Lucene search
K

400 matches found

CVE
CVE
added 2002/03/09 5:0 a.m.6411 views

CVE-2001-0554

CVE-2001-0554 affects netkit-telnetd (Telnet daemon) on BSD-based systems, via a buffer overflow in in.telnetd/telrcv handling (triggered by certain Telnet options such as AYT). OpenVAS entries describe a remote attacker potentially causing denial of service or gaining remote code execution; at l...

10CVSS7.4AI score0.37896EPSS
CVE
CVE
added 2014/10/15 12:0 a.m.1043 views

CVE-2014-3566

CVE-2014-3566 (POODLE) affects SSLv3 in AIX and related IBM components. IBM’s advisory (nettcp) states SSLv3 padding oracle vulnerability could allow MITM decryption of SSL sessions. Affected: AIX 6.1/7.1 and VIOS 2.2.x with vulnerable bos.net.tcp.client/server file sets (various lower/upper leve...

4.3CVSS4.4AI score0.99999EPSS
CVE
CVE
added 2001/05/07 4:0 a.m.761 views

CVE-2000-1124

The CVE-2000-1124 entry describes a local privilege-escalation flaw in IBM AIX 4.3.x: a buffer overflow in the piobe command caused by long environmental variables. The affected component is the piobe command on IBM AIX 4.3.x; the underlying issue is a buffer overflow allowing local users to gain...

7.2CVSS7.1AI score0.00894EPSS
CVE
CVE
added 2000/02/04 5:0 a.m.727 views

CVE-1999-0524

CVE-1999-0524 is an ICMP information-disclosure vulnerability where ICMP replies reveal (1) netmask and (2) timestamp to arbitrary hosts. Connected reports link it to multiple products (e.g., Nutanix AHV advisories NXSA‑AHV series and ABB M2M Gateway plugin) and describe the issue as an informati...

4CVSS6.5AI score0.31586EPSS
CVE
CVE
added 1999/09/29 4:0 a.m.439 views

CVE-1999-0024

CVE-1999-0024 describes a DNS cache-poisoning flaw in BIND caused by predictable DNS query IDs. The connected sources consistently state DNS cache poisoning via BIND, with related discussions in Red Hat/Security advisories and CERT context. The materials do not provide a concrete patch version or...

5CVSS6.7AI score0.04935EPSS
CVE
CVE
added 2020/11/20 3:45 a.m.370 views

CVE-2020-4788

CVE-2020-4788 affects IBM Power9 processors (AIX 7.1, 7.2, and VIOS 3.1) and allows a local attacker to obtain sensitive information from data in the L1 cache under extenuating circumstances. The connected IBM advisory lists remediation through iFixes/APARs: AIX 7.1.5.x (APAR IJ28229 family), AIX...

5.1CVSS5.7AI score0.00387EPSS
CVE
CVE
added 1999/09/29 4:0 a.m.243 views

CVE-1999-0017

CVE-1999-0017 is a documented FTP bounce vulnerability where an FTP server can be abused to connect to arbitrary ports on an attacker-controlled host by exploiting the PORT/PORT-like mechanisms. The core issue is that an FTP server’s data connection handling allows bounce traffic to other hosts (...

7.5CVSS6.3AI score0.01975EPSS
CVE
CVE
added 2002/06/25 4:0 a.m.218 views

CVE-2001-0797

CVE-2001-0797 is a buffer overflow in the System V–derived /bin/login (affecting login/telnetd implementations such as TTYPROMPT) triggered by a large number of arguments, enabling remote arbitrary-command execution. The vulnerability affects various System V based OSes and can be exploited via s...

10CVSS7.4AI score0.88836EPSS
CVE
CVE
added 2003/05/14 4:0 a.m.185 views

CVE-2003-0285

CVE-2003-0285 involves IBM AIX 5.2 and earlier shipping Sendmail with three options enabled (promiscuous_relay, accept_unresolvable_domains, accept_unqualified_senders) in sendmail.cf, creating an open mail relay that can be abused for spam. The core issue is a misconfiguration enabling relay fro...

