Aspera High-Speed Transfer

CVEs (10)

CVE	Vendor / Product	Sev	Risk	CVSS	EPSS	Published	Description
CVE-2026-8175	IBM Aspera High-Speed Transfer	Cri	0.64	9.8	—	May 27, 2026	IBM Aspera High-Speed Transfer Endpoint 3.7.4 through 4.4.7 Fix Pack 1 and IBM Aspera High-Speed Transfer Server 3.7.4 through 4.4.7 Fix Pack 1 and IBM Aspera High-Speed Transfer Endpoint are affected by a buffer overflow in the asperahttpd component. This vulnerability could be…
CVE-2026-8179	IBM Aspera High-Speed Transfer	Hig	0.57	8.8	—	May 27, 2026	IBM Aspera High-Speed Transfer Endpoint 3.7.4 through 4.4.7 Fix Pack 1 and IBM Aspera High-Speed Transfer Server 3.7.4 through 4.4.7 Fix Pack 1 and IBM Aspera High-Speed Transfer Endpoint are affected by a buffer overflow in the asperahttpd component. This vulnerability could…
CVE-2026-8180	IBM Aspera High-Speed Transfer	Hig	0.49	7.5	—	May 27, 2026	IBM Aspera High-Speed Transfer Endpoint 3.7.4 through 4.4.7 Fix Pack 1 and IBM Aspera High-Speed Transfer Server 3.7.4 through 4.4.7 Fix Pack 1 and IBM Aspera High-Speed Transfer Endpoint are affected by a potential denial of service in the asperahttpd component. An…
CVE-2026-9035	IBM Aspera High-Speed Transfer	Med	0.42	6.5	—	May 27, 2026	IBM Aspera High-Speed Transfer Endpoint 3.7.4 through 4.4.7 Fix Pack 1 and IBM Aspera High-Speed Transfer Server 3.7.4 through 4.4.7 Fix Pack 1 and IBM Aspera High-Speed Transfer Endpoint are affected by a potential arbitrary file read in the asperahttpd component. An…
CVE-2022-22391	IBM Aspera High-Speed Transfer		0.00	—	0.00	Apr 14, 2022	IBM Aspera High-Speed Transfer 4.3.1 and earlier could allow an authenticated user to obtain information from non sensitive operating system files that they should not have access to. IBM X-Force ID: 222059.
CVE-2020-4436	IBM Aspera Shares		0.00	—	0.00	Jun 10, 2020	Certain IBM Aspera applications are vulnerable to buffer overflow after valid authentication, which could allow an attacker with intimate knowledge of the system to execute arbitrary code through a service. IBM X-Force ID: 180902.
CVE-2020-4435	IBM Aspera Shares		0.00	—	0.01	Jun 10, 2020	Certain IBM Aspera applications are vulnerable to arbitrary memory corruption based on the product configuration, which could allow an attacker with intimate knowledge of the system to execute arbitrary code or perform a denial-of-service (DoS) through the http fallback service.…
CVE-2020-4434	IBM Aspera Shares		0.00	—	0.01	Jun 10, 2020	Certain IBM Aspera applications are vulnerable to buffer overflow based on the product configuration and valid authentication, which could allow an attacker with intimate knowledge of the system to execute arbitrary code or perform a denial-of-service (DoS) through the http…
CVE-2020-4433	IBM Aspera Shares		0.00	—	0.04	Jun 10, 2020	Certain IBM Aspera applications are vulnerable to a stack-based buffer overflow, caused by improper bounds checking. This could allow a remote attacker with intimate knowledge of the server to execute arbitrary code on the system with the privileges of root or cause server to…
CVE-2020-4432	IBM Aspera Shares		0.00	—	0.01	Jun 10, 2020	Certain IBM Aspera applications are vulnerable to command injection after valid authentication, which could allow an attacker with intimate knowledge of the system to execute commands in a SOAP API. IBM X-Force ID: 180810.

