Lucene search

K

79 matches found

CVE
CVE
added 2009/10/15 10:30 a.m.55 views

CVE-2009-3699

Stack-based buffer overflow in libcsa.a (aka the calendar daemon library) in IBM AIX 5.x through 5.3.10 and 6.x through 6.1.3, and VIOS 2.1 and earlier, allows remote attackers to execute arbitrary code via a long XDR string in the first argument to procedure 21 of rpc.cmsd.

10CVSS7.6AI score0.78521EPSS
CVE
CVE
added 2021/11/17 2:15 p.m.55 views

CVE-2021-29861

IBM AIX 7.1, 7.2, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in EFS to expose sensitive information. IBM X-Force ID: 206085.

6.2CVSS5.8AI score0.00108EPSS
CVE
CVE
added 2024/12/25 3:15 p.m.54 views

CVE-2024-52906

IBM AIX 7.2, 7.3, VIOS 3.1, and 4.1 could allow a non-privileged local user to exploit a vulnerability in the TCP/IP kernel extension to cause a denial of service.

5.5CVSS5.2AI score0.0002EPSS
CVE
CVE
added 2014/06/08 11:55 p.m.53 views

CVE-2014-3977

libodm.a in IBM AIX 6.1 and 7.1, and VIOS 2.2.x, allows local users to overwrite arbitrary files via a symlink attack on a temporary file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-2179.

6.9CVSS6AI score0.00223EPSS
CVE
CVE
added 2016/08/08 1:59 a.m.53 views

CVE-2016-0266

IBM AIX 5.3, 6.1, 7.1, and 7.2 and VIOS 2.2.x do not default to the latest TLS version, which makes it easier for man-in-the-middle attackers to obtain sensitive information via unspecified vectors.

4.3CVSS3.7AI score0.007EPSS
CVE
CVE
added 2012/10/20 10:41 a.m.52 views

CVE-2012-4845

The FTP client in IBM AIX 6.1 and 7.1, and VIOS 2.2.1.4-FP-25 SP-02, does not properly manage privileges in an RBAC environment, which allows attackers to bypass intended file-read restrictions by leveraging the setuid installation of the ftp executable file.

6.8CVSS6.1AI score0.00569EPSS
CVE
CVE
added 2023/12/13 11:15 p.m.52 views

CVE-2023-45174

IBM AIX 7.2, 7.3, and VIOS 3.1 could allow a privileged local user to exploit a vulnerability in the qdaemon command to escalate privileges or cause a denial of service. IBM X-Force ID: 267972.

8.4CVSS7.7AI score0.00033EPSS
CVE
CVE
added 2024/12/25 3:15 p.m.52 views

CVE-2024-47102

IBM AIX 7.2, 7.3, VIOS 3.1, and 4.1 could allow a non-privileged local user to exploit a vulnerability in the AIX perfstat kernel extension to cause a denial of service.

5.5CVSS5.2AI score0.00029EPSS
CVE
CVE
added 2022/01/10 2:10 p.m.50 views

CVE-2021-38990

IBM AIX 7.1, 7.2, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the mount command which could lead to code execution. IBM X-Force ID: 212952.

8.4CVSS7.3AI score0.00103EPSS
CVE
CVE
added 2010/05/20 5:30 p.m.49 views

CVE-2010-1039

Format string vulnerability in the _msgout function in rpc.pcnfsd in IBM AIX 6.1, 5.3, and earlier; IBM VIOS 2.1, 1.5, and earlier; NFS/ONCplus B.11.31_09 and earlier on HP HP-UX B.11.11, B.11.23, and B.11.31; and SGI IRIX 6.5 allows remote attackers to execute arbitrary code via an RPC request con...

10CVSS7.4AI score0.26547EPSS
CVE
CVE
added 2012/06/27 10:18 a.m.48 views

CVE-2012-2200

The default configuration of sendmail in IBM AIX 6.1 and 7.1, and VIOS 2.2.1.4-FP-25 SP-02, allows local users to gain privileges by entering a command in a .forward file in a home directory.

7.2CVSS6.4AI score0.00114EPSS
CVE
CVE
added 2021/06/28 4:15 p.m.48 views

CVE-2021-29693

IBM AIX 7.1, 7.2, and VIOS 3.1 could allow a local user that is in the with elevated group privileges to cause a denial of service due to a vulnerability in the lpd daemon. IBM X-Force ID: 200255.

4.9CVSS4.4AI score0.00102EPSS
CVE
CVE
added 2012/05/04 4:55 p.m.47 views

CVE-2012-0745

The getpwnam function in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.1.0.10 through 2.2.1.3 does not properly interact with customer-extended LDAP user filtering, which allows local users to gain privileges via unspecified vectors.

7.2CVSS6.1AI score0.00082EPSS
CVE
CVE
added 2021/01/20 3:15 p.m.47 views

CVE-2020-4887

IBM AIX 7.1, 7.2 and AIX VIOS 3.1 could allow a local user to exploit a vulnerability in the gencore user command to create arbitrary files in any directory. IBM X-Force ID: 190911.

