620 matches found
EUVD-2023-32198
Malicious code in bioql PyPI...
EUVD-2023-49477
Malicious code in bioql PyPI...
EUVD-2025-7595
Malicious code in bioql PyPI...
CVE-2025-33112
IBM AIX 7.3 and IBM VIOS 4.1.1 Perl implementation could allow a non-privileged local user to exploit a vulnerability to execute arbitrary code due to improper neutralization of pathname input...
CVE-2025-33112
IBM AIX 7.3 and IBM VIOS 4.1.1 Perl implementation could allow a non-privileged local user to exploit a vulnerability to execute arbitrary code due to improper neutralization of pathname input...
Security Bulletin: AIX/VIOS is vulnerable to an expected behavior violation (CVE-2025-32728) due to OpenSSH
Summary AIX's OpenSSH DisableForwarding directive does not adhere to the documentation CVE-2025-32728. OpenSSH is used by AIX for remote login. Vulnerability Details CVEID:CVE-2025-32728 DESCRIPTION: In sshd in OpenSSH before 10.0, the DisableForwarding directive does not adhere to the...
AIX is vulnerable to arbitrary command execution due to Perl (CVE-2025-33112)
IBM SECURITY ADVISORY First Issued: Tue Jun 10 08:28:43 CDT 2025 The most recent version of this document is available here: https://aix.software.ibm.com/aix/efixes/security/perladvisory9.asc Security Bulletin: AIX is vulnerable to arbitrary command execution due to Perl CVE-2025-33112...
PT-2025-24719 · Perl +1 · Perl +2
Name of the Vulnerable Software and Affected Versions: IBM AIX version 7.3 IBM VIOS version 4.1.1 Description: The issue is related to the improper neutralization of pathname input in the Perl implementation, which could allow a non-privileged local user to execute arbitrary code. Recommendations...
IBM AIX和IBM VIOS 安全漏洞
IBM AIX and IBM VIOS are both products of the International Business Machines IBM Corporation.IBM AIX is an open standards-based UNIX operating system developed for the IBM Power architecture.IBM VIOS is part of the PowerVm® Editions hardware feature. IBM VIOS is part of the PowerVm® Editions...
CVE-2024-52906
IBM AIX 7.2, 7.3, VIOS 3.1, and 4.1 could allow a non-privileged local user to exploit a vulnerability in the TCP/IP kernel extension to cause a denial of service...
CVE-2023-28528
IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the invscout command to execute arbitrary commands. IBM X-Force ID: 251207...
CVE-2023-45174
IBM AIX 7.2, 7.3, and VIOS 3.1 could allow a privileged local user to exploit a vulnerability in the qdaemon command to escalate privileges or cause a denial of service. IBM X-Force ID: 267972...
CVE-2022-47990
IBM AIX 7.1, 7.2, 7.3 and VIOS , 3.1 could allow a non-privileged local user to exploit a vulnerability in X11 to cause a buffer overflow that could result in a denial of service or arbitrary code execution. IBM X-Force ID: 243556...
CVE-2022-43848
IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the AIX perfstat kernel extension to cause a denial of service. IBM X-Force ID: 239169...
Security Bulletin: AIX/VIOS is vulnerable to a denial of service due to ISC BIND
Summary Vulnerabilities in ISC BIND could allow a remote attacker to cause a denial of service CVE-2024-12705, CVE-2024-11187. AIX uses ISC BIND as as part of its DNS functions. Vulnerability Details CVEID:CVE-2024-12705 DESCRIPTION: Clients using DNS-over-HTTPS DoH can exhaust a DNS resolver's C...
Security Bulletin: AIX is vulnerable to a privilege escalation vulnerability due to invscout (CVE-2022-36768)
Summary A vulnerability in the AIX invscout command could allow a non-privileged local user to obtain root privileges CVE-2022-36768. Vulnerability Details CVEID:CVE-2022-36768 DESCRIPTION: IBM AIX could allow a non-privileged local user to exploit a vulnerability in the invscout command to obtai...
Security Bulletin: AIX is vulnerable to a privilege escalation vulnerability (CVE-2022-34356)
Summary UPDATED Oct 10 Added iFixes with the correct prereqs for VIOS 3.1.2.30 and 3.1.2.40: A vulnerability in the AIX kernel could allow a non-privileged local user to obtain root privileges CVE-2022-34356. Vulnerability Details CVEID:CVE-2022-34356 DESCRIPTION: IBM AIX could allow a...
Security Bulletin: IBM PowerVM VIOS could allow a remote attacker to tamper with system configuration or cause a denial of service (CVE-2022-35643)
Summary A vulnerability in IBM PowerVM VIOS could allow a remote attacker to tamper with system configuration or cause a denial of service CVE-2022-35643. Vulnerability Details CVEID:CVE-2022-35643 DESCRIPTION: IBM PowerVM VIOS could allow a remote attacker to tamper with system configuration or...
AIX is vulnerable to arbitrary command execution (CVE-2024-56346 CVE-2024-56347)
IBM SECURITY ADVISORY First Issued: Tue Mar 18 10:46:14 CDT 2025 |Updated: Thu Apr 10 09:01:49 CDT 2025 |Update: The included README was updated for clarity. The most recent version of this document is available here: https://aix.software.ibm.com/aix/efixes/security/nimadvisory.asc Security...
CVE-2025-21855
In the Linux kernel, the following vulnerability has been resolved: ibmvnic: Don't reference skb after sending to VIOS Previously, after successfully flushing the xmit buffer to VIOS, the txbytes stat was incremented by the length of the skb. It is invalid to access the skb memory after sending t...