5CVSS4.4AI score0.0503EPSS
CVE
CVE
added 1999/09/29 4:0 a.m.182 views

CVE-1999-0038

CVE-1999-0038 describes a buffer overflow in the xlock program that allows local users to execute commands as root. The connected sources (Red Hat CVE entry, PT Security listing, and multiple feeds) corroborate a local-privilege escalation due to a buffer overflow in xlock, but the documents do n...

8.4CVSS7.9AI score0.01322EPSS
CVE
CVE
added 2023/04/26 11:50 a.m.173 views

CVE-2023-26286

CVE-2023-26286 affects IBM AIX and VIOS: AIX 7.1, 7.2, 7.3 and VIOS 3.1 are vulnerable to arbitrary command execution via a flaw in the AIX runtime services library (librts). The IBM advisory IJ45981 and related APARs specify affected filesets and TL/SP ranges, with remediation through APARs IJ45...

8.4CVSS7.7AI score0.00296EPSS
CVE
CVE
added 1999/09/29 4:0 a.m.169 views

CVE-1999-0513

CVE-1999-0513 describes a vulnerability where ICMP messages to broadcast addresses are allowed, enabling a Smurf attack that can cause a denial of service. The primary sources (NVD, Red Hat, and CVE listings) consistently state that the issue involves ICMP traffic to broadcast addresses, resultin...

5CVSS7.3AI score0.70462EPSS
CVE
CVE
added 2022/03/07 4:55 p.m.169 views

CVE-2022-22351

The CVE-2022-22351 issue affects IBM AIX 7.1, 7.2, 7.3 and VIOS 3.1, where a non-privileged trusted host user can exploit a nimsh daemon vulnerability to cause a denial of service on the nimsh daemon of another trusted host. Affected filesets include bos.sysmgt.nim.client across TLs 7.1.5.x, 7.2....

8.6CVSS7.9AI score0.01174EPSS
CVE
CVE
added 2025/03/18 4:15 p.m.168 views

CVE-2024-56346

Summary of CVE-2024-56346 and related IBM AIX NIM vulnerabilities. The primary issue involves the nimsh/NIM master service on IBM AIX (NIM master) enabling remote code execution due to improper process controls. Affected products/versions per connected advisories: AIX 7.2 and 7.3, and VIOS 3.1 an...

10CVSS9.8AI score0.01058EPSS
CVE
CVE
added 2023/04/28 2:6 a.m.165 views

CVE-2023-28528

CVE-2023-28528 affects IBM AIX 7.1, 7.2, 7.3 and VIOS 3.1. The vulnerability resides in the invscout command, enabling a non-privileged local user to trigger arbitrary command execution via a set-UID root context (a command-injection weakness). Affected fileset: invscout.rte (2.2.0.0–2.2.0.23). R...

8.4CVSS7.8AI score0.01457EPSS
CVE
CVE
added 2022/02/24 5:5 p.m.161 views

CVE-2021-38995

CVE-2021-38995 affects the IBM AIX kernel on AIX 7.1, 7.2, 7.3 and VIOS 3.1, allowing a non-privileged local user to cause a denial of service. The IBM Security Bulletin (and NVD entry) cite a kernel vulnerability with an impact to availability (DoS) and list affected filesets and TL/SP levels. A...

6.2CVSS5AI score0.0023EPSS
CVE
CVE
added 1999/09/29 4:0 a.m.159 views

CVE-1999-0097

The CVE-1999-0097 entry concerns the AIX FTP client, where a malicious FTP server can force execution of shell commands on the client via metacharacters (for example, a pipe). The issue is documented across multiple sources (NVD, CVE list) and is consistent with historical CERT/Red Hat advisories...

