51 matches found
Security Bulletin: AIX Xorg X Server is vulnerable to memory corruption or a denial of service (CVE-2025-62230, CVE-2025-62231)
Summary Updated Feb 24 2026: New iFix for 7.3 TL3 SP2 provided with correct fileset prereqs. Updated the affected fileset levels to show that 7.3 TL3 SP2 is vulnerable. Vulnerabilities in Xorg X Server could cause a memory corruption or denial of service CVE-2025-62230, CVE-2025-62231...
CVE-2025-36236
IBM AIX 7.2, and 7.3 and IBM VIOS 3.1, and 4.1 NIM server formerly known as NIM master service nimesis could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request to write arbitrary files on the system...
CVE-2025-36250
IBM AIX 7.2, and 7.3 and IBM VIOS 3.1, and 4.1 NIM server formerly known as NIM master service nimesis could allow a remote attacker to execute arbitrary commands due to improper process controls. This addresses additional attack vectors for a vulnerability that was previously addressed in...
EUVD-2025-180538
IBM AIX 7.2, and 7.3 and IBM VIOS 3.1, and 4.1 NIM server formerly known as NIM master service nimesis could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request to write arbitrary files on the system...
EUVD-2025-180539
IBM AIX 7.2, and 7.3 and IBM VIOS 3.1, and 4.1 NIM server formerly known as NIM master service nimesis could allow a remote attacker to execute arbitrary commands due to improper process controls. This addresses additional attack vectors for a vulnerability that was previously addressed in...
EUVD-2025-180540
IBM AIX 7.2, and 7.3 and IBM VIOS 3.1, and 4.1 stores NIM private keys used in NIM environments in an insecure way which is susceptible to unauthorized access by an attacker using man in the middle techniques...
CVE-2025-36250
IBM AIX 7.2, and 7.3 and IBM VIOS 3.1, and 4.1 NIM server formerly known as NIM master service nimesis could allow a remote attacker to execute arbitrary commands due to improper process controls. This addresses additional attack vectors for a vulnerability that was previously addressed in...
CVE-2025-36250 AIX Code Execution
IBM AIX 7.2, and 7.3 and IBM VIOS 3.1, and 4.1 NIM server formerly known as NIM master service nimesis could allow a remote attacker to execute arbitrary commands due to improper process controls. This addresses additional attack vectors for a vulnerability that was previously addressed in...
CVE-2025-36096 AIX Insufficiently Protected Credentials
IBM AIX 7.2, and 7.3 and IBM VIOS 3.1, and 4.1 stores NIM private keys used in NIM environments in an insecure way which is susceptible to unauthorized access by an attacker using man in the middle techniques...
IBM AIX和IBM VIOS 安全漏洞
IBM AIX and IBM VIOS are both products of the International Business Machines IBM Corporation.IBM AIX is an open standards-based UNIX operating system developed for the IBM Power architecture.IBM VIOS is part of the PowerVm® Editions hardware feature set.IBM AIX is an open standards-based UNIX...
PT-2025-46922
Name of the Vulnerable Software and Affected Versions IBM AIX versions 7.2 and 7.3 IBM VIOS versions 3.1 and 4.1 Description The NIM server service formerly known as NIM master – nimesis – may allow a remote attacker to traverse directories on the system. An attacker could send a specially crafte...
AIX is vulnerable to a memory corruption issue (CVE-2025-6965) due to RPM
IBM SECURITY ADVISORY First Issued: Mon Oct 6 15:10:47 CDT 2025 The most recent version of this document is available here: https://aix.software.ibm.com/aix/efixes/security/rpmadvisory4.asc Security Bulletin: AIX is vulnerable to a memory corruption issue CVE-2025-6965 due to RPM...
CVE-2025-36244
IBM AIX 7.2, 7.3, IBM VIOS 3.1, and 4.1, when configured to use Kerberos network authentication, could allow a local user to write to files on the system with root privileges due to improper initialization of critical variables...
PT-2025-37994
Name of the Vulnerable Software and Affected Versions: IBM AIX versions 7.2 through 7.3 IBM VIOS versions 3.1 through 4.1 Description: IBM AIX and VIOS, when configured to use Kerberos network authentication, may allow a local user to gain root privileges by writing to files on the system due to...
CVE-2024-56346
IBM AIX 7.2 and 7.3 nimesis NIM master service could allow a remote attacker to execute arbitrary commands due to improper process controls...
CVE-2024-47102
IBM AIX 7.2, 7.3, VIOS 3.1, and 4.1 could allow a non-privileged local user to exploit a vulnerability in the AIX perfstat kernel extension to cause a denial of service...
PT-2024-32409 · Ibm · Aix +2
Name of the Vulnerable Software and Affected Versions: IBM AIX versions 7.2 through 7.3 VIOS versions 3.1 through 4.1 Description: The issue allows a non-privileged local user to exploit a vulnerability in the AIX perfstat kernel extension to cause a denial of service. Recommendations: For IBM AI...
PT-2024-9580 · Ibm · Vios +1
Name of the Vulnerable Software and Affected Versions: IBM AIX versions 7.2 through 7.3 VIOS versions 3.1 through 4.1 Description: The issue is related to the improper neutralization of input in the invscout component of IBM AIX and VIOS operating systems, allowing a local user to execute arbitra...
IBM AIX 安全漏洞
IBM AIX is an open standards-based UNIX operating system developed for the IBM Power architecture by International Business Machines IBM. A security vulnerability exists in IBM AIX version 7.2, 7.3, VIOS version 3.1, and VIOS version 4.1. An attacker could exploit this vulnerability to execute...
CVE-2023-45175
IBM AIX 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the TCP/IP kernel extension to cause a denial of service. IBM X-Force ID: 267973...