Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
IbmAix

160 matches found

CVE
CVEadded 2001/05/07 4:0 a.m.747 views

CVE-2000-1124

Buffer overflow in piobe command in IBM AIX 4.3.x allows local users to gain privileges via long environmental variables.

7.2CVSS7.1AI score0.00126EPSS
CVE
CVEadded 1999/09/29 4:0 a.m.200 views

CVE-1999-0017

FTP servers can allow an attacker to connect to arbitrary ports on machines other than the FTP client, aka FTP bounce.

7.5CVSS6.3AI score0.01136EPSS
CVE
CVEadded 2003/03/25 5:0 a.m.89 views

CVE-2003-0028

Integer overflow in the xdrmem_getbytes() function, and possibly other functions, of XDR (external data representation) libraries derived from SunRPC, including libnsl, libc, glibc, and dietlibc, allows remote attackers to execute arbitrary code via certain integer values in length fields, a differ...

7.5CVSS9.8AI score0.56051EPSS
CVE
CVEadded 2015/01/15 10:59 p.m.87 views

CVE-2014-8904

lquerylv in cmdlvm in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.2.x allows local users to gain privileges via a crafted DBGCMD_LQUERYLV environment-variable value.

7.2CVSS6AI score0.0056EPSS
CVE
CVEadded 2024/12/07 1:19 p.m.85 views

CVE-2024-47115

IBM AIX 7.2, 7.3 and VIOS 3.1 and 4.1 could allow a local user to execute arbitrary commands on the system due to improper neutralization of input.

7.8CVSS7.9AI score0.00052EPSS
CVE
CVEadded 2013/07/18 4:51 p.m.84 views

CVE-2013-4011

Multiple unspecified vulnerabilities in the InfiniBand subsystem in IBM AIX 6.1 and 7.1, and VIOS 2.2.2.2-FP-26 SP-02, allow local users to gain privileges via vectors involving (1) arp.ib or (2) ibstat.

7.2CVSS6.4AI score0.08468EPSS
CVE
CVEadded 2014/07/02 10:35 a.m.81 views

CVE-2014-3074

The runtime linker in IBM AIX 6.1 and 7.1 and VIOS 2.2.x allows local users to create a mode-666 root-owned file, and consequently gain privileges, by setting crafted MALLOCOPTIONS and MALLOCBUCKETS environment-variable values and then executing a setuid program.

7.2CVSS5.9AI score0.00081EPSS
CVE
CVEadded 2017/10/04 1:29 a.m.79 views

CVE-2017-1541

A flaw in the AIX 5.3, 6.1, 7.1, and 7.2 JRE/SDK installp and updatep packages prevented the java.security, java.policy and javaws.policy files from being updated correctly. IBM X-Force ID: 130809.

7.5CVSS7.3AI score0.0046EPSS
CVE
CVEadded 2018/02/07 5:29 p.m.78 views

CVE-2017-1692

IBM AIX 5.3, 6.1, 7.1, and 7.2 contains an unspecified vulnerability that would allow a locally authenticated user to obtain root level privileges. IBM X-Force ID: 134067.

7.8CVSS7.1AI score0.00055EPSS
CVE
CVEadded 2017/02/15 7:59 p.m.76 views

CVE-2016-8972

IBM AIX 6.1, 7.1, and 7.2 could allow a local user to gain root privileges using a specially crafted command within the bellmail client. IBM APARs: IV91006, IV91007, IV91008, IV91010, IV91011.

7.8CVSS7.5AI score0.00627EPSS
CVE
CVEadded 2003/10/06 4:0 a.m.72 views

CVE-2003-0681

A "potential buffer overflow in ruleset parsing" for Sendmail 8.12.9, when using the nonstandard rulesets (1) recipient (2), final, or (3) mailer-specific envelope recipients, has unknown consequences.

7.5CVSS6.8AI score0.12435EPSS
CVE
CVEadded 1999/09/29 4:0 a.m.71 views

CVE-1999-0138

The suidperl and sperl program do not give up root privileges when changing UIDs back to the original users, allowing root access.

7.2CVSS7.4AI score0.00095EPSS
CVE
CVEadded 1999/09/29 4:0 a.m.69 views

CVE-1999-0023

Local user gains root privileges via buffer overflow in rdist, via lookup() function.

7.2CVSS8AI score0.00705EPSS
CVE
CVEadded 2002/07/23 4:0 a.m.68 views

CVE-2002-0677

CDE ToolTalk database server (ttdbserver) allows remote attackers to overwrite arbitrary memory locations with a zero, and possibly gain privileges, via a file descriptor argument in an AUTH_UNIX procedure call, which is used as a table index by the _TT_ISCLOSE procedure.

7.5CVSS6.8AI score0.19026EPSS
CVE
CVEadded 2017/02/01 8:59 p.m.68 views

CVE-2016-3053

IBM AIX contains an unspecified vulnerability that would allow a locally authenticated user to obtain root level privileges.

