 12:0 a.m.16 views

Veeam Verified: Primary Storage for Continuous Data Protection (CDP) with VMware VVOL

Purpose This article lists storage systems that Veeam has tested for use with VMware VVOL and Veeam's Continuous Data Protection CDP Replication. Tested Alliance Vendor Product Lines Cisco FlashStack based on Pure Storage FlashArray Cisco FlexPod based on NetApp ONTAP Cisco SmarStack based on HPE...

6.5AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2020/03/20 12:0 a.m.4 views

The vulnerability of the weblogin.cgi component in NAS (Network Attached Storage) storage systems and micro-programming software for Ethernet interfaces of UTM, ATP, and VPN devices allows a hacker to execute arbitrary code.

The vulnerability of the weblogin.cgi component in NAS Network Attached Storage storage systems and microprogramming software for Ethernet interfaces of UTM, ATP, and VPN devices is related to errors during the verification of the username parameter. Exploiting this vulnerability allows a malicio...

10CVSS8.5AI score0.99988EPSS
Exploits2References5
Veeam
Veeam
added 2019/01/22 12:0 a.m.20 views

Performance Impacts of Deduplicated Storage Systems

To learn about Deduplication Appliance Best Practices, visit KB1745. Challenge The following Veeam technologies are dependent on primary backup storage random I/O performance: Instant Recovery VM/Disk/NAS/Databases Windows and Linux File Level Recovery Application Restore Cloud Tiering Cloud...

5.6AI score
Exploits0Affected Software1
CNVD
CNVD
added 2018/05/18 12:0 a.m.4 views

Information Disclosure Vulnerability in Multiple IBM Products (CNVD-2018-111112)

IBM SAN Volume Controller SVC and others are storage systems from IBM in the U.S. IBM SVC is a virtualized storage system; Storwize is a disk storage system customized for small and medium-sized businesses; Spectrum Virtualize is a spectral storage system; FlashSystem is an all-flash storage...

5.3CVSS6.7AI score0.01363EPSS
Exploits2References1
Rows per page
Query Builder