10CVSS7.2AI score0.0404EPSS
CVE
CVE
added 2022/03/01 4:45 p.m.159 views

CVE-2021-38955

CVE-2021-38955 affects IBM AIX 7.1/7.2/7.3 and VIOS 3.1. A local user with elevated privileges can trigger a denial of service due to a file-creation vulnerability in the audit commands. Root cause: issues in the audit component leading to DoS when files are created. Valid exploitation details ar...

4.4CVSS4.4AI score0.00211EPSS
CVE
CVE
added 2022/03/02 4:35 p.m.143 views

CVE-2022-22350

CVE-2022-22350 affects IBM AIX 7.1, 7.2, 7.3 and VIOS 3.1, where a non-privileged local user can exploit a vulnerability in CAA to cause a denial of service. This is supported by multiple sources (NVD entry and CNVD/CVE records) describing a local-event DoS condition via the CAA kernel; explicit ...

6.2CVSS5.1AI score0.00214EPSS
CVE
CVE
added 2022/02/24 5:5 p.m.141 views

CVE-2021-38994

CVE-2021-38994 affects IBM AIX 7.1, 7.2, 7.3 and VIOS 3.1. The IBM Security Bulletin notes a kernel vulnerability exploitable by a non-privileged local user that can cause a denial of service. Affected filesets include bos.mp64 across TLs 7.1.5.x, 7.2.4.x, 7.2.5.x, and 7.3.0.x with corresponding ...

6.2CVSS5AI score0.0023EPSS
CVE
CVE
added 2024/02/22 11:39 a.m.135 views

CVE-2024-25021

CVE-2024-25021 affects IBM AIX 7.3 and VIOS 4.1 where Perl's runtime could allow a non-privileged local user to execute arbitrary commands. Affected fileset: perl.rte (levels 5.34.0.0–5.34.1.5); remediation recommends perl.rte.5.34.1.6 on AIX 7.3 TL1+ and VIOS 4.1, with an OpenSSL 3.0 dependency....

8.4CVSS8.2AI score0.00269EPSS
CVE
CVE
added 1999/09/29 4:0 a.m.134 views

CVE-1999-0003

CVE-1999-0003: A buffer overflow in the ToolTalk database server (rpc.ttdbserverd) may allow an attacker to execute arbitrary commands as root. Affected component is ToolTalk’s object database server; exploitation would require access to the vulnerable service. In the provided references, the imp...

10CVSS7.5AI score0.2438EPSS
CVE
CVE
added 2022/03/07 4:55 p.m.130 views

CVE-2021-38989

CVE-2021-38989 affects IBM AIX 7.1, 7.2, 7.3 and VIOS 3.1, where a non-privileged local user could exploit a vulnerability in the AIX kernel (pmsvcs kernel extension) to cause a denial of service. Affected filesets include bos.pmapi.pmsvcs across TLs 7.1.5.0–7.3.0.0 and VIOS 3.1.x. IBM lists APAR...

6.2CVSS5AI score0.00217EPSS
CVE
CVE
added 2022/12/23 6:19 p.m.128 views

CVE-2022-43381

CVE-2022-43381 affects IBM AIX 7.1, 7.2, 7.3 and VIOS 3.1 via the AIX SMB client. A non-privileged local user can trigger a denial of service by exploiting the SMB client daemon. Affected filesets (smbc.rte) include 7.1.0.0–7.1.302.8 and 7.2.0.0–7.2.302.8; remediation is provided as fixes in smbc...

6.2CVSS6AI score0.00185EPSS
CVE
CVE
added 2023/08/24 1:0 p.m.126 views

CVE-2023-40371

CVE-2023-40371 affects IBM AIX 7.2, 7.3 and VIOS 3.1 via OpenSSH, allowing a non-privileged local user to access files outside allowed boundaries due to improper access controls. The IBM advisory (openssh_fix15) lists fixed interim packages: openssh.base (versions 8.1.102.2106 and 9.2.112.2000) w...

