📦 Aspera Console

CVE-2025-13379 is a SQL injection vulnerability in IBM Aspera Console versions 3.4.0 through 3.4.8 that allows remote attackers to execute arbitrary SQL commands. This could enable attackers to read, ...

This CSV injection vulnerability in IBM Aspera Console allows authenticated attackers to execute arbitrary code on affected systems by tricking users into opening malicious files. It affects IBM Asper...

CVE-2022-43842 is a SQL injection vulnerability in IBM Aspera Console versions 3.4.0 through 3.4.2 that allows remote attackers to execute arbitrary SQL commands. This could enable attackers to view, ...

IBM Aspera Console 3.4.0 contains a cross-site scripting (XSS) vulnerability that allows attackers to inject malicious JavaScript into the web interface. This could enable session hijacking, credentia...

IBM Aspera Console 3.4.7 stores sensitive information in log files that could be accessed by local privileged users. This vulnerability allows attackers with local system access to potentially obtain ...

IBM Aspera Console versions 3.4.0 through 3.4.4 use weak cryptographic algorithms that could allow attackers to decrypt sensitive data. This affects organizations using these specific versions of IBM'...

IBM Aspera Console versions 3.4.0 through 3.4.4 are vulnerable to HTTP header injection due to improper validation of HOST headers. This allows attackers to inject malicious HTTP headers, potentially ...

IBM Aspera Console versions 3.4.0 through 3.4.2 PL5 contain a cross-site scripting (XSS) vulnerability that allows authenticated users to inject malicious JavaScript into the web interface. This could...