VYPR

General Parallel File System

by IBM

CVEs (15)

  • CVE-2016-0392HigJun 19, 2016
    risk 0.55cvss 8.4epss 0.01

    IBM General Parallel File System (GPFS) in GPFS Storage Server 2.0.0 through 2.0.7 and Elastic Storage Server 2.5.x through 2.5.5, 3.x before 3.5.5, and 4.x before 4.0.3, as distributed in Spectrum Scale RAID, allows local users to gain privileges via a crafted parameter to a…

  • CVE-2015-7430HigJan 2, 2016
    risk 0.55cvss 8.4epss 0.01

    The Hadoop connector 1.1.1, 2.4, 2.5, and 2.7.0-0 before 2.7.0-3 for IBM Spectrum Scale and General Parallel File System (GPFS) allows local users to read or write to arbitrary GPFS data via unspecified vectors.

  • CVE-2016-6115HigFeb 1, 2017
    risk 0.47cvss 7.2epss 0.04

    IBM General Parallel File System is vulnerable to a buffer overflow. A remote authenticated attacker could overflow a buffer and execute arbitrary code on the system with root privileges or cause the server to crash.

  • CVE-2016-2985HigNov 25, 2016
    risk 0.46cvss 7.0epss 0.00

    IBM Spectrum Scale 4.1.1.x before 4.1.1.8 and 4.2.x before 4.2.0.4 and General Parallel File System (GPFS) 3.5.x before 3.5.0.32 and 4.1.x before 4.1.1.8 allow local users to gain privileges via crafted environment variables to a /usr/lpp/mmfs/bin/ setuid program.

  • CVE-2016-2984HigNov 25, 2016
    risk 0.46cvss 7.0epss 0.00

    IBM Spectrum Scale 4.1.1.x before 4.1.1.8 and 4.2.x before 4.2.0.4 and General Parallel File System (GPFS) 3.5.x before 3.5.0.32 and 4.1.x before 4.1.1.8 allow local users to gain privileges via crafted command-line parameters to a /usr/lpp/mmfs/bin/ setuid program.

  • CVE-2016-0263HigJun 29, 2016
    risk 0.46cvss 7.0epss 0.00

    IBM Spectrum Scale 4.1 before 4.1.1.5 and 4.2 before 4.2.0.2 and General Parallel File System 3.5 before 3.5.0.30 allow local users to gain privileges or cause a denial of service via a crafted mmapplypolicy command.

  • CVE-2016-0361MedAug 8, 2016
    risk 0.42cvss 6.5epss 0.02

    IBM General Parallel File System (GPFS) 3.5 before 3.5.0.29 efix 6 and 4.1.1 before 4.1.1.4 efix 9, when the Spectrum Scale GUI is used with DB2 on Linux, UNIX and Windows, allows remote authenticated users to obtain sensitive information via unspecified vectors, as demonstrated…

  • CVE-2015-7403MedJan 2, 2016
    risk 0.26cvss 4.0epss 0.00

    IBM Spectrum Scale 4.1.1.x before 4.1.1.3 and General Parallel File System (GPFS) 3.5.x before 3.5.0.29 and 4.1.x through 4.1.0.8 on AIX allow local users to cause a denial of service (incorrect pointer dereference and node crash) via unspecified vectors.

  • CVE-2015-4981Oct 26, 2015
    risk 0.00cvss epss 0.00

    IBM General Parallel File System (GPFS) 3.5.x before 3.5.0.27 and 4.1.x before 4.1.1.2 and Spectrum Scale 4.1.1.x before 4.1.1.2 allow local users to obtain sensitive information from system memory via unspecified vectors.

  • CVE-2015-4974Oct 26, 2015
    risk 0.00cvss epss 0.01

    IBM General Parallel File System (GPFS) 3.5.x before 3.5.0.27 and 4.1.x before 4.1.1.2 and Spectrum Scale 4.1.1.x before 4.1.1.2 allow local users to obtain root privileges for command execution via unspecified vectors.

  • CVE-2015-1890Apr 6, 2015
    risk 0.00cvss epss 0.01

    /usr/lpp/mmfs/bin/gpfs.snap in IBM General Parallel File System (GPFS) 4.1 before 4.1.0.7 produces an archive potentially containing cleartext keys, and lacks a warning about reviewing this archive to detect included keys, which might allow remote attackers to obtain sensitive…

  • CVE-2015-0199Mar 24, 2015
    risk 0.00cvss epss 0.00

    The mmfslinux kernel module in IBM General Parallel File System (GPFS) 3.4 before 3.4.0.32, 3.5 before 3.5.0.24, and 4.1 before 4.1.0.7 allows local users to cause a denial of service (memory corruption) via unspecified character-device ioctl calls.

  • CVE-2015-0198Mar 24, 2015
    risk 0.00cvss epss 0.04

    IBM General Parallel File System (GPFS) 3.4 before 3.4.0.32, 3.5 before 3.5.0.24, and 4.1 before 4.1.0.7 in certain cipherList configurations allows remote attackers to bypass authentication and execute arbitrary programs as root via unspecified vectors.

  • CVE-2015-0197Mar 24, 2015
    risk 0.00cvss epss 0.00

    IBM General Parallel File System (GPFS) 3.4 before 3.4.0.32, 3.5 before 3.5.0.24, and 4.1 before 4.1.0.7 allows local users to obtain root privileges for program execution via unspecified vectors.

  • CVE-2014-0834Feb 4, 2014
    risk 0.00cvss epss 0.01

    IBM General Parallel File System (GPFS) 3.4 through 3.4.0.27 and 3.5 through 3.5.0.16 allows attackers to cause a denial of service (daemon crash) via crafted arguments to a setuid program.