Vulnerabilities > IBM > General Parallel File System > 3.5.0.6
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-11-25 | CVE-2016-2985 | Permissions, Privileges, and Access Controls vulnerability in IBM General Parallel File System and Spectrum Scale IBM Spectrum Scale 4.1.1.x before 4.1.1.8 and 4.2.x before 4.2.0.4 and General Parallel File System (GPFS) 3.5.x before 3.5.0.32 and 4.1.x before 4.1.1.8 allow local users to gain privileges via crafted environment variables to a /usr/lpp/mmfs/bin/ setuid program. | 6.9 |
| 2016-11-25 | CVE-2016-2984 | Permissions, Privileges, and Access Controls vulnerability in IBM General Parallel File System and Spectrum Scale IBM Spectrum Scale 4.1.1.x before 4.1.1.8 and 4.2.x before 4.2.0.4 and General Parallel File System (GPFS) 3.5.x before 3.5.0.32 and 4.1.x before 4.1.1.8 allow local users to gain privileges via crafted command-line parameters to a /usr/lpp/mmfs/bin/ setuid program. | 6.9 |
| 2015-10-26 | CVE-2015-4981 | Information Exposure vulnerability in IBM General Parallel File System and Spectrum Scale IBM General Parallel File System (GPFS) 3.5.x before 3.5.0.27 and 4.1.x before 4.1.1.2 and Spectrum Scale 4.1.1.x before 4.1.1.2 allow local users to obtain sensitive information from system memory via unspecified vectors. | 2.1 |
| 2015-10-26 | CVE-2015-4974 | Command Injection vulnerability in IBM General Parallel File System and Spectrum Scale IBM General Parallel File System (GPFS) 3.5.x before 3.5.0.27 and 4.1.x before 4.1.1.2 and Spectrum Scale 4.1.1.x before 4.1.1.2 allow local users to obtain root privileges for command execution via unspecified vectors. | 7.2 |
| 2014-02-04 | CVE-2014-0834 | Improper Input Validation vulnerability in IBM General Parallel File System IBM General Parallel File System (GPFS) 3.4 through 3.4.0.27 and 3.5 through 3.5.0.16 allows attackers to cause a denial of service (daemon crash) via crafted arguments to a setuid program. | 4.0 |