AIX : Multiple Vulnerabilities (IJ56230)

The version of AIX installed on the remote host is prior to APAR IJ56230. It is, therefore, affected by multiple vulnerabilities as referenced in the IJ56230 advisory. - IBM AIX 7.2, and 7.3 and IBM VIOS 3.1, and 4.1 nimsh service SSL/TLS implementations could allow a remote attacker to execute...

CVE-2025-36236

IBM AIX 7.2, and 7.3 and IBM VIOS 3.1, and 4.1 NIM server formerly known as NIM master service nimesis could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request to write arbitrary files on the system...

CVE-2025-36250

IBM AIX 7.2, and 7.3 and IBM VIOS 3.1, and 4.1 NIM server formerly known as NIM master service nimesis could allow a remote attacker to execute arbitrary commands due to improper process controls. This addresses additional attack vectors for a vulnerability that was previously addressed in...

EUVD-2025-180540

IBM AIX 7.2, and 7.3 and IBM VIOS 3.1, and 4.1 stores NIM private keys used in NIM environments in an insecure way which is susceptible to unauthorized access by an attacker using man in the middle techniques...

EUVD-2025-180539

IBM AIX 7.2, and 7.3 and IBM VIOS 3.1, and 4.1 NIM server formerly known as NIM master service nimesis could allow a remote attacker to execute arbitrary commands due to improper process controls. This addresses additional attack vectors for a vulnerability that was previously addressed in...

EUVD-2025-180538

IBM AIX 7.2, and 7.3 and IBM VIOS 3.1, and 4.1 NIM server formerly known as NIM master service nimesis could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request to write arbitrary files on the system...

CVE-2025-36250 AIX Code Execution

IBM AIX 7.2, and 7.3 and IBM VIOS 3.1, and 4.1 NIM server formerly known as NIM master service nimesis could allow a remote attacker to execute arbitrary commands due to improper process controls. This addresses additional attack vectors for a vulnerability that was previously addressed in...

IBM AIX和IBM VIOS 安全漏洞

IBM AIX and IBM VIOS are both products of the International Business Machines IBM Corporation.IBM AIX is an open standards-based UNIX operating system developed for the IBM Power architecture.IBM VIOS is part of the PowerVm® Editions hardware feature set.IBM AIX is an open standards-based UNIX...

AIX is vulnerable to a memory corruption issue (CVE-2025-6965) due to RPM

IBM SECURITY ADVISORY First Issued: Mon Oct 6 15:10:47 CDT 2025 The most recent version of this document is available here: https://aix.software.ibm.com/aix/efixes/security/rpmadvisory4.asc Security Bulletin: AIX is vulnerable to a memory corruption issue CVE-2025-6965 due to RPM...

CVE-2024-47102

IBM AIX 7.2, 7.3, VIOS 3.1, and 4.1 could allow a non-privileged local user to exploit a vulnerability in the AIX perfstat kernel extension to cause a denial of service...

PT-2024-32409 · Ibm · Aix +2

Name of the Vulnerable Software and Affected Versions: IBM AIX versions 7.2 through 7.3 VIOS versions 3.1 through 4.1 Description: The issue allows a non-privileged local user to exploit a vulnerability in the AIX perfstat kernel extension to cause a denial of service. Recommendations: For IBM AI...

CVE-2023-45175

IBM AIX 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the TCP/IP kernel extension to cause a denial of service. IBM X-Force ID: 267973...

IBM AIX and IBM VIOS Input Validation Error Vulnerability

IBM AIX and IBM Vios are both products of the International Business Machines IBM Corporation.IBM AIX is an open standards-based UNIX operating system developed for the IBM Power architecture.IBM Vios is part of the PowerVm® Editions hardware feature. IBM Vios is part of the PowerVm® Editions...

IBM AIX and IBM Vios Input Validation Error Vulnerability

IBM AIX and IBM Vios are both products of the International Business Machines IBM Corporation.IBM AIX is an open standards-based UNIX operating system developed for the IBM Power architecture.IBM Vios is part of the PowerVm® Editions hardware feature. IBM Vios is part of the PowerVm® Editions...

CVE-2023-45172

IBM AIX 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in AIX windows to cause a denial of service. IBM X-Force ID: 267970...

IBM AIX 安全漏洞

IBM AIX is an open standards-based UNIX operating system developed for the IBM Power architecture by International Business Machines IBM. A security vulnerability exists in IBM AIX that stems from an unauthorized file access issue in OpenSSH that allows unprivileged local users to access files...

PT-2023-2525 · Ibm · Vios +1

Name of the Vulnerable Software and Affected Versions: IBM AIX versions 7.1 through 7.3 VIOS version 3.1 Description: The issue allows a non-privileged local user to exploit a vulnerability in the AIX runtime services library, specifically due to the lack of neutralization of special elements use...

PT-2023-2524 · Ibm · Vios +1

Name of the Vulnerable Software and Affected Versions: IBM AIX versions 7.1 through 7.3 VIOS version 3.1 Description: The issue exists due to the lack of neutralization of special elements used in the invscout command of the IBM AIX operating system. Exploitation of this issue may allow an attack...

SUSE CVE-2020-4788

IBM Power9 AIX 7.1, 7.2, and VIOS 3.1 processors could allow a local user to obtain sensitive information from the data in the L1 cache under extenuating circumstances. IBM X-Force ID: 189296...

CVE-2022-47990

IBM AIX 7.1, 7.2, 7.3 and VIOS , 3.1 could allow a non-privileged local user to exploit a vulnerability in X11 to cause a buffer overflow that could result in a denial of service or arbitrary code execution. IBM X-Force ID: 243556...