CVE-2026-7870 IBM i is Affected by Privilege Escalation []

IBM i 7.6, 7.5, 7.4, and 7.3 could allow a user to gain elevated privileges due to an unqualified library call. A malicious actor could cause user-controlled code to run with administrator privilege...

IBM i 代码问题漏洞

IBM i is a suite of operating systems from International Business Machines IBM running on IBM Power Systems and IBM PureSystems. A code issue vulnerability exists in IBM i versions 7.2, 7.3, 7.4, and 7.5 that stems from the presence of unqualified library calls in IBM Facsimile Support for i, whi...

IBM i Trust Management Issues Vulnerabilities

IBM i is a suite of operating systems from International Business Machines IBM running in IBM Power Systems and IBM PureSystems. IBM i is vulnerable to a trust management issue vulnerability that stems from improper handling of IBM i Netserver authentication, no details of the vulnerability are...

IBM i 代码问题漏洞

IBM i is a suite of operating systems from International Business Machines IBM running in IBM Power Systems and IBM PureSystems. A code issue vulnerability exists in IBM i that stems from bypassing database feature limitation checks. A privileged bad actor could delete or otherwise affect databas...

IBM i 安全漏洞

IBM i is a suite of operating systems from International Business Machines IBM running in IBM Power Systems and IBM PureSystems. A security vulnerability exists in IBM i versions 7.4 and 7.5 that stems from vulnerability to an authenticated user who has gained elevated privileges to a physical...

IBM PowerVM Hypervisor 安全漏洞

IBM PowerVM Hypervisor is an application from International Business Machines IBM, Inc. Providing a secure and scalable virtualized environment, these applications are built on the advanced RAS features and leading performance of the Power Systems platform. A security vulnerability exists in IBM...

The vulnerability of software for managing and securing environments on IBM Power Systems, IBM PowerSC, arises from the use of an untrusted interdomain policy file. This allows attackers to perform privileged actions and extract confidential information.

The vulnerability of the IBM PowerSC microprocessor architecture is related to the use of an untrusted intermediate policy file. Exploiting this vulnerability allows attackers to perform privileged actions and extract confidential information...

IBM i Code Issues Vulnerabilities

IBM i is a suite of operating systems from International Business Machines IBM running in IBM Power Systems and IBM PureSystems. A code issue vulnerability exists in IBM I versions 7.2, 7.3, 7.4, and 7.5, which stems from the vulnerability of Service Tools Server SST to SST user enumeration attac...

CVE-2024-25050

IBM i 7.2, 7.3, 7.4, 7.5 and IBM Rational Development Studio for i 7.2, 7.3, 7.4, 7.5 networking and compiler infrastructure could allow a local user to gain elevated privileges due to an unqualified library call. A malicious actor could cause user-controlled code to run with administrator...

IBM i 和 IBM Rational Development Studio 代码问题漏洞

IBM i and IBM Rational Development Studio are both products of International Business Machines IBM Corporation.IBM i is an operating system that runs in IBM Power Systems and IBM PureSystems.IBM Rational Development Studio is IBM i is an operating system that runs on IBM Power Systems and IBM...

IBM i Permission License and Access Control Issues Vulnerabilities

IBM i is a suite of operating systems from International Business Machines IBM running in IBM Power Systems and IBM PureSystems. A privilege permission and access control issue vulnerability exists in IBM i versions 7.2 through 7.5, which stems from the fact that the infrastructure may allow a...

IBM PowerSC Clickjacking Vulnerability

IBM PowerSC is an International Business Machines IBM security and compliance solution for IBM Power Systems servers. IBM PowerSC suffers from a clickjacking vulnerability that can be exploited by an attacker to hijack a victim's click-to-operate and launch further attacks against the victim...

IBM PowerSC Information Disclosure Vulnerability (CNVD-2024-09941)

IBM PowerSC is an International Business Machines IBM security and compliance solution for IBM Power Systems servers. An information disclosure vulnerability exists in IBM PowerSC that stems from MFA not implementing the HSTS security policy mechanism, which can be exploited by an attacker to cau...

IBM PowerSC Explains Conflict Vulnerabilities

IBM PowerSC is an International Business Machines IBM security and compliance solution for IBM Power Systems servers. IBM PowerSC suffers from an interpretation conflict vulnerability that stems from not using a secure HTTP method, which could be exploited by an attacker to perform unauthorized...

IBM i Access Client Solutions Authorization Issues Vulnerability

IBM i is a suite of operating systems from International Business Machines IBM running in IBM Power Systems and IBM PureSystems. An authorization issue vulnerability exists in IBM i Access Client Solutions that stems from vulnerability to a hash disclosure attack, which can be exploited by a...

IBM PowerSC Encryption Problem Vulnerability (CNVD-2024-09945)

IBM PowerSC is an International Business Machines IBM security and compliance solution for IBM Power Systems servers. IBM PowerSC has an encryption issue vulnerability that stems from the use of a weaker-than-expected encryption algorithm, which could be exploited by an attacker to decrypt highly...

IBM PowerSC Information Disclosure Vulnerability

IBM PowerSC is an International Business Machines IBM security and compliance solution for IBM Power Systems servers. IBM PowerSC suffers from an information disclosure vulnerability vulnerability that stems from not using proper account lockout settings, which can be exploited by an attacker to...

IBM PowerSC Encryption Issue Vulnerability

IBM PowerSC is an International Business Machines IBM security and compliance solution for IBM Power Systems servers. IBM PowerSC suffers from an encryption issue vulnerability that stems from the use of a weaker-than-expected encryption algorithm, which could be exploited by an attacker to decry...

IBM i License Issues Vulnerabilities

IBM i is a suite of operating systems from International Business Machines IBM running in IBM Power Systems and IBM PureSystems. An authorization issue vulnerability exists in IBM i Access Client Solutions that stems from improper privilege checking and can be exploited by an attacker to execute...

IBM i Security Vulnerabilities

IBM i is a suite of operating systems from International Business Machines IBM that run on IBM Power Systems and IBM PureSystems. A security vulnerability exists in IBM i that stems from a local elevation of privilege vulnerability in Management Central. An attacker could exploit the vulnerabilit...