CVE-2026-31464

A flaw was found in the Linux kernel's scsi: ibmvfc driver. A malicious or compromised Virtual I/O VIO server can exploit this by sending a crafted response during target discovery. This response can cause an out-of-bounds memory access, leading to the disclosure of sensitive kernel memory...

CVE-2025-36251

IBM AIX 7.2, and 7.3 and IBM VIOS 3.1, and 4.1 nimsh service SSL/TLS implementations could allow a remote attacker to execute arbitrary commands due to improper process controls. This addresses additional attack vectors for a vulnerability that was previously addressed in CVE-2024-56347...

CVE-2025-36096

IBM AIX 7.2, and 7.3 and IBM VIOS 3.1, and 4.1 stores NIM private keys used in NIM environments in an insecure way which is susceptible to unauthorized access by an attacker using man in the middle techniques...

CVE-2025-36236 AIX Path Traversal

IBM AIX 7.2, and 7.3 and IBM VIOS 3.1, and 4.1 NIM server formerly known as NIM master service nimesis could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request to write arbitrary files on the system...

CVE-2025-36251 AIX Command Execution

IBM AIX 7.2, and 7.3 and IBM VIOS 3.1, and 4.1 nimsh service SSL/TLS implementations could allow a remote attacker to execute arbitrary commands due to improper process controls. This addresses additional attack vectors for a vulnerability that was previously addressed in CVE-2024-56347...

PT-2025-46922

Name of the Vulnerable Software and Affected Versions IBM AIX versions 7.2 and 7.3 IBM VIOS versions 3.1 and 4.1 Description The NIM server service formerly known as NIM master – nimesis – may allow a remote attacker to traverse directories on the system. An attacker could send a specially crafte...

PT-2024-32409 · Ibm · Aix +2

Name of the Vulnerable Software and Affected Versions: IBM AIX versions 7.2 through 7.3 VIOS versions 3.1 through 4.1 Description: The issue allows a non-privileged local user to exploit a vulnerability in the AIX perfstat kernel extension to cause a denial of service. Recommendations: For IBM AI...

CVE-2023-40371

IBM AIX 7.2, 7.3, VIOS 3.1's OpenSSH implementation could allow a non-privileged local user to access files outside of those allowed due to improper access controls. IBM X-Force ID: 263476...

CVE-2023-28528

IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the invscout command to execute arbitrary commands. IBM X-Force ID: 251207...

PT-2022-27032 · Ibm · Aix +2

Name of the Vulnerable Software and Affected Versions: IBM AIX versions 7.1 through 7.3 VIOS version 3.1 Description: The issue allows a non-privileged local user to exploit a vulnerability in the AIX kernel extension to cause a denial of service. This can be achieved through the AIX perfstat...

CVE-2022-36768

IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the invscout command to obtain root privileges. IBM X-Force ID: 232014...

IBM AIX 安全漏洞

IBM AIX is an open standards-based UNIX operating system developed by IBM for the IBM Power architecture. IBM AIX versions 7.1, 7.2, 7.3 and VIOS version 3.1 have a denial-of-service vulnerability that stems from failure to properly process incoming error messages, which can be exploited by...

CVE-2022-22350

IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in CAA to cause a denial of service. IBM X-Force ID: 220394...

IBM AIX 输入验证错误漏洞

IBM AIX Advanced Interactive eXecutive is a UNIX operating system developed by IBM, which can also be referred to as AIX. a denial of service vulnerability exists in IBM AIX 7.1, 7.2, 7.3 and VIOS 3.1, which stems from a file creation vulnerability in the audit command, the affected component...

IBM AIX 输入验证错误漏洞

IBM AIX is an open standards-based UNIX operating system developed by IBM for the IBM Power architecture. A denial of service vulnerability exists in IBM AIX version 7.1, 7.2, and VIOS version 3.1. A local attacker could exploit this vulnerability to cause a denial of service...

CVE-2015-4948

netstat in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.2.x, when a fibre channel adapter is used, allows local users to gain privileges via unspecified vectors...