6.2CVSS5.8AI score0.00119EPSS
CVE
CVE
added 2022/12/20 8:11 p.m.124 views

CVE-2022-43382

CVE-2022-43382 affects IBM AIX 7.1, 7.2, 7.3 and VIOS 3.1. It arises from a vulnerability in the lpd daemon that allows a local user with elevated privileges to cause a denial of service. Affected filesets and AIX levels are listed in the IBM advisory IJ44552/IJ44559/IJ44562/IJ44564 with interim/...

6.2CVSS5.2AI score0.00179EPSS
CVE
CVE
added 2023/11/10 3:52 a.m.122 views

CVE-2023-45167

CVE-2023-45167 affects IBM AIX 7.3 (Python implementation) and VIOS 4.1. A non-privileged local user could cause a denial of service via the Python component, with the root cause tied to the AIX Python stack. IBM’s advisory notes a fix is available (python3.9.base fileset, version 3.9.18.0) and p...

6.2CVSS5.7AI score0.00252EPSS
CVE
CVE
added 2022/12/23 7:26 p.m.117 views

CVE-2022-39164

CVE-2022-39164 affects IBM AIX 7.1/7.2/7.3 and VIOS 3.1. A non-privileged local user could exploit a vulnerability in the AIX kernel to cause a denial of service. IBM specifies kernel-level fixes (APARs/IJ fixes) across AIX TLs and VIOS levels; remediation requires installing the appropriate iFix...

6.2CVSS5.8AI score0.00185EPSS
CVE
CVE
added 2025/03/18 4:16 p.m.116 views

CVE-2024-56347

IBM AIX nimsh service SSL/TLS implementations (CVE-2024-56347) affect AIX 7.2 and 7.3 (also VIOS 3.1/4.1). Root cause: improper process controls in nimsh allow remote command execution. Impact is remote, unauthenticated access with high/critical severity in the CVSS vector (network, none/low comp...

9.6CVSS9.6AI score0.00858EPSS
CVE
CVE
added 2003/09/18 4:0 a.m.114 views

CVE-2003-0694

CVE-2003-0694 affects Sendmail 8.12.9, where the prescan function (parsing SMTP headers in parseaddr.c) can be exploited remotely via a buffer overflow to execute arbitrary code. Debian DSA-384 also references CAN-2003-0694 in its two vulnerabilities entry. The available documents confirm affecte...

10CVSS7.7AI score0.60185EPSS
CVE
CVE
added 2024/05/16 4:32 p.m.114 views

CVE-2024-27260

CVE-2024-27260 : IBM AIX and VIOS are affected by a vulnerability in the invscout command that could allow a non-privileged local user to execute arbitrary commands. Affected products/versions: AIX 7.2 and 7.3; VIOS 3.1 and 4.1 (invscout.rte 2.2.0.0–2.2.0.26). Root cause is the invscout component...

8.4CVSS7AI score0.0023EPSS
CVE
CVE
added 2003/03/21 5:0 a.m.113 views

CVE-2003-0028

Technical details about CVE-2003-0028 are not present in the provided documents. The connected sources reference the CVE in Debian/OpenVAS advisories but do not specify affected products, root cause, versions, impact, or fixes.

7.5CVSS9.8AI score0.15031EPSS
CVE
CVE
added 2015/01/15 10:0 p.m.111 views

CVE-2014-8904

CVE-2014-8904 affects IBM AIX (versions 5.3, 6.1, 7.1) and VIOS 2.2.x. The vulnerability is a local privilege escalation in lquerylv (cmdlvm) where a crafted DBGCMD_LQUERYLV environment variable enables a local user to gain root privileges. Public exploitation exists: exploit code and demonstrati...

