Vulnerabilities > IBM > Aspera Shares > 1.9.15

DATE CVE VULNERABILITY TITLE RISK
2025-03-07 CVE-2025-0162 XXE vulnerability in IBM Aspera Shares 1.10.0/1.9.14/1.9.15
IBM Aspera Shares 1.9.9 through 1.10.0 PL7 is vulnerable to an XML external entity injection (XXE) attack when processing XML data.
network
low complexity
ibm CWE-611
7.1
7.1
2025-02-05 CVE-2024-38316 Unspecified vulnerability in IBM Aspera Shares 1.10.0/1.9.14/1.9.15
IBM Aspera Shares 1.9.0 through 1.10.0 PL6 does not properly rate limit the frequency that an authenticated user can send emails, which could result in email flooding or a denial of service.
network
low complexity
ibm
6.5
6.5
2025-02-05 CVE-2024-38318 Cross-site Scripting vulnerability in IBM Aspera Shares 1.10.0/1.9.14/1.9.15
IBM Aspera Shares 1.9.0 through 1.10.0 PL6 is vulnerable to HTML injection.
network
low complexity
ibm CWE-79
6.1
6.1
2025-02-05 CVE-2024-56472 Unspecified vulnerability in IBM Aspera Shares 1.10.0/1.9.14/1.9.15
IBM Aspera Shares 1.9.0 through 1.10.0 PL6 is vulnerable to stored cross-site scripting.
network
low complexity
ibm
5.4
5.4