CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

263 matches found

IBM Security Bulletins•added 2025/06/30 1:36 p.m.•7 views

Security Bulletin: Vulnerabilities in libssh affect IBM SAN Volume Controller, IBM Spectrum Virtualize and IBM FlashSystem products

Summary Vulnerabilities in the libssh component affect IBM Storage Virtualize products and could cause denial of service and confidentiality impacts. CVE-2023-1667 CVE-2023-2283. Vulnerability Details CVEID:CVE-2023-1667 DESCRIPTION: A NULL pointer dereference was found In libssh during re-keying...

6.5CVSS7.2AI score0.01094EPSS

Exploits2Affected Software5

RedhatCVE•added 2025/05/23 2:28 a.m.•3 views

CVE-2023-27870

IBM Spectrum Virtualize 8.5, under certain circumstances, could disclose sensitive credential information while a download from Fix Central is in progress. IBM X-Force ID: 249518...

7.5CVSS6.1AI score0.00314EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 12:58 a.m.•12 views

CVE-2022-43873

An authenticated user can exploit a vulnerability in the IBM Spectrum Virtualize 8.2, 8.3, 8.4, and 8.5 GUI to execute code and escalate their privilege on the system. IBM X-Force ID: 239847...

8.8CVSS7AI score0.00508EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 12:57 a.m.•14 views

CVE-2022-43870

IBM Spectrum Virtualize 8.3, 8.4, and 8.5 could disclose SNMPv3 server credentials to an authenticated user in log files. IBM X-Force ID: 239540...

6.5CVSS6.2AI score0.00328EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 12:47 a.m.•6 views

CVE-2022-39167

IBM Spectrum Virtualize 8.5, 8.4, 8.3, 8.2, and 7.8, under certain configurations, could disclose sensitive information to an attacker using man-in-the-middle techniques. IBM X-Force ID: 235408...

5.9CVSS5.9AI score0.00266EPSS

Exploits0References1

IBM Security Bulletins•added 2025/05/05 6:34 a.m.•16 views

Security Bulletin: FreeType versions 2.13.0 and below may lead to remote code execution for IBM Storage Virtualize vSphere Remote Plug-in (CVE-2025-27363)

Summary IBM Storage Virtualize vSphere Remote Plug-in virtual appliance runs an NGINX container built on a Debian-based image that uses a vulnerable version of the FreeType library 2.13.0 or earlier. This version is affected by CVE-2025-27363, a critical vulnerability that may allow remote code...

8.1CVSS8.1AI score0.70344EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2025/04/29 10:53 p.m.•49 views

Security Bulletin: Vulnerabilities in JAR files affect Transparent Cloud Tiering in IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products

Summary Vulnerabilities in multiple JAR files affect Transparent Cloud Tiering in IBM SAN Volume Controller, IBM Storwize, IBM Storage Virtualize and IBM FlashSystem products. The vulnerabilities are not thought to be exploitable but IBM recommends upgrade for users of Transparent Cloud Tiering...

9.8CVSS9.8AI score0.51266EPSS

Exploits9Affected Software10

IBM Security Bulletins•added 2025/04/29 2:16 a.m.•31 views

Security Bulletin: Vulnerability in remote support authentication affects IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products

Summary A vulnerability in the challenge / response authentication mechanism used by IBM remote support may allow unauthorized access as credentials can be reused on the product's management GUI. Vulnerability Details CVEID:CVE-2021-38969 DESCRIPTION: IBM Spectrum Virtualize could allow an attack...

9.8CVSS7.7AI score0.00189EPSS

Exploits0Affected Software10

OSV•added 2025/03/21 4:15 p.m.•2 views

CVE-2023-43029

IBM Storage Virtualize vSphere Remote Plug-in 1.0 and 1.1 could allow a remote user to obtain sensitive credential information after deployment...

6.8CVSS5.8AI score

Exploits0References1

Cvelist•added 2025/03/21 3:33 p.m.•9 views

CVE-2023-43029 IBM Storage Virtualize vSphere Remote Plug-in information disclosure

IBM Storage Virtualize vSphere Remote Plug-in 1.0 and 1.1 could allow a remote user to obtain sensitive credential information after deployment...

6.8CVSS0.0006EPSS

Exploits0References1

Vulnrichment•added 2025/03/21 3:33 p.m.•5 views

CVE-2023-43029 IBM Storage Virtualize vSphere Remote Plug-in information disclosure

IBM Storage Virtualize vSphere Remote Plug-in 1.0 and 1.1 could allow a remote user to obtain sensitive credential information after deployment...

6.8CVSS6.6AI score0.0006EPSS

Exploits0References1

CVE•added 2025/03/21 3:33 p.m.•51 views

CVE-2023-43029

CVE-2023-43029 affects IBM Storage Virtualize vSphere Remote Plug-in (versions 1.0 and 1.1). Root cause described in IBM security bulletin: credentials used for vSphere admin and registration may be exposed in the plugin support package after deployment, enabling a remote user to obtain sensitive...

