15496 matches found
CVE-2025-49642 Agent builds for AIX vulnerable to library loading hijacking
Library loading on AIX Zabbix Agent builds can be hijacked by local users with write access to the /home/cecuser directory...
CVE-2025-49642
Library loading on AIX Zabbix Agent builds can be hijacked by local users with write access to the /home/cecuser directory...
CVE-2025-49642
CVE-2025-49642 affects the Zabbix Agent for AIX. The issue is an insecure library search path that could allow a local attacker with write access to /home/cecuser to hijack library loading, enabling partial impact on confidentiality/integrity/availability as described in the sources. No patch/ver...
CVE-2025-49642
Library loading on AIX Zabbix Agent builds can be hijacked by local users with write access to the /home/cecuser directory...
Security Bulletin: AIX/VIOS is affected by multiple vulnerabilities due to Python
Summary There are multiple vulnerabilities in Python used by AIX CVE-2025-59375, CVE-2024-47081, CVE-2025-6965, CVE-2024-5642. Python is used by AIX as part of Ansible node management automation. Vulnerability Details CVEID:CVE-2025-59375 DESCRIPTION: libexpat in Expat before 2.7.2 allows attacke...
AIX is affected by multiple vulnerabilities due to Python
IBM SECURITY ADVISORY First Issued: Wed Nov 19 08:19:03 CST 2025 The most recent version of this document is available here: https://aix.software.ibm.com/aix/efixes/security/pythonadvisory17.asc Security Bulletin: AIX is affected by multiple vulnerabilities due to Python...
Vulnerabilities fixed in IBM AIX
IBM has fixed vulnerabilities in IBM AIX versions 7.2 and 7.3, as well as in IBM VIOS versions 3.1 and 4.1. The vulnerabilities are related to the insecure storage of NIM private keys, making systems vulnerable to man-in-the-middle attacks. Attackers can also send specially crafted URL requests,...
AIX : Multiple Vulnerabilities (IJ55897)
The version of AIX installed on the remote host is prior to APAR IJ55897. It is, therefore, affected by multiple vulnerabilities as referenced in the IJ55897 advisory. - IBM AIX 7.2, and 7.3 and IBM VIOS 3.1, and 4.1 nimsh service SSL/TLS implementations could allow a remote attacker to execute...
AIX : Multiple Vulnerabilities (IJ56230)
The version of AIX installed on the remote host is prior to APAR IJ56230. It is, therefore, affected by multiple vulnerabilities as referenced in the IJ56230 advisory. - IBM AIX 7.2, and 7.3 and IBM VIOS 3.1, and 4.1 nimsh service SSL/TLS implementations could allow a remote attacker to execute...
AIX : Multiple Vulnerabilities (IJ55968)
The version of AIX installed on the remote host is prior to APAR IJ55968. It is, therefore, affected by multiple vulnerabilities as referenced in the IJ55968 advisory. - IBM AIX 7.2, and 7.3 and IBM VIOS 3.1, and 4.1 nimsh service SSL/TLS implementations could allow a remote attacker to execute...
CVE-2025-36236
IBM AIX 7.2, and 7.3 and IBM VIOS 3.1, and 4.1 NIM server formerly known as NIM master service nimesis could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request to write arbitrary files on the system...
CVE-2025-36250
IBM AIX 7.2, and 7.3 and IBM VIOS 3.1, and 4.1 NIM server formerly known as NIM master service nimesis could allow a remote attacker to execute arbitrary commands due to improper process controls. This addresses additional attack vectors for a vulnerability that was previously addressed in...
CVE-2025-36251
IBM AIX 7.2, and 7.3 and IBM VIOS 3.1, and 4.1 nimsh service SSL/TLS implementations could allow a remote attacker to execute arbitrary commands due to improper process controls. This addresses additional attack vectors for a vulnerability that was previously addressed in CVE-2024-56347...
CVE-2025-36096
IBM AIX 7.2, and 7.3 and IBM VIOS 3.1, and 4.1 stores NIM private keys used in NIM environments in an insecure way which is susceptible to unauthorized access by an attacker using man in the middle techniques...
EUVD-2025-180541
IBM AIX 7.2, and 7.3 and IBM VIOS 3.1, and 4.1 nimsh service SSL/TLS implementations could allow a remote attacker to execute arbitrary commands due to improper process controls. This addresses additional attack vectors for a vulnerability that was previously addressed in CVE-2024-56347...
EUVD-2025-180538
IBM AIX 7.2, and 7.3 and IBM VIOS 3.1, and 4.1 NIM server formerly known as NIM master service nimesis could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request to write arbitrary files on the system...
EUVD-2025-180540
IBM AIX 7.2, and 7.3 and IBM VIOS 3.1, and 4.1 stores NIM private keys used in NIM environments in an insecure way which is susceptible to unauthorized access by an attacker using man in the middle techniques...
EUVD-2025-180539
IBM AIX 7.2, and 7.3 and IBM VIOS 3.1, and 4.1 NIM server formerly known as NIM master service nimesis could allow a remote attacker to execute arbitrary commands due to improper process controls. This addresses additional attack vectors for a vulnerability that was previously addressed in...
CVE-2025-36251
IBM AIX 7.2, and 7.3 and IBM VIOS 3.1, and 4.1 nimsh service SSL/TLS implementations could allow a remote attacker to execute arbitrary commands due to improper process controls. This addresses additional attack vectors for a vulnerability that was previously addressed in CVE-2024-56347...
CVE-2025-36251
IBM AIX 7.2, and 7.3 and IBM VIOS 3.1, and 4.1 nimsh service SSL/TLS implementations could allow a remote attacker to execute arbitrary commands due to improper process controls. This addresses additional attack vectors for a vulnerability that was previously addressed in CVE-2024-56347...