6.2CVSS5.5AI score0.00042EPSS
CVE
CVE
added 2010/03/10 10:30 p.m.46 views

CVE-2010-0960

Buffer overflow in qosmod in bos.net.tcp.server in IBM AIX 6.1 and VIOS 2.1 allows local users to gain privileges via unspecified vectors.

7.2CVSS6.7AI score0.00069EPSS
CVE
CVE
added 2012/06/20 10:27 a.m.45 views

CVE-2012-2192

The socketpair function in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.2.1.4-FP-25 SP-02 allows local users to cause a denial of service (system crash) via a crafted application that leverages the presence of a socket on the free list.

4.9CVSS6AI score0.00062EPSS
CVE
CVE
added 2016/08/08 1:59 a.m.45 views

CVE-2016-0281

The mustendd driver in IBM AIX 5.3, 6.1, 7.1, and 7.2 and VIOS 2.2.x, when the jumbo_frames feature is not enabled, allows remote attackers to cause a denial of service (FC1763 or FC5899 adapter crash) via crafted packets.

4.3CVSS4.1AI score0.02821EPSS
CVE
CVE
added 2012/09/14 11:55 p.m.44 views

CVE-2012-4817

The NFSv4 client implementation in IBM AIX 5.3, 6.1, and 7.1, and VIOS before 2.2.1.4-FP-25 SP-02, does not properly handle GID values, which allows remote attackers to cause a denial of service via unspecified vectors.

5CVSS6.6AI score0.02437EPSS
CVE
CVE
added 2012/10/01 6:55 p.m.44 views

CVE-2012-4833

fuser in IBM AIX 6.1 and 7.1, and VIOS 2.2.1.4-FP-25 SP-02, does not properly restrict the -k option, which allows local users to kill arbitrary processes via a crafted command line.

2.1CVSS6AI score0.00054EPSS
CVE
CVE
added 2024/01/11 3:15 a.m.44 views

CVE-2023-45169

IBM AIX 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the pmsvcs kernel extension to cause a denial of service. IBM X-Force ID: 267967.

6.2CVSS5AI score0.00025EPSS
CVE
CVE
added 2024/01/11 3:15 a.m.43 views

CVE-2023-45171

IBM AIX 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the kernel to cause a denial of service. IBM X-Force ID: 267969.

6.2CVSS5AI score0.00024EPSS
CVE
CVE
added 2012/07/30 7:55 p.m.41 views

CVE-2012-0723

The kernel in IBM AIX 5.3, 6.1, and 7.1, and VIOS 2.2.1.4-FP-25 SP-02, does not properly implement the dupmsg system call, which allows local users to cause a denial of service (system crash) via a crafted application.

4.9CVSS5.8AI score0.00065EPSS
CVE
CVE
added 2023/12/01 3:15 p.m.41 views

CVE-2023-45168

IBM AIX 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the invscout command to execute arbitrary commands. IBM X-Force ID: 267966.

8.4CVSS7.9AI score0.00069EPSS
CVE
CVE
added 2010/09/16 9:0 p.m.40 views

CVE-2010-3405

Buffer overflow in sa_snap in the bos.esagent fileset in IBM AIX 6.1, 5.3, and earlier and VIOS 2.1, 1.5, and earlier allows local users to leverage system group membership and gain privileges via unspecified vectors.

6.8CVSS6.4AI score0.00061EPSS
CVE
CVE
added 2012/03/02 10:55 p.m.39 views

CVE-2011-1385

IBM AIX 5.3, 6.1, and 7.1, and VIOS 2.1.x and 2.2.x, allows remote attackers to cause a denial of service (system crash) via an ICMP Echo Reply packet that contains 1 in the Identifier field, a different vulnerability than CVE-2012-0194.

7.8CVSS6.2AI score0.0527EPSS
CVE
CVE
added 2010/03/10 10:30 p.m.34 views

CVE-2010-0961

Buffer overflow in qoslist in bos.net.tcp.server in IBM AIX 6.1 and VIOS 2.1 allows local users to gain privileges via unspecified vectors.

7.2CVSS6.7AI score0.00069EPSS
CVE
CVE
added 2025/06/10 5:23 p.m.34 views

CVE-2025-33112

IBM AIX 7.3 and IBM VIOS 4.1.1 Perl implementation could allow a non-privileged local user to exploit a vulnerability to execute arbitrary code due to improper neutralization of pathname input.

8.4CVSS8.4AI score0.0003EPSS
CVE
CVE
added 2023/12/19 11:15 p.m.33 views

CVE-2023-45172

IBM AIX 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in AIX windows to cause a denial of service. IBM X-Force ID: 267970.

6.2CVSS5.6AI score0.00016EPSS
CVE
CVE
added 2024/01/11 2:15 a.m.33 views

CVE-2023-45173

IBM AIX 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the NFS kernel extension to cause a denial of service. IBM X-Force ID: 267971.

6.2CVSS5AI score0.00025EPSS
Total number of security vulnerabilities79