Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
aspera faspex vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2022-47986
IBM Aspera Faspex 4.4.2 Patch Level 1 and previous versions could allow a remote malicious user to execute arbitrary code on the system, caused by a YAML deserialization flaw. By sending a specially crafted obsolete API call, an attacker could exploit this vulnerability to execu...
Ibm Aspera Faspex
Ibm Aspera Faspex 4.4.2
4 Github repositories
1 Article
5.4
CVSSv3
CVE-2023-22868
IBM Aspera Faspex 4.4.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 244117.
Ibm Aspera Faspex
Ibm Aspera Faspex 4.4.1
7.5
CVSSv3
CVE-2023-27871
IBM Aspera Faspex 4.4.2 could allow a remote malicious user to obtain sensitive credential information for an external user, using a specially crafted SQL query. IBM X-Force ID: 249613.
Ibm Aspera Faspex
Ibm Aspera Faspex 4.4.2
6.5
CVSSv3
CVE-2023-27873
IBM Aspera Faspex 4.4.2 could allow a remote authenticated malicious user to obtain sensitive credential information using specially crafted XML input. IBM X-Force ID: 249654.
Ibm Aspera Faspex
Ibm Aspera Faspex 4.4.2
8.8
CVSSv3
CVE-2023-27874
IBM Aspera Faspex 4.4.2 is vulnerable to an XML external entity injection (XXE) attack when processing XML data. A remote authenticated attacker could exploit this vulnerability to execute arbitrary commands. IBM X-Force ID: 249845.
Ibm Aspera Faspex
Ibm Aspera Faspex 4.4.2
7.5
CVSSv3
CVE-2022-22497
IBM Aspera Faspex 4.4.1 and 5.0.0 could allow unauthorized access due to an incorrectly computed security token. IBM X-Force ID: 226951.
Ibm Aspera Faspex 5.0.0
Ibm Aspera Faspex 4.4.1
6.5
CVSSv3
CVE-2024-45096
IBM Aspera Faspex 5.0.0 up to and including 5.0.9 could allow a user with access to the package to obtain sensitive information through a directory listing.
Ibm Aspera Faspex
7.1
CVSSv3
CVE-2024-45097
IBM Aspera Faspex 5.0.0 up to and including 5.0.9 could allow a user to bypass intended access restrictions and conduct resource modification.
Ibm Aspera Faspex
8.1
CVSSv3
CVE-2024-45098
IBM Aspera Faspex 5.0.0 up to and including 5.0.9 could allow a user to bypass intended access restrictions and conduct resource modification.
Ibm Aspera Faspex
7.5
CVSSv3
CVE-2023-30995
IBM Aspera Faspex 4.0 up to and including 4.4.2 and 5.0 up to and including 5.0.5 could allow a malicious actor to bypass IP whitelist restrictions using a specially crafted HTTP request. IBM X-Force ID: 254268.
Ibm Aspera Faspex
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
adobe
CVE-2024-9201
CVE-2024-9680
CVE-2024-9808
CVE-2024-9794
dos
remote attackers
commerce
CVE-2024-45129
overflow
CVE-2024-43572
Home
/
Search Results
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »