IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the invscout command to obtain root privileges. IBM X-Force ID:...
7.8CVSS
7.2AI Score
0.0004EPSS
IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the AIX kernel to obtain root privileges. IBM X-Force ID:...
7.8CVSS
7AI Score
0.0004EPSS
IBM PowerVM VIOS 3.1 could allow a remote attacker to tamper with system configuration or cause a denial of service. IBM X-Force ID:...
9.1CVSS
8.7AI Score
0.001EPSS
IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a local user to exploit a vulnerability in the lpd daemon to cause a denial of service. IBM X-Force ID:...
5.5CVSS
5.2AI Score
0.0004EPSS
IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a non-privileged trusted host user to exploit a vulnerability in the nimsh daemon to cause a denial of service in the nimsh daemon on another trusted host. IBM X-Force ID:...
8.6CVSS
8AI Score
0.001EPSS
IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the AIX kernel to cause a denial of service. IBM X-Force ID:...
5.5CVSS
5.1AI Score
0.0004EPSS
IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the AIX kernel to cause a denial of service. IBM X-Force ID:...
5.5CVSS
5.1AI Score
0.0004EPSS
IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in CAA to cause a denial of service. IBM X-Force ID:...
5.5CVSS
5.1AI Score
0.0004EPSS
IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the AIX kernel to cause a denial of service. IBM X-Force ID:...
5.5CVSS
5.1AI Score
0.0004EPSS
IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a local user with elevated privileges to cause a denial of service due to a file creation vulnerability in the audit commands. IBM X-Force ID:...
4.4CVSS
4.4AI Score
0.0004EPSS
IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the smbcd daemon to cause a denial of service. IBM X-Force ID:...
5.5CVSS
5.2AI Score
0.0004EPSS
IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the AIX kernel to cause a denial of service. IBM X-Force ID:...
5.5CVSS
5.1AI Score
0.0004EPSS
IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the AIX kernel to cause a denial of service. IBM X-Force ID:...
5.5CVSS
5.1AI Score
0.0004EPSS
IBM AIX 7.0, 7.1, 7.2, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the lscore command which could lead to code execution. IBM X-Force ID:...
7.8CVSS
7.4AI Score
0.0004EPSS
IBM AIX 7.1, 7.2, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the mount command which could lead to code execution. IBM X-Force ID:...
7.8CVSS
7.4AI Score
0.0004EPSS
IBM AIX 7.1, 7.2, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the libc.a library to expose sensitive information. IBM X-Force ID:...
6.2CVSS
5.9AI Score
0.0005EPSS
IBM AIX 7.1, 7.2, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in EFS to expose sensitive information. IBM X-Force ID:...
6.2CVSS
5.9AI Score
0.0005EPSS
IBM AIX 7.1, 7.2, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the AIX kernel to cause a denial of service. IBM X-Force ID:...
5.5CVSS
5.8AI Score
0.0004EPSS
IBM AIX 7.1, 7.2, and VIOS 3.1 could allow a local user to exploit a vulnerability in the AIX kernel to cause a denial of service. IBM X-Force ID:...
5.5CVSS
5.8AI Score
0.0004EPSS
IBM AIX 7.1, 7.2, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the kernel to gain root privileges. IBM X-Force ID:...
7.8CVSS
7.3AI Score
0.0004EPSS
IBM AIX 7.1, 7.2, and VIOS 3.1 could allow a local user to exploit a vulnerability in Korn Shell (ksh) to gain root privileges. IBM X-Force ID:...
7.8CVSS
7.3AI Score
0.0004EPSS
IBM AIX 7.1, 7.2, and VIOS 3.1 could allow a local user that is in the with elevated group privileges to cause a denial of service due to a vulnerability in the lpd daemon. IBM X-Force ID:...
4.4CVSS
4.4AI Score
0.0004EPSS
IBM AIX 7.1, 7.2 and AIX VIOS 3.1 could allow a local user to exploit a vulnerability in the gencore user command to create arbitrary files in any directory. IBM X-Force ID:...
5.5CVSS
5.3AI Score
0.0004EPSS
IBM AIX 7.1, 7.2, and VIOS 3.1 could allow a local user to exploit a vulnerability in the ksu user command to gain root privileges. IBM X-Force ID:...
7.8CVSS
7.2AI Score
0.0004EPSS
IBM Power9 (AIX 7.1, 7.2, and VIOS 3.1) processors could allow a local user to obtain sensitive information from the data in the L1 cache under extenuating circumstances. IBM X-Force ID:...
4.7CVSS
5.3AI Score
0.0004EPSS
IBM AIX 5.3, 6.1, 7.1, and 7.2 and VIOS 2.2.x do not default to the latest TLS version, which makes it easier for man-in-the-middle attackers to obtain sensitive information via unspecified...
3.7CVSS
4.1AI Score
0.004EPSS
The mustendd driver in IBM AIX 5.3, 6.1, 7.1, and 7.2 and VIOS 2.2.x, when the jumbo_frames feature is not enabled, allows remote attackers to cause a denial of service (FC1763 or FC5899 adapter crash) via crafted...
3.7CVSS
4.4AI Score
0.008EPSS
netstat in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.2.x, when a fibre channel adapter is used, allows local users to gain privileges via unspecified...
6.2AI Score
0.0004EPSS
lquerylv in cmdlvm in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.2.x allows local users to gain privileges via a crafted DBGCMD_LQUERYLV environment-variable...
