13 matches found
AIX Perl is vulnerable to a null pointer dereference (CVE-2026-24515) and an integer overflow (CVE-2026-25210)
IBM SECURITY ADVISORY First Issued: Tue Mar 17 15:13:56 CDT 2026 The most recent version of this document is available here: https://aix.software.ibm.com/aix/efixes/security/perladvisory13.asc Security Bulletin: AIX Perl is vulnerable to a null pointer dereference CVE-2026-24515 and an integer...
EUVD-2024-22383
Malicious code in bioql PyPI...
AIX is vulnerable to arbitrary command execution (CVE-2024-56346 CVE-2024-56347)
IBM SECURITY ADVISORY First Issued: Tue Mar 18 10:46:14 CDT 2025 |Updated: Thu Apr 10 09:01:49 CDT 2025 |Update: The included README was updated for clarity. The most recent version of this document is available here: https://aix.software.ibm.com/aix/efixes/security/nimadvisory.asc Security...
Security Bulletin: AIX is vulnerable to a denial of service due to libxml2 (CVE-2024-25062)
Summary Vulnerability in libxml2 could allow a remote attacker to cause a denial of service CVE-2024-25062. AIX uses libxml2 as part of its XML parsing functions. Vulnerability Details CVEID:CVE-2024-25062 DESCRIPTION: An issue was discovered in libxml2 before 2.11.7 and 2.12.x before 2.12.5. Whe...
CVE-2024-52906 IBM AIX denial of service
IBM AIX 7.2, 7.3, VIOS 3.1, and 4.1 could allow a non-privileged local user to exploit a vulnerability in the TCP/IP kernel extension to cause a denial of service...
Multiple vulnerabilities in IBM Java SDK affect AIX
IBM SECURITY ADVISORY First Issued: Mon Nov 11 15:28:03 CST 2024 The most recent version of this document is available here: https://aix.software.ibm.com/aix/efixes/security/javanov2024advisory.asc Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect AIX...
AIX is affected by a denial of service (CVE-2024-0397) and information disclosure (CVE-2024-4032 CVE-2024-37891) due to Python
IBM SECURITY ADVISORY First Issued: Tue Sep 17 16:13:13 CDT 2024 The most recent version of this document is available here: https://aix.software.ibm.com/aix/efixes/security/pythonadvisory12.asc Security Bulletin: AIX is affected by a denial of service CVE-2024-0397 and information disclosure...
Security Bulletin: AIX is vulnerable to arbitrary code execution (CVE-2024-6387) due to OpenSSH
Summary Vulnerability in AIX's OpenSSH could allow a remote attacker to execute arbitrary code CVE-2024-6387. OpenSSH is used by AIX for remote login. Vulnerability Details CVEID:CVE-2024-6387 DESCRIPTION: OpenSSH could allow a remote attacker to execute arbitrary code on the system, caused by a...
CVE-2024-27260
IBM AIX could 7.2, 7.3, VIOS 3.1, and VIOS 4.1 allow a non-privileged local user to exploit a vulnerability in the invscout command to execute arbitrary commands. IBM X-Force ID: 283985...
Security Bulletin: AIX is vulnerable to arbitrary command execution due to invscout (CVE-2024-27260)
Summary A vulnerability in the AIX invscout command could allow a non-privileged local user to execute arbitrary commands CVE-2024-27260. Vulnerability Details CVEID:CVE-2024-27260 DESCRIPTION: IBM AIX could allow a non-privileged local user to exploit a vulnerability in the invscout command to...
Security Bulletin: AIX is vulnerable to privilege escalation (CVE-2024-27273)
Summary Vulnerability in the AIX kernel may lead to privilege escalation CVE-2024-27273. Vulnerability Details CVEID:CVE-2024-27273 DESCRIPTION: IBM AIX's Unix domain datagram socket implementation could potentially expose applications using Unix domain datagram sockets with SOPEERID operation an...
AIX is vulnerable to arbitrary code execution due to RPM (CVE-2023-7104)
IBM SECURITY ADVISORY First Issued: Wed Apr 24 15:34:58 CDT 2024 The most recent version of this document is available here: https://aix.software.ibm.com/aix/efixes/security/rpmadvisory2.asc Security Bulletin: AIX is vulnerable to arbitrary code execution due to RPM CVE-2023-7104...
Security Bulletin: AIX is affected by a denial of service (CVE-2023-45167) and a security restrictions bypass (CVE-2023-40217) due to Python
Summary A vulnerability in Python could allow a non-privileged local user to cause a denial of service CVE-2023-45167 and a remote attacker to cause a security restrictions bypass CVE-2023-40217. Python is used by AIX as part of Ansible node management automation. Vulnerability Details...