CVE-2026-7888 Concrete CMS below 9.5.2 is vulnerable to PHP Object Injection via unserialize() calls in the Workflow, Form block, and File/Set components that lack the allowed_classes restriction.

Concrete CMS below 9.5.2 is vulnerable to PHP Object Injection via unserialize calls in the Workflow, Form block, and File/Set components that lack the allowedclasses restriction. An unauthenticated attacker may trigger arbitrary PHP object instantiation if a malicious serialized payload has been...

SUSE CVE-2026-32711

pydicom is a pure Python package for working with DICOM files. Versions 2.0.0-rc.1 through 3.0.1 are vulnerable to Path Traversal through a maliciously crafted DICOMDIR ReferencedFileID when it is set to a path outside the File-set root. pydicom resolves the path only to confirm that it exists, b...

Security Bulletin: AIX is vulnerable to a denial of service (CVE-2025-9086) due to cURL libcurl

Summary Vulnerability in cURL libcurl could allow a remote attacker to cause a denial of service CVE-2025-9086. AIX uses cURL libcurl as part of rsyslog, LV/PV encryption integration with HPCS and in Live Update for interacting with HMC. Vulnerability Details CVEID:CVE-2025-9086 DESCRIPTION: 1. A...

EUVD-1999-1219

Malware in sbrugna...

EUVD-2004-2625

Malware in sbrugna...

Security Bulletin: AIX/VIOS is affected by a denial of service (CVE-2024-8176) due to Python

Summary Vulnerability in Python could allow a remote attacker to cause a denial of service CVE-2024-8176. Python is used by AIX as part of Ansible node management automation. Vulnerability Details CVEID:CVE-2024-8176 DESCRIPTION: A stack overflow vulnerability exists in the libexpat library due t...

Security Bulletin: AIX is vulnerable to a denial of service due to libxml2 (CVE-2024-25062)

Summary Vulnerability in libxml2 could allow a remote attacker to cause a denial of service CVE-2024-25062. AIX uses libxml2 as part of its XML parsing functions. Vulnerability Details CVEID:CVE-2024-25062 DESCRIPTION: An issue was discovered in libxml2 before 2.11.7 and 2.12.x before 2.12.5. Whe...

AIX is vulnerable to a denial of service due to ISC BIND

IBM SECURITY ADVISORY First Issued: Mon Nov 18 15:17:14 CST 2024 The most recent version of this document is available here: https://aix.software.ibm.com/aix/efixes/security/bindadvisory27.asc Security Bulletin: AIX is vulnerable to a denial of service due to ISC BIND...

AIX is vulnerable to arbitrary code execution (CVE-2023-36328) due to tcl

IBM SECURITY ADVISORY First Issued: Thu Nov 7 15:49:20 CST 2024 The most recent version of this document is available here: https://aix.software.ibm.com/aix/efixes/security/tcladvisory.asc Security Bulletin: AIX is vulnerable to arbitrary code execution CVE-2023-36328 due to tcl...

AIX is vulnerable to a denial of service (CVE-2024-2511 CVE-2024-0727) due to OpenSSL

IBM SECURITY ADVISORY First Issued: Tue Jul 16 15:22:01 CDT 2024 The most recent version of this document is available here: https://aix.software.ibm.com/aix/efixes/security/openssladvisory41.asc Security Bulletin: AIX is vulnerable to a denial of service CVE-2024-2511, CVE-2024-0727 due to OpenS...

AIX is vulnerable to security restrictions bypass due to cURL libcurl (CVE-2024-0853)

IBM SECURITY ADVISORY First Issued: Thu Jun 20 15:10:42 CDT 2024 The most recent version of this document is available here: https://aix.software.ibm.com/aix/efixes/security/curladvisory5.asc Security Bulletin: AIX is vulnerable to security restrictions bypass due to cURL libcurl CVE-2024-0853...