7.2CVSS6AI score0.0096EPSS
CVE
CVE
added 2017/02/15 7:0 p.m.110 views

CVE-2016-8972

CVE-2016-8972 affects IBM AIX 6.1, 7.1 and 7.2 via the bellmail client, enabling a local user to gain root privileges through a specially crafted command. Root access hinges on insecure permissions around bellmail; APARs IV91006–IV91011 exist. AIX advisories (bellmail_advisory.asc) and exploit re...

7.8CVSS7.5AI score0.01384EPSS
CVE
CVE
added 1999/09/29 4:0 a.m.109 views

CVE-1999-0046

The CVE-1999-0046 entry documents a buffer overflow in the rlogin program triggered by the TERM environment variable. Red Hat/NVD entries confirm a buffer overflow affecting rlogin; no specific vulnerable versions or patches are provided in the supplied sources. Exploitation details, affected pro...

10CVSS7.1AI score0.51878EPSS
CVE
CVE
added 2022/03/07 4:55 p.m.109 views

CVE-2021-38988

CVE-2021-38988 affects IBM AIX 7.1, 7.2, 7.3 and VIOS 3.1 via the AIX pfcdd kernel extension. A non-privileged local user can cause a denial of service by exploiting a vulnerability in the AIX kernel. The issue is rooted in the pfcdd extension handling of incoming messages, leading to an availabi...

6.2CVSS5AI score0.00217EPSS
CVE
CVE
added 2024/05/07 8:17 p.m.109 views

CVE-2024-27273

IBM AIX (AIX 7.2, 7.3, VIOS 3.1, VIOS 4.1) has a privilege-escalation issue in the Unix domain datagram socket implementation when using SO_PEERID, potentially exposing local applications. CVSS indicates LOCAL access, LOW privileges required, with HIGH confidentiality/integrity/availability impac...

8.1CVSS7.7AI score0.00146EPSS
CVE
CVE
added 2022/03/02 4:35 p.m.108 views

CVE-2021-38996

CVE-2021-38996 affects IBM AIX 7.1, 7.2, 7.3 and VIOS 3.1. Connected sources indicate a vulnerability in the AIX kernel (and related CAA path) that could allow a non-privileged local user to cause a denial of service. The Nessus/NVD entries reference several APARs (IJ36682, IJ37496, IJ36596, IJ37...

6.2CVSS5AI score0.00214EPSS
CVE
CVE
added 2025/08/08 4:32 p.m.108 views

CVE-2025-8732

CVE-2025-8732 affects libxml2 up to 2.14.5, with a vulnerability in xmlParseSGMLCatalog that can trigger uncontrolled recursion during SGML catalog processing. Local attackers are required, and exploit details have circulated publicly; the real-world impact remains debated in some sources. Severa...

4.8CVSS4AI score0.00202EPSS
CVE
CVE
added 2024/12/07 12:42 p.m.107 views

CVE-2024-47115

CVE-2024-47115 affects IBM AIX 7.2/7.3 and VIOS 3.1/4.1, due to improper neutralization of input in the invscout component that could allow a local user to execute arbitrary commands. The vulnerable fileset is invscout.rte (AIX) with versions 2.2.0.0–2.2.0.26. IBM’s advisory (invscout_intro) list...

7.8CVSS7.9AI score0.00231EPSS
CVE
CVE
added 2022/02/25 6:0 p.m.106 views

CVE-2021-38993

CVE-2021-38993 – details from IBM advisory Affected products: IBM AIX 7.1, 7.2, 7.3 and VIOS 3.1. Affected component: smbcd daemon. Issue: input validation error in smbcd can allow a non-privileged local user to cause a denial of service. Impact: CVSS3.0 vector (AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:...

6.2CVSS5.2AI score0.00214EPSS
CVE
CVE
added 2022/12/23 6:48 p.m.106 views

CVE-2022-39165

CVE-2022-39165 affects IBM AIX 7.1, 7.2, 7.3 and VIOS 3.1. It is a local, non-privileged user vulnerability in the CAA component that can cause a denial of service. The IBM security bulletin notes an impact of Availability (A) = High with Privileges Required = None and Local access. AIX/VIOS patc...