7.8CVSS7.2AI score0.03041EPSS
CVE
CVEadded 1999/09/29 4:0 a.m.65 views

CVE-1999-0014

Unauthorized privileged access or denial of service via dtappgather program in CDE.

7.2CVSS7.4AI score0.0086EPSS
CVE
CVEadded 1999/09/29 4:0 a.m.63 views

CVE-1999-0064

Buffer overflow in AIX lquerylv program gives root access to local users.

7.2CVSS7.5AI score0.00284EPSS
CVE
CVEadded 2005/01/06 5:0 a.m.63 views

CVE-2004-1329

Untrusted execution path vulnerability in the diag commands (1) lsmcode, (2) diag_exec, (3) invscout, and (4) invscoutd in AIX 5.1 through 5.3 allows local users to execute arbitrary programs by modifying the DIAGNOSTICS environment variable to point to a malicious Dctrl program.

7.2CVSS7.2AI score0.00424EPSS
CVE
CVEadded 2013/06/21 2:55 p.m.63 views

CVE-2013-3035

The IPv6 implementation in the inet subsystem in IBM AIX 6.1 and 7.1, and VIOS 2.2.2.2-FP-26 SP-02, allows remote attackers to cause a denial of service (system hang) via a crafted packet to an IPv6 interface.

7.1CVSS6.2AI score0.06657EPSS
CVE
CVEadded 2017/02/15 7:59 p.m.62 views

CVE-2016-6079

IBM AIX 5.3, 6.1, 7.1, and 7.2 contains an unspecified vulnerability that would allow a locally authenticated user to obtain root level privileges. IBM APARs: IV88658, IV87981, IV88419, IV87640, IV88053.

7.8CVSS7.2AI score0.02047EPSS
CVE
CVEadded 1999/09/29 4:0 a.m.61 views

CVE-1999-0022

Local user gains root privileges via buffer overflow in rdist, via expstr() function.

7.8CVSS7.4AI score0.00254EPSS
CVE
CVEadded 2003/04/02 5:0 a.m.61 views

CVE-2002-0678

CDE ToolTalk database server (ttdbserver) allows local users to overwrite arbitrary files via a symlink attack on the transaction log file used by the _TT_TRANSACTION RPC procedure.

7.2CVSS6.2AI score0.0043EPSS
CVE
CVEadded 2017/02/02 10:59 p.m.61 views

CVE-2017-1093

IBM AIX 6.1, 7.1, and 7.2 could allow a local user to exploit a vulnerability in the bellmail binary to gain root privileges.

7.8CVSS7.4AI score0.00047EPSS
CVE
CVEadded 2008/06/02 9:30 p.m.60 views

CVE-2008-2513

Buffer overflow in the kernel in IBM AIX 5.2, 5.3, and 6.1 allows local users to execute arbitrary code in kernel mode via unknown attack vectors.

7.2CVSS6.9AI score0.00107EPSS
CVE
CVEadded 1999/09/29 4:0 a.m.57 views

CVE-1999-0085

Buffer overflow in rwhod on AIX and other operating systems allows remote attackers to execute arbitrary code via a UDP packet with a long hostname.

7.5CVSS8.7AI score0.04745EPSS
CVE
CVEadded 2005/07/12 4:0 a.m.57 views

CVE-2005-2236

Format string vulnerability in the paginit command in IBM AIX 5.3, and possibly other versions, might allow local users to execute arbitrary code via format strings in command line arguments.

7.2CVSS7.7AI score0.00608EPSS
CVE
CVEadded 1999/09/29 4:0 a.m.56 views

CVE-1999-0041

Buffer overflow in NLS (Natural Language Service).

7.5CVSS7.7AI score0.07175EPSS
CVE
CVEadded 1999/09/29 4:0 a.m.56 views

CVE-1999-0055

Buffer overflows in Sun libnsl allow root access.

7.2CVSS7.5AI score0.0008EPSS
CVE
CVEadded 1999/09/29 4:0 a.m.56 views

CVE-1999-0112

Buffer overflow in AIX dtterm program for the CDE.

7.2CVSS7.7AI score0.03656EPSS
CVE
CVEadded 2023/01/18 7:15 p.m.56 views

CVE-2022-47990

IBM AIX 7.1, 7.2, 7.3 and VIOS , 3.1 could allow a non-privileged local user to exploit a vulnerability in X11 to cause a buffer overflow that could result in a denial of service or arbitrary code execution. IBM X-Force ID: 243556.

7.8CVSS7.1AI score0.00016EPSS
CVE
CVEadded 1999/09/29 4:0 a.m.55 views

CVE-1999-0072

Buffer overflow in AIX xdat gives root access to local users.

7.2CVSS7.5AI score0.00071EPSS
CVE
CVEadded 2006/06/15 8:0 p.m.55 views

CVE-1999-1589

Unspecified vulnerability in crontab in IBM AIX 3.2 allows local users to gain root privileges via unknown attack vectors.

