167 matches found
EUVD-2021-16201
Malware in sbrugna...
Security Bulletin: AIX is vulnerable to a privilege escalation vulnerability (CVE-2022-34356)
Summary UPDATED Oct 10 Added iFixes with the correct prereqs for VIOS 3.1.2.30 and 3.1.2.40: A vulnerability in the AIX kernel could allow a non-privileged local user to obtain root privileges CVE-2022-34356. Vulnerability Details CVEID:CVE-2022-34356 DESCRIPTION: IBM AIX could allow a...
AIX : Multiple Vulnerabilities (IJ53923)
The version of AIX installed on the remote host is prior to APAR IJ53923. It is, therefore, affected by multiple vulnerabilities as referenced in the IJ53923 advisory. - IBM AIX 7.2 and 7.3 nimsh service SSL/TLS protection mechanisms could allow a remote attacker to execute arbitrary commands due...
AIX : Multiple Vulnerabilities (IJ53757) (deprecated)
The vendor has closed the APAR as a program error. %NASLMINLEVEL 80900 C Tenable, Inc. Disabled on 2026/02/12. Advisory states "Closed as program error" and "Removed security issue." include'compat.inc'; if description scriptid232951; scriptversion"1.5";...
AIX : Multiple Vulnerabilities (IJ53929)
The version of AIX installed on the remote host is prior to APAR IJ53929. It is, therefore, affected by multiple vulnerabilities as referenced in the IJ53929 advisory. - IBM AIX 7.2 and 7.3 nimsh service SSL/TLS protection mechanisms could allow a remote attacker to execute arbitrary commands due...
AIX is vulnerable to arbitrary command execution (CVE-2024-56346 CVE-2024-56347)
IBM SECURITY ADVISORY First Issued: Tue Mar 18 10:46:14 CDT 2025 |Updated: Thu Apr 10 09:01:49 CDT 2025 |Update: The included README was updated for clarity. The most recent version of this document is available here: https://aix.software.ibm.com/aix/efixes/security/nimadvisory.asc Security...
Security Bulletin: AIX is vulnerable to a denial of service due to libxml2 (CVE-2024-25062)
Summary Vulnerability in libxml2 could allow a remote attacker to cause a denial of service CVE-2024-25062. AIX uses libxml2 as part of its XML parsing functions. Vulnerability Details CVEID:CVE-2024-25062 DESCRIPTION: An issue was discovered in libxml2 before 2.11.7 and 2.12.x before 2.12.5. Whe...
Security Bulletin: AIX is vulnerable to arbitrary code execution (CVE-2024-6387) due to OpenSSH
Summary Vulnerability in AIX's OpenSSH could allow a remote attacker to execute arbitrary code CVE-2024-6387. OpenSSH is used by AIX for remote login. Vulnerability Details CVEID:CVE-2024-6387 DESCRIPTION: OpenSSH could allow a remote attacker to execute arbitrary code on the system, caused by a...
Security Bulletin: AIX is vulnerable to arbitrary command execution due to invscout (CVE-2024-27260)
Summary A vulnerability in the AIX invscout command could allow a non-privileged local user to execute arbitrary commands CVE-2024-27260. Vulnerability Details CVEID:CVE-2024-27260 DESCRIPTION: IBM AIX could allow a non-privileged local user to exploit a vulnerability in the invscout command to...
AIX (IJ50910)
The version of AIX installed on the remote host is prior to APAR IJ50910. It is, therefore, affected by a vulnerability as referenced in the IJ50910 advisory. - IBM AIX's Unix domain AIX 7.2, 7.3, VIOS 3.1, and VIOS 4.1 datagram socket implementation could potentially expose applications using Un...
Security Bulletin: AIX is vulnerable to privilege escalation (CVE-2024-27273)
Summary Vulnerability in the AIX kernel may lead to privilege escalation CVE-2024-27273. Vulnerability Details CVEID:CVE-2024-27273 DESCRIPTION: IBM AIX's Unix domain datagram socket implementation could potentially expose applications using Unix domain datagram sockets with SOPEERID operation an...
Security Bulletin: AIX is vulnerable to privilege escalation and denial of service (CVE-2023-45166, CVE-2023-45174, CVE-2023-45170)
Summary UPDATED Feb 2 2024 New iFixes are available. The new iFixes resolve a technical issue with print queue status. Both sets of iFixes new and original resolve the security vulnerabilities described in the bulletin. The new iFixes are only needed if you experience the technical issue describe...
Multiple vulnerabilities in IBM Java SDK affect AIX
IBM SECURITY ADVISORY First Issued: Thu Mar 7 15:16:48 CST 2024 The most recent version of this document is available here: https://aix.software.ibm.com/aix/efixes/security/javafeb2024advisory.asc Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect AIX...
CVE-2023-45173 IBM AIX denial of service
IBM AIX 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the NFS kernel extension to cause a denial of service. IBM X-Force ID: 267971...
AIX : Multiple Vulnerabilities (IJ48663)
The version of AIX installed on the remote host is prior to APAR IJ48663. It is, therefore, affected by multiple vulnerabilities as referenced in the IJ48663 advisory. - IBM AIX 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the TCP/IP kernel extensio...
AIX : Multiple Vulnerabilities (IJ48608)
The version of AIX installed on the remote host is prior to APAR IJ48608. It is, therefore, affected by multiple vulnerabilities as referenced in the IJ48608 advisory. - IBM AIX 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the TCP/IP kernel extensio...
Security Bulletin: AIX is vulnerable to denial of service vulnerabilities
Summary UPDATED: Additional iFixes are now available for AIX 7.2 TL5 SP5, 7.3 TL0 SP2, 7.3 TL0 SP3, 7.3 TL1 SP1, and VIOS 3.1.3.21, 3.1.3.30, and 3.1.4.10. Both the original and new iFixes address the kernel security vulnerabilities mentioned in the bulletin, but the new iFixes also address the...
Security Bulletin: Vulnerability in zlib affect OS Image for AIX Systems shipped with IBM Cloud Pak System [CVE-2018-25032]
Summary Vulnerability in zlib affect OS Image for AIX Systems shipped with IBM Cloud Pak System. Vulnerability Details CVEID:CVE-2018-25032 DESCRIPTION: Zlib is vulnerable to a denial of service, caused by a memory corruption in the deflate operation. By using many distant matches, a remote...
CVE-2023-45165 IBM AIX denial of service
IBM AIX 7.2 and 7.3 could allow a non-privileged local user to exploit a vulnerability in the AIX SMB client to cause a denial of service. IBM X-Force ID: 267963...
AIX : Multiple Vulnerabilities (IJ48481)
The version of AIX installed on the remote host is prior to APAR IJ48481. It is, therefore, affected by multiple vulnerabilities as referenced in the IJ48481 advisory. - IBM AIX 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the piodmgrsu command to...