CVE-2026-8175CriMay 27, 2026
IBM
Aspera High-Speed Transfer
risk 0.64cvss 9.8epss —
IBM Aspera High-Speed Transfer Endpoint 3.7.4 through 4.4.7 Fix Pack 1 and IBM Aspera High-Speed Transfer Server 3.7.4 through 4.4.7 Fix Pack 1 and IBM Aspera High-Speed Transfer Endpoint are affected by a buffer overflow in the asperahttpd component. This vulnerability could be…
CVE-2026-8179HigMay 27, 2026
IBM
Aspera High-Speed Transfer
risk 0.57cvss 8.8epss —
IBM Aspera High-Speed Transfer Endpoint 3.7.4 through 4.4.7 Fix Pack 1 and IBM Aspera High-Speed Transfer Server 3.7.4 through 4.4.7 Fix Pack 1 and IBM Aspera High-Speed Transfer Endpoint are affected by a buffer overflow in the asperahttpd component. This vulnerability could…
CVE-2026-8180HigMay 27, 2026
IBM
Aspera High-Speed Transfer
risk 0.49cvss 7.5epss —
IBM Aspera High-Speed Transfer Endpoint 3.7.4 through 4.4.7 Fix Pack 1 and IBM Aspera High-Speed Transfer Server 3.7.4 through 4.4.7 Fix Pack 1 and IBM Aspera High-Speed Transfer Endpoint are affected by a potential denial of service in the asperahttpd component. An…
CVE-2026-9035MedMay 27, 2026
IBM
Aspera High-Speed Transfer
risk 0.42cvss 6.5epss —
IBM Aspera High-Speed Transfer Endpoint 3.7.4 through 4.4.7 Fix Pack 1 and IBM Aspera High-Speed Transfer Server 3.7.4 through 4.4.7 Fix Pack 1 and IBM Aspera High-Speed Transfer Endpoint are affected by a potential arbitrary file read in the asperahttpd component. An…
CVE-2022-22391Apr 14, 2022
IBM
Aspera High-Speed Transfer
risk 0.00cvss —epss 0.00
IBM Aspera High-Speed Transfer 4.3.1 and earlier could allow an authenticated user to obtain information from non sensitive operating system files that they should not have access to. IBM X-Force ID: 222059.
CVE-2020-4436Jun 10, 2020
IBM
Aspera Shares
risk 0.00cvss —epss 0.00
Certain IBM Aspera applications are vulnerable to buffer overflow after valid authentication, which could allow an attacker with intimate knowledge of the system to execute arbitrary code through a service. IBM X-Force ID: 180902.
CVE-2020-4435Jun 10, 2020
IBM
Aspera Shares
risk 0.00cvss —epss 0.01
Certain IBM Aspera applications are vulnerable to arbitrary memory corruption based on the product configuration, which could allow an attacker with intimate knowledge of the system to execute arbitrary code or perform a denial-of-service (DoS) through the http fallback service.…
CVE-2020-4434Jun 10, 2020
IBM
Aspera Shares
risk 0.00cvss —epss 0.01
Certain IBM Aspera applications are vulnerable to buffer overflow based on the product configuration and valid authentication, which could allow an attacker with intimate knowledge of the system to execute arbitrary code or perform a denial-of-service (DoS) through the http…
CVE-2020-4433Jun 10, 2020
IBM
Aspera Shares
risk 0.00cvss —epss 0.04
Certain IBM Aspera applications are vulnerable to a stack-based buffer overflow, caused by improper bounds checking. This could allow a remote attacker with intimate knowledge of the server to execute arbitrary code on the system with the privileges of root or cause server to…
CVE-2020-4432Jun 10, 2020
IBM
Aspera Shares
risk 0.00cvss —epss 0.01
Certain IBM Aspera applications are vulnerable to command injection after valid authentication, which could allow an attacker with intimate knowledge of the system to execute commands in a SOAP API. IBM X-Force ID: 180810.