6.2CVSS5.9AI score0.00185EPSS
CVE
CVE
added 2022/06/15 3:40 p.m.105 views

CVE-2022-22444

The CVE-2022-22444 issue affects IBM AIX 7.1, 7.2, 7.3 and VIOS 3.1. A local user could exploit a vulnerability in the lpd daemon to cause a denial of service. IBM’s advisories (lpd_advisory2.asc) list affected filesets and APARs (e.g., IJ39868, IJ39875, IJ39876, IJ39877, IJ39878) and provide fix...

6.2CVSS5.1AI score0.0023EPSS
CVE
CVE
added 2013/07/18 4:0 p.m.103 views

CVE-2013-4011

CVE-2013-4011 affects IBM AIX 6.1/7.1 (and VIOS 2.2.2.2-FP-26 SP-02) InfiniBand subsystem components, enabling local privilege escalation via vulnerable paths in ibstat and arp.ib. Public references describe local-root escalation through a trusted SUID ibstat-based workflow and list related explo...

7.2CVSS6.4AI score0.02846EPSS
CVE
CVE
added 2001/01/22 5:0 a.m.102 views

CVE-2000-0844

The connected records confirm CVE-2000-0844 affects Unix locale subsystem functions that fail to cleanse user-supplied format strings, enabling local attackers to execute arbitrary commands through gettext, catopen, and related calls. The root cause is improper sanitization of format strings in l...

10CVSS7.7AI score0.15349EPSS
CVE
CVE
added 2022/12/23 7:16 p.m.102 views

CVE-2022-43849

CVE-2022-43849 affects IBM AIX 7.1/7.2/7.3 and VIOS 3.1 via vulnerability in the AIX pfcdd kernel extension that can allow a non-privileged local user to cause a denial of service. The connected IBM bulletin lists affected filesets and kernel extensions and provides remediation in the form of APA...

6.2CVSS5.8AI score0.00185EPSS
CVE
CVE
added 2022/12/23 7:6 p.m.101 views

CVE-2022-43848

CVE-2022-43848 affects IBM AIX 7.1, 7.2, 7.3 and VIOS 3.1. A non-privileged local user can exploit a vulnerability in the AIX perfstat kernel extension to cause a denial of service (availability impact HIGH). The IBM bulletin lists specific APARs and iFixes across kernel, perfstat, pfcdd, NFS, TC...

6.2CVSS5.8AI score0.00185EPSS
CVE
CVE
added 1999/09/29 4:0 a.m.100 views

CVE-1999-0019

Technical details about CVE-1999-0019 are not publicly available in the provided documents. Monitor for official advisories for affected products, impact, and remediation.

5CVSS7.3AI score0.0164EPSS
CVE
CVE
added 2022/09/13 8:45 p.m.100 views

CVE-2022-34356

CVE-2022-34356 affects IBM AIX 7.1, 7.2, 7.3 and VIOS 3.1. A local, non-privileged user could exploit a vulnerability in the AIX kernel to obtain root privileges. The IBM Security Bulletin (kernel_advisory4) confirms the affected products/versions and lists the vulnerable filesets (e.g., bos.mp64...

8.4CVSS7AI score0.00214EPSS
CVE
CVE
added 2014/07/02 10:0 a.m.99 views

CVE-2014-3074

The CVE-2014-3074 incident affects IBM AIX 6.1/7.1 (and VIOS 2.2.x) where the runtime linker allows local privilege escalation by manipulating MALLOCOPTIONS/MALLOCBUCKETS and then running a setuid program to create a root-owned 666 file. The root cause is in the malloc subsystem used by the AIX r...

7.2CVSS5.9AI score0.00576EPSS
Total number of security vulnerabilities400