PT-2026-7539

A buffer overflow vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains a user account, they can then exploit the vulnerability to modify memory or crash processes. We have already fixed the vulnerability in the following version: QuTS hero...

QNAP Systems QTS和QNAP Systems QuTS hero 缓冲区错误漏洞

QNAP Systems QTS and QNAP Systems QuTS hero are both a software with data storage and management capabilities from QNAP Systems, Inc. of Taiwan, China. A buffer error vulnerability exists in QNAP Systems QTS and QNAP Systems QuTS hero that originates from an out-of-bounds read and could result in...

CVE-2025-36192 Missing Authorization with the DS8900F and DS8A00 Hardware Management Console

IBM DS8A00 R10.1 10.10.106.0 and IBM DS8A00 R10.0 10.1.3.010.2.45.0 and IBM DS8900F R9.4 89.40.83.089.42.18.089.44.5.0 IBM System Storage DS8000 could allow a local user with authorized CCW update permissions to delete or corrupt backups due to missing authorization in IBM Safeguarded Copy / GDPS...

CVE-2023-30434

IBM Storage Scale IBM Spectrum Scale 5.1.0.0 through 5.1.2.9, 5.1.3.0 through 5.1.6.1 and IBM Elastic Storage Systems 6.1.0.0 through 6.1.2.5, 6.1.3.0 through 6.1.6.0 could allow a local user to cause a kernel panic. IBM X-Force ID: 252187...

Dell Unity 操作系统命令注入漏洞

Dell Unity is a set of virtual Unity storage environments from Dell USA. An OS command injection vulnerability exists in Dell Unity 5.4 and earlier versions, which can be exploited by an attacker to execute arbitrary operating system commands on the system...

Security Bulletin: Vulnerability with Perl, Snappy, Psf Request, spring-web-5.3.33.jar , Apache HTTP Server, OpenJDK, affect IBM Cloud Object Storage Systems (July 2024v1)

Summary Vulnerability with Perl CVE-2023-47038, Snappy CVE-2024-36124, Psf Request CVE-2024-35195, spring-web-5.3.33.jar CVE-2024-22262 , Apache HTTP Server, CVE-2024-24795, CVE-2023-38709 OpenJDK CVE-2024-21094, CVE-2024-21011, CVE-2024-21085, CVE-2024-21068, CVE-2024-21012,. This vulnerability...

Security Bulletin: Vulnerability with Kernel affect IBM Cloud Object Storage Systems (Jan 2024v1)

Summary Vulnerability with Kernel - CVE-2023-45871 This vulnerability has been addressed in the latest ClevOS releases Vulnerability Details CVEID:CVE-2023-45871 DESCRIPTION: Linux Kernel is vulnerable to a buffer overflow, caused by improper bounds checking by the IGB driver in...

[SECURITY] Fedora 37 Update: fbthrift-2023.10.16.00-1.fc37

Thrift is a serialization and RPC framework for service communication. Thrift enables these features in all major languages, and there is strong support for C++, Python, Hack, and Java. Most services at Facebook are written using Thri ft for RPC, and some storage systems use Thrift for serializin...

CVE-2023-30434

IBM Storage Scale IBM Spectrum Scale 5.1.0.0 through 5.1.2.9, 5.1.3.0 through 5.1.6.1 and IBM Elastic Storage Systems 6.1.0.0 through 6.1.2.5, 6.1.3.0 through 6.1.6.0 could allow a local user to cause a kernel panic. IBM X-Force ID: 252187...

PT-2023-22688 · Ibm · Ibm Elastic Storage System +1

Name of the Vulnerable Software and Affected Versions: IBM Storage Scale versions 5.1.0.0 through 5.1.6.1 IBM Elastic Storage Systems versions 6.1.0.0 through 6.1.6.0 Description: The issue could allow a local user to cause a kernel panic. Recommendations: For IBM Storage Scale versions 5.1.0.0...

Security Bulletin: Configuring Volume Throttling on Storwize V3500, V3700, V5000 and V7000 (Gen 2) with V7.5.0.0-V7.5.0.2 may cause a loss of access to data

Summary Abstract Changing the volume throttling attribute on a Storwize V3500, V3700, V5000 or V7000 Gen 2 system with V7.5.0.0-V7.5.0.2 may cause node canisters in the system to go offline with a node error 564, requiring manual recovery. Content Vulnerability Details Abstract Changing the volum...

Cyber Attack on Ukrainian National Information Agency

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary On 17th January 2023, the Ukrainian National Information Agency "Ukrinform" suffered a partial cyber attack. The Government Computer Emergency Response Team of Ukraine CERT-UA initiated an investigation...

[SECURITY] Fedora 36 Update: qpress-20220819-1.fc36

qpress is a portable file archiver using QuickLZ and designed to utilize fast storage systems to their max. It's often faster than file copy because the destination is smaller than the source...

Fedora: Security Advisory for qpress (FEDORA-2022-e19ca639ef)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Veeam Verified: Primary Storage for Continuous Data Protection (CDP) with VMware VVOL

Purpose This article lists storage systems that Veeam has tested for use with VMware VVOL and Veeam's Continuous Data Protection CDP Replication. Tested Alliance Vendor Product Lines Cisco FlashStack based on Pure Storage FlashArray Cisco FlexPod based on NetApp ONTAP Cisco SmarStack based on HPE...

Performance Impacts of Deduplicated Storage Systems

To learn about Deduplication Appliance Best Practices, visit KB1745. Challenge The following Veeam technologies are dependent on primary backup storage random I/O performance: Instant Recovery VM/Disk/NAS/Databases Windows and Linux File Level Recovery Application Restore Cloud Tiering Cloud...

Information Disclosure Vulnerability in Multiple IBM Products (CNVD-2018-111112)

IBM SAN Volume Controller SVC and others are storage systems from IBM in the U.S. IBM SVC is a virtualized storage system; Storwize is a disk storage system customized for small and medium-sized businesses; Spectrum Virtualize is a spectral storage system; FlashSystem is an all-flash storage...

SambaCry, the Seven Year Old Samba Vulnerability, is the Next Big Threat (for now)

As Samba is used as part of many organizations storage systems, we will discuss the impact of the vulnerability on organizations and home users...

quantumstoragesystems.ca XSS vulnerability

Vulnerable URL: http://www.quantumstoragesystems.ca/search.php?query="submit=Search=1 Details: Description| Value ---|--- Patched:| Yes, at 28.07.2017 Latest check for patch:| 28.07.2017 12:37 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not...

Unable to Delete Credentials

Challenge When attempting to delete credentials from the credentials manager, a message box states: Unable to delete credentials because they are currently in use. See details for more info. Cause You cannot delete a record that is already used for any component in the backup infrastructure...