Security Bulletin: AIX is affected by information disclosure due to Python (CVE-2024-28757)

Summary Vulnerability in Python could allow a remote attacker to obtain sensitive information CVE-2024-28757. Python is used by AIX as part of Ansible node management automation. Vulnerability Details CVEID:CVE-2024-28757 DESCRIPTION: libexpat could allow a remote attacker to obtain sensitive...

Security Bulletin: AIX is vulnerable to a machine-in-the-middle attack (CVE-2023-48795), arbitrary command execution (CVE-2023-51385), and information disclosure (CVE-2023-51384) due to OpenSSH

Summary Vulnerabilities in AIX's OpenSSH could allow a remote attacker to launch a machine-in-the-middle attack CVE-2023-48795 and execute arbitrary commands CVE-2023-51385, and could allow a local authenticated attacker to obtain sensitive information CVE-2023-51384. OpenSSH is used by AIX for...

AIX is vulnerable to arbitrary command execution due to Perl (CVE-2024-25021 CVE-2023-47038 CVE-2023-47100)

IBM SECURITY ADVISORY First Issued: Wed Feb 21 15:59:59 CST 2024 The most recent version of this document is available here: https://aix.software.ibm.com/aix/efixes/security/perladvisory8.asc Security Bulletin: AIX is vulnerable to arbitrary command execution due to Perl CVE-2024-25021,...

Security Bulletin: AIX is vulnerable to a denial of service (CVE-2023-5678, CVE-2023-6129, CVE-2023-6237) and an attacker may obtain sensitive information (CVE-2023-5363) due to OpenSSL

Summary Vulnerabilities in OpenSSL could allow a remote attacker to cause a denial of service CVE-2023-5678, CVE-2023-6129, CVE-2023-6237 or obtain sensitive information CVE-2023-5363. OpenSSL is used by AIX as part of AIX's secure network communications. Vulnerability Details CVEID:CVE-2023-5363...

Security Bulletin: AIX is vulnerable to denial of service due to ISC BIND (CVE-2022-38178, CVE-2022-3080, CVE-2022-38177, CVE-2022-2795)

Summary UPDATED May 17 Corrected the affected fileset levels for AIX 7.2 TL5 and removed bos.net.tcp.bind 7.2.5.200.: A vulnerability in ISC BIND could allow a remote attacker to cause a denial of service CVE-2022-38178, CVE-2022-3080, CVE-2022-38177, CVE-2022-2795. AIX uses ISC BIND as part of i...

AIX is vulnerable to arbitrary command execution due to invscout

IBM SECURITY ADVISORY First Issued: Thu Nov 30 10:49:53 CST 2023 The most recent version of this document is available here: https://aix.software.ibm.com/aix/efixes/security/invscoutadvisory5.asc Security Bulletin: AIX is vulnerable to arbitrary command execution due to invscout CVE-2023-45168...

AIX is affected by a denial of service (CVE-2023-45167) and a security restrictions bypass (CVE-2023-40217) due to Python

IBM SECURITY ADVISORY First Issued: Tue Nov 7 11:16:49 CST 2023 The most recent version of this document is available here: https://aix.software.ibm.com/aix/efixes/security/pythonadvisory6.asc Security Bulletin: AIX is affected by a denial of service CVE-2023-45167 and a security restrictions...

Security Bulletin: AIX is vulnerable to denial of service due to ISC BIND (CVE-2023-2828)

Summary A vulnerability in ISC BIND could allow a remote attacker to cause a denial of service CVE-2023-2828. AIX uses ISC BIND as part of its DNS functions. Vulnerability Details CVEID:CVE-2023-2828 DESCRIPTION: ISC BIND is vulnerable to a denial of service, caused by a flaw that allows the...

Security Bulletin: AIX is vulnerable to unauthorized file access and arbitrary code execution due to OpenSSH (CVE-2023-40371 and CVE-2023-38408)

Summary Vulnerabilities in AIX's OpenSSH could allow a non-privileged local user file access outside of those allowed CVE-2023-40371 or allow a remote attacker to execute arbitrary code CVE-2023-38408. OpenSSH is used by AIX for remote login. Vulnerability Details CVEID:CVE-2023-40371 DESCRIPTION...