Vulnerabilities (CVE)

Filtered by vendor Ibm Subscribe
Filtered by product General Parallel File System
Total 14 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-1431 1 Ibm 2 General Parallel File System, Spectrum Scale 2024-02-04 4.6 MEDIUM 7.8 HIGH
A vulnerability in GSKit affects IBM Spectrum Scale 4.1.1, 4.2.0, 4.2.1, 4.2.3, and 5.0.0 that could allow a local attacker to obtain control of the Spectrum Scale daemon and to access and modify files in the Spectrum Scale file system, and possibly to obtain administrator privileges on the node. IBM X-Force ID: 139240.
CVE-2017-1654 1 Ibm 2 General Parallel File System, Spectrum Scale 2024-02-04 2.1 LOW 3.3 LOW
IBM Spectrum Scale 4.1.1 and 4.2.0 - 4.2.3 could allow a local unprivileged user access to information located in dump files. User data could be sent to IBM during service engagements. IBM X-Force ID: 133378.
CVE-2016-2984 1 Ibm 2 General Parallel File System, Spectrum Scale 2024-02-04 6.9 MEDIUM 7.0 HIGH
IBM Spectrum Scale 4.1.1.x before 4.1.1.8 and 4.2.x before 4.2.0.4 and General Parallel File System (GPFS) 3.5.x before 3.5.0.32 and 4.1.x before 4.1.1.8 allow local users to gain privileges via crafted command-line parameters to a /usr/lpp/mmfs/bin/ setuid program.
CVE-2016-2985 1 Ibm 2 General Parallel File System, Spectrum Scale 2024-02-04 6.9 MEDIUM 7.0 HIGH
IBM Spectrum Scale 4.1.1.x before 4.1.1.8 and 4.2.x before 4.2.0.4 and General Parallel File System (GPFS) 3.5.x before 3.5.0.32 and 4.1.x before 4.1.1.8 allow local users to gain privileges via crafted environment variables to a /usr/lpp/mmfs/bin/ setuid program.
CVE-2016-6115 1 Ibm 2 General Parallel File System, Spectrum Scale 2024-02-04 9.0 HIGH 7.2 HIGH
IBM General Parallel File System is vulnerable to a buffer overflow. A remote authenticated attacker could overflow a buffer and execute arbitrary code on the system with root privileges or cause the server to crash.
CVE-2015-4974 1 Ibm 2 General Parallel File System, Spectrum Scale 2024-02-04 7.2 HIGH N/A
IBM General Parallel File System (GPFS) 3.5.x before 3.5.0.27 and 4.1.x before 4.1.1.2 and Spectrum Scale 4.1.1.x before 4.1.1.2 allow local users to obtain root privileges for command execution via unspecified vectors.
CVE-2015-4981 1 Ibm 2 General Parallel File System, Spectrum Scale 2024-02-04 2.1 LOW N/A
IBM General Parallel File System (GPFS) 3.5.x before 3.5.0.27 and 4.1.x before 4.1.1.2 and Spectrum Scale 4.1.1.x before 4.1.1.2 allow local users to obtain sensitive information from system memory via unspecified vectors.
CVE-2015-7403 1 Ibm 2 General Parallel File System, Spectrum Scale 2024-02-04 2.1 LOW 4.0 MEDIUM
IBM Spectrum Scale 4.1.1.x before 4.1.1.3 and General Parallel File System (GPFS) 3.5.x before 3.5.0.29 and 4.1.x through 4.1.0.8 on AIX allow local users to cause a denial of service (incorrect pointer dereference and node crash) via unspecified vectors.
CVE-2016-0361 1 Ibm 1 General Parallel File System 2024-02-04 4.0 MEDIUM 6.5 MEDIUM
IBM General Parallel File System (GPFS) 3.5 before 3.5.0.29 efix 6 and 4.1.1 before 4.1.1.4 efix 9, when the Spectrum Scale GUI is used with DB2 on Linux, UNIX and Windows, allows remote authenticated users to obtain sensitive information via unspecified vectors, as demonstrated by discovering ADMIN passwords.
CVE-2015-1890 1 Ibm 1 General Parallel File System 2024-02-04 3.5 LOW N/A
/usr/lpp/mmfs/bin/gpfs.snap in IBM General Parallel File System (GPFS) 4.1 before 4.1.0.7 produces an archive potentially containing cleartext keys, and lacks a warning about reviewing this archive to detect included keys, which might allow remote attackers to obtain sensitive information by leveraging access to a technical-support data stream.
CVE-2015-0197 1 Ibm 1 General Parallel File System 2024-02-04 7.2 HIGH N/A
IBM General Parallel File System (GPFS) 3.4 before 3.4.0.32, 3.5 before 3.5.0.24, and 4.1 before 4.1.0.7 allows local users to obtain root privileges for program execution via unspecified vectors.
CVE-2015-0198 1 Ibm 1 General Parallel File System 2024-02-04 10.0 HIGH N/A
IBM General Parallel File System (GPFS) 3.4 before 3.4.0.32, 3.5 before 3.5.0.24, and 4.1 before 4.1.0.7 in certain cipherList configurations allows remote attackers to bypass authentication and execute arbitrary programs as root via unspecified vectors.
CVE-2015-0199 1 Ibm 1 General Parallel File System 2024-02-04 4.9 MEDIUM N/A
The mmfslinux kernel module in IBM General Parallel File System (GPFS) 3.4 before 3.4.0.32, 3.5 before 3.5.0.24, and 4.1 before 4.1.0.7 allows local users to cause a denial of service (memory corruption) via unspecified character-device ioctl calls.
CVE-2014-0834 1 Ibm 1 General Parallel File System 2024-02-04 4.0 MEDIUM N/A
IBM General Parallel File System (GPFS) 3.4 through 3.4.0.27 and 3.5 through 3.5.0.16 allows attackers to cause a denial of service (daemon crash) via crafted arguments to a setuid program.