7.2CVSS6.7AI score0.00057EPSS
CVE
CVEadded 1999/09/29 4:0 a.m.54 views

CVE-1999-0093

AIX nslookup command allows local users to obtain root access by not dropping privileges correctly.

7.2CVSS6.6AI score0.00067EPSS
CVE
CVEadded 1999/09/29 4:0 a.m.54 views

CVE-1999-0131

Buffer overflow and denial of service in Sendmail 8.7.5 and earlier through GECOS field gives root access to local users.

7.2CVSS6.8AI score0.00096EPSS
CVE
CVEadded 2000/01/04 5:0 a.m.54 views

CVE-1999-0687

The ToolTalk ttsession daemon uses weak RPC authentication, which allows a remote attacker to execute commands.

7.5CVSS7.3AI score0.07295EPSS
CVE
CVEadded 2004/08/06 4:0 a.m.54 views

CVE-2004-0545

LVM for AIX 5.1 and 5.2 allows local users to overwrite arbitrary files via a symlink attack.

7.2CVSS6.4AI score0.0005EPSS
CVE
CVEadded 1999/09/29 4:0 a.m.53 views

CVE-1999-0090

Buffer overflow in AIX rcp command allows local users to obtain root access.

7.2CVSS7.4AI score0.00071EPSS
CVE
CVEadded 2004/09/01 4:0 a.m.53 views

CVE-2003-0064

The dtterm terminal emulator allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary...

7.5CVSS7.2AI score0.00871EPSS
CVE
CVEadded 2005/04/21 4:0 a.m.52 views

CVE-2000-1216

Buffer overflow in portmir for AIX 4.3.0 allows local users to corrupt lock files and gain root privileges via the echo_error routine.

7.2CVSS7.2AI score0.00517EPSS
CVE
CVEadded 2012/02/06 8:55 p.m.52 views

CVE-2012-0194

The TCP implementation in IBM AIX 5.3, 6.1, and 7.1, when the Large Send Offload option is enabled, allows remote attackers to cause a denial of service (assertion failure and panic) via an unspecified series of packets.

7.1CVSS6.3AI score0.01658EPSS
CVE
CVEadded 2000/06/02 4:0 a.m.51 views

CVE-1999-0118

AIX infod allows local users to gain root access through an X display.

7.2CVSS7.4AI score0.01244EPSS
CVE
CVEadded 2001/01/22 5:0 a.m.51 views

CVE-2000-1120

Buffer overflow in digest command in IBM AIX 4.3.x and earlier allows local users to execute arbitrary commands.

7.2CVSS7.2AI score0.00209EPSS
CVE
CVEadded 2009/08/05 7:30 p.m.51 views

CVE-2009-2669

A certain debugging component in IBM AIX 5.3 and 6.1 does not properly handle the (1) _LIB_INIT_DBG and (2) _LIB_INIT_DBG_FILE environment variables, which allows local users to gain privileges by leveraging a setuid-root program to create an arbitrary root-owned file with world-writable permission...

7.2CVSS6.3AI score0.00077EPSS
CVE
CVEadded 2021/06/17 4:15 p.m.51 views

CVE-2021-29706

IBM AIX 7.1 could allow a non-privileged local user to exploit a vulnerability in the trace facility to expose sensitive information or cause a denial of service. IBM X-Force ID: 200663.

7.1CVSS6.6AI score0.00036EPSS
CVE
CVEadded 2001/05/07 4:0 a.m.50 views

CVE-1999-0115

AIX bugfiler program allows local users to gain root access.

7.2CVSS7.4AI score0.01244EPSS
CVE
CVEadded 2007/09/10 9:17 p.m.50 views

CVE-2007-4797

Multiple buffer overflows in unspecified svprint (System V print) commands in bos.svprint.rte in IBM AIX 5.2 and 5.3 allow local users to gain privileges via unspecified vectors.

7.2CVSS6.8AI score0.00051EPSS
CVE
CVEadded 1999/09/29 4:0 a.m.49 views

CVE-1999-0040

Buffer overflow in Xt library of X Windowing System allows local users to execute commands with root privileges.

7.2CVSS7.9AI score0.003EPSS
CVE
CVEadded 1999/09/29 4:0 a.m.49 views

CVE-1999-0130

Local users can start Sendmail in daemon mode and gain root privileges.

7.2CVSS7AI score0.00886EPSS
CVE
CVEadded 2005/07/14 4:0 a.m.49 views

CVE-2001-1529

Buffer overflow in rpc.yppasswdd (yppasswd server) in AIX allows attackers to gain unauthorized access via a long string. NOTE: due to lack of details in the vendor advisory, it is not clear if this is the same issue as CVE-2001-0779.

7.5CVSS7AI score0.8072EPSS
CVE
CVEadded 2005/04/14 4:0 a.m.49 views

CVE-2003-0954

Buffer overflow in rcp for AIX 4.3.3, 5.1 and 5.2 allows local users to gain privileges.

7.2CVSS7.3AI score0.00075EPSS
Total number of security vulnerabilities160