6AI Score
0.001EPSS
The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE"...
3.4CVSS
4.3AI Score
0.975EPSS
The runtime linker in IBM AIX 6.1 and 7.1 and VIOS 2.2.x allows local users to create a mode-666 root-owned file, and consequently gain privileges, by setting crafted MALLOCOPTIONS and MALLOCBUCKETS environment-variable values and then executing a setuid...
6AI Score
0.0004EPSS
libodm.a in IBM AIX 6.1 and 7.1, and VIOS 2.2.x, allows local users to overwrite arbitrary files via a symlink attack on a temporary file. NOTE: this vulnerability exists because of an incomplete fix for...
5.9AI Score
0.0004EPSS
The ptrace system call in IBM AIX 5.3, 6.1, and 7.1, and VIOS 2.2.x, allows local users to cause a denial of service (system crash) or obtain sensitive information from kernel memory via a crafted PT_LDINFO...
5.7AI Score
0.0004EPSS
Multiple unspecified vulnerabilities in the InfiniBand subsystem in IBM AIX 6.1 and 7.1, and VIOS 2.2.2.2-FP-26 SP-02, allow local users to gain privileges via vectors involving (1) arp.ib or (2)...
6.4AI Score
0.002EPSS
The TFTP client in IBM AIX 6.1 and 7.1, and VIOS 2.2.2.2-FP-26 SP-02, when RBAC is enabled, allows remote authenticated users to bypass intended file-ownership restrictions, and read or overwrite arbitrary files, via unspecified...
6.1AI Score
0.003EPSS
The IPv6 implementation in the inet subsystem in IBM AIX 6.1 and 7.1, and VIOS 2.2.2.2-FP-26 SP-02, allows remote attackers to cause a denial of service (system hang) via a crafted packet to an IPv6...
6.3AI Score
0.054EPSS
The FTP client in IBM AIX 6.1 and 7.1, and VIOS 2.2.1.4-FP-25 SP-02, does not properly manage privileges in an RBAC environment, which allows attackers to bypass intended file-read restrictions by leveraging the setuid installation of the ftp executable...
6.1AI Score
0.002EPSS
fuser in IBM AIX 6.1 and 7.1, and VIOS 2.2.1.4-FP-25 SP-02, does not properly restrict the -k option, which allows local users to kill arbitrary processes via a crafted command...
5.9AI Score
0.0004EPSS
The NFSv4 client implementation in IBM AIX 5.3, 6.1, and 7.1, and VIOS before 2.2.1.4-FP-25 SP-02, does not properly handle GID values, which allows remote attackers to cause a denial of service via unspecified...
6.7AI Score
0.051EPSS
The kernel in IBM AIX 5.3, 6.1, and 7.1, and VIOS 2.2.1.4-FP-25 SP-02, does not properly implement the dupmsg system call, which allows local users to cause a denial of service (system crash) via a crafted...
5.9AI Score
0.0004EPSS
The default configuration of sendmail in IBM AIX 6.1 and 7.1, and VIOS 2.2.1.4-FP-25 SP-02, allows local users to gain privileges by entering a command in a .forward file in a home...
6.4AI Score
0.0004EPSS
The socketpair function in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.2.1.4-FP-25 SP-02 allows local users to cause a denial of service (system crash) via a crafted application that leverages the presence of a socket on the free...
6.1AI Score
0.0004EPSS
The getpwnam function in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.1.0.10 through 2.2.1.3 does not properly interact with customer-extended LDAP user filtering, which allows local users to gain privileges via unspecified...
6AI Score
0.0004EPSS
IBM AIX 5.3, 6.1, and 7.1, and VIOS 2.1.x and 2.2.x, allows remote attackers to cause a denial of service (system crash) via an ICMP Echo Reply packet that contains 1 in the Identifier field, a different vulnerability than...
6.2AI Score
0.069EPSS
Buffer overflow in sa_snap in the bos.esagent fileset in IBM AIX 6.1, 5.3, and earlier and VIOS 2.1, 1.5, and earlier allows local users to leverage system group membership and gain privileges via unspecified...
6.5AI Score
0.0004EPSS
Format string vulnerability in the _msgout function in rpc.pcnfsd in IBM AIX 6.1, 5.3, and earlier; IBM VIOS 2.1, 1.5, and earlier; NFS/ONCplus B.11.31_09 and earlier on HP HP-UX B.11.11, B.11.23, and B.11.31; and SGI IRIX 6.5 allows remote attackers to execute arbitrary code via an RPC request...
7.2AI Score
0.227EPSS
Buffer overflow in qoslist in bos.net.tcp.server in IBM AIX 6.1 and VIOS 2.1 allows local users to gain privileges via unspecified...
6.8AI Score
0.0004EPSS
Buffer overflow in qosmod in bos.net.tcp.server in IBM AIX 6.1 and VIOS 2.1 allows local users to gain privileges via unspecified...
6.8AI Score
0.0004EPSS
Stack-based buffer overflow in libcsa.a (aka the calendar daemon library) in IBM AIX 5.x through 5.3.10 and 6.x through 6.1.3, and VIOS 2.1 and earlier, allows remote attackers to execute arbitrary code via a long XDR string in the first argument to procedure 21 of...
7.8AI Score
0.755EPSS