7.5CVSS6.1AI score0.0006EPSS

Exploits0References1Affected Software1

IBM Security Bulletins•added 2025/03/21 6:43 a.m.•13 views

Security Bulletin: After deploying IBM Storage Virtualize vSphere Remote Plug-in, credentials used for vSphere admin and registration with IBM Storage Virtualize products may be exposed in the plugin support package (CVE-2023-43029)

Summary The credentials-encrypted key is not unique across all IBM Storage Virtualize vSphere Remote Plugin virtual machine instances deployed from a Fix Central via OVA. It is possible that the credentials for IBM FlashSystem, IBM SAN Volume Controller, IBM Storwize, vSphere admin, and...

7.5CVSS6AI score0.0006EPSS

Exploits0Affected Software1

Positive Technologies•added 2025/03/21 12:0 a.m.•7 views

PT-2025-12432 · Ibm · Ibm Storage Virtualize Vsphere Remote Plug-In

Name of the Vulnerable Software and Affected Versions: IBM Storage Virtualize vSphere Remote Plug-in versions 1.0 through 1.1 Description: The issue allows a remote user to obtain sensitive credential information after deployment. Recommendations: For versions 1.0 and 1.1, consider restricting...

7.5CVSS7AI score0.0006EPSS

Exploits0References9

CNNVD•added 2025/03/21 12:0 a.m.•1 views

IBM Storage Virtualize vSphere Remote Plug-in 安全漏洞

IBM Storage Virtualize vSphere Remote Plug-in is a vSphere remote plug-in for storage virtualization from International Business Machines IBM. It can be used to remotely manage and configure IBM Storage Virtualization resources. A security vulnerability exists in IBM Storage Virtualize vSphere...

7.5CVSS6.2AI score0.0006EPSS

Exploits0References2

IBM Security Bulletins•added 2025/02/26 3:47 p.m.•32 views

Security Bulletin: Vulnerabilities in bind and dnsmasq affect IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products

Summary Vulnerabilities in bind and dnsmasq affect IBM Storage Virtualize products and could denial of service. CVE-2022-2795 CVE-2022-3094 CVE-2022-3736 CVE-2022-3924 CVE-2023-4408 CVE-2023-5517 CVE-5679 CVE-2023-6516 CVE-2023-50387 CVE-2023-50868 . Vulnerability Details CVEID:CVE-2022-2795...

7.5CVSS8.2AI score0.43215EPSS

Exploits1Affected Software5

IBM Security Bulletins•added 2025/02/26 3:42 p.m.•12 views

Security Bulletin: Vulnerability in nghttp2 affects IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products

Summary A vulnerability in nghttp2 affects IBM Storage Virtualize products and could cause denial of service. CVE-2024-28182. Vulnerability Details CVEID:CVE-2024-28182 DESCRIPTION: nghttp2 is an implementation of the Hypertext Transfer Protocol version 2 in C. The nghttp2 library prior to versio...

5.3CVSS5.5AI score0.24971EPSS

Exploits1Affected Software8

IBM Security Bulletins•added 2025/02/26 3:36 p.m.•16 views

Security Bulletin: Vulnerability in the Linux kernel affects IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products

Summary A vulnerability in the Linux kernel affects IBM Storage Virtualize products and could cause side-channel leakage. CVE-2023-6240. Vulnerability Details CVEID:CVE-2023-6240 DESCRIPTION: Linux Kernel could allow a remote attacker to obtain sensitive information, caused by a Marvin...

6.5CVSS6.6AI score0.00074EPSS

Exploits0Affected Software8

IBM Security Bulletins•added 2025/02/19 10:44 a.m.•14 views

Security Bulletin: Vulnerability in python-dns affects IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products

Summary A vulnerability in python-dns affects IBM Storage Virtualize products and could cause denial of service. CVE-2023-29483. Vulnerability Details CVEID:CVE-2023-29483 DESCRIPTION: Dnspython is vulnerable to a denial of service, caused by a flaw in stub resolver when a bad-in-some-way respons...

7CVSS7.1AI score0.08388EPSS

Exploits1Affected Software10

IBM Security Bulletins•added 2025/02/03 10:34 p.m.•105 views

Security Bulletin: Recommended mitigation for SSH "Terrapin" vulnerability in IBM SAN Volume Controller, IBM Storwize, IBM Storage Virtualize and IBM FlashSystem products

Summary The SSH "Terrapin" vulnerability affects IBM SAN Volume Controller, IBM Storwize, IBM Storage Virtualize and IBM FlashSystem products when using the [email protected] cipher. This cipher can be disabled with a chsecurity command to fix the vulnerability. Vulnerability Details...

5.9CVSS7AI score0.51662EPSS

Exploits4Affected Software10

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by