CVE-2025-36096

IBM AIX 7.2, and 7.3 and IBM VIOS 3.1, and 4.1 stores NIM private keys used in NIM environments in an insecure way which is susceptible to unauthorized access by an attacker using man in the middle techniques...

CVE-2025-36251

IBM AIX 7.2, and 7.3 and IBM VIOS 3.1, and 4.1 nimsh service SSL/TLS implementations could allow a remote attacker to execute arbitrary commands due to improper process controls. This addresses additional attack vectors for a vulnerability that was previously addressed in CVE-2024-56347...

CVE-2025-36096

IBM AIX 7.2, and 7.3 and IBM VIOS 3.1, and 4.1 stores NIM private keys used in NIM environments in an insecure way which is susceptible to unauthorized access by an attacker using man in the middle techniques...

EUVD-2025-17693

Malicious code in bioql PyPI...

EUVD-2023-49479

Malicious code in bioql PyPI...

CVE-2025-33112

IBM AIX 7.3 and IBM VIOS 4.1.1 Perl implementation could allow a non-privileged local user to exploit a vulnerability to execute arbitrary code due to improper neutralization of pathname input...

PT-2025-24719 · Perl +1 · Perl +2

Name of the Vulnerable Software and Affected Versions: IBM AIX version 7.3 IBM VIOS version 4.1.1 Description: The issue is related to the improper neutralization of pathname input in the Perl implementation, which could allow a non-privileged local user to execute arbitrary code. Recommendations...

IBM AIX and IBM VIOS Input Validation Error Vulnerability

IBM AIX and IBM Vios are both products of the International Business Machines IBM Corporation.IBM AIX is an open-standards-based UNIX operating system developed for the IBM Power architecture.IBM Vios is part of the PowerVm® Editions hardware feature. Helps to share physical I/O resources between...

IBM VIOS operating system command injection vulnerability

IBM Vios is part of IBM USA's PowerVm Editions hardware feature that helps share physical I/O resources between client logical partitions within a server. IBM VIOS lscore has an operating system command injection vulnerability that stems from an lscore command input validation error, and this...

IBM AIX rmsock SetUID Binary Information Leak

Summary An exploitable kernel memory leak vulnerability is exposed by the rmsock setUID functionality of IBM AIX 6.1 and IBM AIX 7.1. A specially crafted command line can cause a kernel memory leak, resulting in uninitialized kernel memory being exposed. An attacker can execute rmuser with an...

Multiple CPU Hardware CVE-2018-3639 Information Disclosure Vulnerability

Description Multiple CPU Hardware are prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in further attacks. Technologies Affected ARM Cortex A15 ARM Cortex A57 ARM Cortex A72 IBM AIX 5.3 IBM AIX 6.1 IBM AIX 7.1 IBM Aix...

NTP CVE-2018-7185 Denial of Service Vulnerability

Description NTP is prone to a denial-of-service vulnerability. An attacker can exploit this issue to cause a denial-of-service condition, denying service to legitimate users. NTP version 4.2.6 prior to 4.2.8p11 are vulnerable. Technologies Affected IBM AIX 5.3 IBM AIX 6.1 IBM AIX 7.1 IBM Aix 7.2...

Format string

Format string vulnerability in the msgout function in rpc.pcnfsd in IBM AIX 6.1, 5.3, and earlier; IBM VIOS 2.1, 1.5, and earlier; NFS/ONCplus B.11.3109 and earlier on HP HP-UX B.11.11, B.11.23, and B.11.31; and SGI IRIX 6.5 allows remote attackers to execute arbitrary code via an RPC request...

CVE-2010-1039

Format string vulnerability in the msgout function in rpc.pcnfsd in IBM AIX 6.1, 5.3, and earlier; IBM VIOS 2.1, 1.5, and earlier; NFS/ONCplus B.11.3109 and earlier on HP HP-UX B.11.11, B.11.23, and B.11.31; and SGI IRIX 6.5 allows remote attackers to execute arbitrary code via an RPC request...

CVE-2010-1039

CVE-2010-1039 describes a remote code execution risk due to an integer overflow in rpc.pcnfsd (PC-NFS daemon) across multiple OSes: IBM AIX 6.1/5.3 and earlier; VIOS 2.1/1.5 and earlier; HP-UX B.11.11/11.23/11.31; SGI IRIX 6.5. The flaw is triggered by parsing crafted RPC requests containing form...