CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

197 matches found

IBM Security Bulletins•added 2025/11/26 12:5 p.m.•8 views

Security Bulletin: Vulnerability in IBM Java affects IBM SAN Volume Controller, IBM Storwize, IBM Storage Virtualize and IBM FlashSystem products

Summary A vulnerability in IBM® Runtime Environment Java™ Technology Edition affect the product's management GUI and could cause a confidentiality impact. The Command Line Interface is unaffected. CVE-2025-30754. Vulnerability Details CVEID:CVE-2025-30754 DESCRIPTION: Vulnerability in the Oracle...

4.8CVSS5.5AI score0.00459EPSS

Exploits0Affected Software8

IBM Security Bulletins•added 2025/11/18 8:55 a.m.•3 views

Security Bulletin: Vulnerability in strongswan affects IBM SAN Volume Controller, IBM Spectrum Virtualize and IBM FlashSystem products

Summary A vulnerability in the strongswan IKEv1 implementation affects IBM Storage Virtualize products and could cause a confidentiality impact. CVE-2025-36118. Vulnerability Details CVEID:CVE-2025-36118 DESCRIPTION: IBM Storage Virtualize IKEv1 implementation allows remote attackers to obtain...

7.5CVSS6.7AI score0.00044EPSS

Exploits0Affected Software8

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2018-12043

Malware in sbrugna...

6.5CVSS6.9AI score0.00251EPSS

Exploits2References7

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2018-12354

Malware in sbrugna...

6.5CVSS6.6AI score0.00341EPSS

Exploits0References4

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2012-6209

Malware in sbrugna...

7.5CVSS6.4AI score0.00146EPSS

Exploits0References3

IBM Security Bulletins•added 2025/06/30 1:34 p.m.•5 views

Security Bulletin: Vulnerabilities in multiple components affect IBM SAN Volume Controller, IBM Spectrum Virtualize and IBM FlashSystem products

Summary Vulnerabilities in netty-handler, python-dns, bind, kernel, openssl, net-snmp and libgcrypt components affect IBM Storage Virtualize products and could cause denial of service and confidentiality impacts. CVE-2024-35857 CVE-2022-24805 CVE-2022-24806 CVE-2022-24807 CVE-2022-24808...

8.8CVSS8.6AI score0.14584EPSS

Exploits2Affected Software5

RedhatCVE•added 2025/05/23 1:59 a.m.•3 views

CVE-2023-47700

IBM SAN Volume Controller, IBM Storwize, IBM FlashSystem and IBM Storage Virtualize 8.6 products could allow a remote attacker to spoof a trusted system that would not be correctly validated by the Storwize server. This could lead to a user connecting to a malicious host, believing that it was a...

7.5CVSS6.4AI score0.00036EPSS

Exploits0References1

IBM Security Bulletins•added 2025/04/29 10:53 p.m.•49 views

Security Bulletin: Vulnerabilities in JAR files affect Transparent Cloud Tiering in IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products

Summary Vulnerabilities in multiple JAR files affect Transparent Cloud Tiering in IBM SAN Volume Controller, IBM Storwize, IBM Storage Virtualize and IBM FlashSystem products. The vulnerabilities are not thought to be exploitable but IBM recommends upgrade for users of Transparent Cloud Tiering...

9.8CVSS9.8AI score0.51266EPSS

Exploits9Affected Software10

IBM Security Bulletins•added 2025/04/29 2:16 a.m.•31 views

Security Bulletin: Vulnerability in remote support authentication affects IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products

Summary A vulnerability in the challenge / response authentication mechanism used by IBM remote support may allow unauthorized access as credentials can be reused on the product's management GUI. Vulnerability Details CVEID:CVE-2021-38969 DESCRIPTION: IBM Spectrum Virtualize could allow an attack...

9.8CVSS7.7AI score0.00189EPSS

Exploits0Affected Software10

IBM Security Bulletins•added 2025/02/19 10:44 a.m.•14 views

Security Bulletin: Vulnerability in python-dns affects IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products

Summary A vulnerability in python-dns affects IBM Storage Virtualize products and could cause denial of service. CVE-2023-29483. Vulnerability Details CVEID:CVE-2023-29483 DESCRIPTION: Dnspython is vulnerable to a denial of service, caused by a flaw in stub resolver when a bad-in-some-way respons...

7CVSS7.1AI score0.08388EPSS

Exploits1Affected Software10

IBM Security Bulletins•added 2025/02/03 10:34 p.m.•103 views

Security Bulletin: Recommended mitigation for SSH "Terrapin" vulnerability in IBM SAN Volume Controller, IBM Storwize, IBM Storage Virtualize and IBM FlashSystem products

Summary The SSH "Terrapin" vulnerability affects IBM SAN Volume Controller, IBM Storwize, IBM Storage Virtualize and IBM FlashSystem products when using the [email protected] cipher. This cipher can be disabled with a chsecurity command to fix the vulnerability. Vulnerability Details...

5.9CVSS7AI score0.54214EPSS

Exploits3Affected Software10

IBM Security Bulletins•added 2024/09/24 9:1 a.m.•40 views

Security Bulletin: Vulnerabilities in libmaxminddb, dnsmasq and bind affect IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem product

Summary Vulnerabilities in libmaxminddb, dnsmasq and bind affect IBM Storage Virtualize products and could cause impacts to integrity and availability. CVE-2023-50387 CVE-2023-50868 CVE-2020-28241 CVE-2023-4408. Vulnerability Details CVEID:CVE-2023-50387 DESCRIPTION: ISC BIND is vulnerable to a...

7.5CVSS9AI score0.43701EPSS

Exploits2Affected Software13

IBM Security Bulletins•added 2024/09/24 8:56 a.m.•36 views

Security Bulletin: Vulnerabilitiy in IBM Java affects IBM SAN Volume Controller, IBM Storwize, IBM Storage Virtualize and IBM FlashSystem products

Summary Vulnerability in IBM® Runtime Environment Java™ Technology Edition affects the product's management GUI. The Command Line Interface is unaffected. CVE-2024-21131. Vulnerability Details CVEID:CVE-2024-21131 DESCRIPTION: An unspecified vulnerability in Java SE related to the VM component...

3.7CVSS5.5AI score0.00442EPSS

Exploits0Affected Software10

IBM Security Bulletins•added 2024/06/19 5:53 p.m.•60 views

Security Bulletin: Vulnerabilities in Linux components affect IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products

Summary Vulnerabilities in libssh, nginx and nghttp2 affect IBM Storage Virtualize products and could cause denial of service and bypassing of authentication. CVE-2023-44487, CVE-2023-1667, CVE-2023-2283. Vulnerability Details CVEID:CVE-2023-44487 DESCRIPTION: Multiple vendors are vulnerable to a...

7.5CVSS8.3AI score0.944EPSS

Exploits21Affected Software13

IBM Security Bulletins•added 2024/06/19 3:29 p.m.•39 views

Security Bulletin: Vulnerabilities in Apache Tomcat affect IBM SAN Volume Controller, IBM Storwize, IBM Storage Virtualize and IBM FlashSystem products

Summary Vulnerabilities in Apache Tomcat affect the product's management GUI, potentially allowing denial of service. The Command Line Interface is unaffected. CVE-2024-23672, CVE-2024-24549. Vulnerability Details CVEID:CVE-2024-23672 DESCRIPTION: Apache Tomcat is vulnerable to a denial of servic...

7.5CVSS7.4AI score0.64877EPSS

Exploits1Affected Software10

IBM Security Bulletins•added 2024/06/19 10:43 a.m.•26 views

Security Bulletin: A vulnerability in Transparent Cloud Tiering affects IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products

Summary A vulnerability in netty-codec-http affects the Transparent Cloud Tiering function in IBM Storage Virtualize products. Most systems do not have Transparent Cloud Tiering configured. You can confirm by running the lsvolumebackup CLI command - if there is no output, then this feature is not...

5.3CVSS6.1AI score0.00343EPSS

Exploits1Affected Software10

IBM Security Bulletins•added 2024/05/01 10:52 a.m.•77 views

Security Bulletin: A vulnerability in the GUI affects IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products

Summary The certificate for a remote system in a policy-based replication partnership is not correctly validated in the GUI on IBM Storage Virtualize products. Vulnerability Details CVEID:CVE-2023-47700 DESCRIPTION: IBM SAN Volume Controller, IBM Storwize, IBM FlashSystem and IBM Storage Virtuali...

7.5CVSS6.7AI score0.00036EPSS

Exploits0Affected Software10

IBM Security Bulletins•added 2024/05/01 10:50 a.m.•15 views

Security Bulletin: Vulnerabilities in IBM Java affects IBM SAN Volume Controller, IBM Storwize, IBM Storage Virtualize and IBM FlashSystem products

Summary Vulnerabilities in IBM Java affects IBM SAN Volume Controller, IBM Storwize, IBM Storage Virtualize and IBM FlashSystem products Vulnerability Details CVEID:CVE-2023-22081 DESCRIPTION: An unspecified vulnerability in Java SE related to the JSSE component could allow a remote attacker to...

5.9CVSS6AI score0.00172EPSS

Exploits0Affected Software10

IBM Security Bulletins•added 2024/05/01 9:28 a.m.•37 views

Security Bulletin: A vulnerability in Apache Struts affects IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products

Summary A vulnerability in Apache Struts affects the product's management GUI. The Command Line Interface is unaffected CVE-2023-50164. This bulletin identifies the steps to take to address the vulnerability. Vulnerability Details CVEID:CVE-2023-50164 DESCRIPTION: Apache Struts could allow a remo...

9.8CVSS9.8AI score0.92896EPSS

Exploits15Affected Software13

IBM Security Bulletins•added 2024/04/30 4:46 p.m.•78 views

Security Bulletin: Vulnerability in Apache Tomcat affects IBM SAN Volume Controller, IBM Storwize, IBM Storage Virtualize and IBM FlashSystem products (CVE-2023-45648, CVE-2023-42795, CVE-2023-46589, CVE-2024-21733)

Summary A vulnerability in Apache Tomcat affects the product's management GUI, potentially allowing HTTP request smuggling and the obtaining of sensitive information. The Command Line Interface is unaffected. Vulnerability Details CVEID:CVE-2023-45648 DESCRIPTION: Apache Tomcat is vulnerable to...

7.5CVSS7.3AI score0.70951EPSS

Exploits5Affected Software10

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by