Show filters
8,080 Total Results
Displaying 11-20 of 8,080
Sort by:
Attacker Value
Very Low
CVE-2019-4473
Disclosure Date: August 05, 2019 (last updated November 27, 2024)
Multiple binaries in IBM SDK, Java Technology Edition 7, 7R, and 8 on the AIX platform use insecure absolute RPATHs, which may facilitate code injection and privilege elevation by local users. IBM X-Force ID: 163984.
1
Attacker Value
Very Low
CVE-2018-1890
Disclosure Date: March 11, 2019 (last updated November 27, 2024)
IBM SDK, Java Technology Edition Version 8 on the AIX platform uses absolute RPATHs which may facilitate code injection and privilege elevation by local users. IBM X-Force ID: 152081.
1
Attacker Value
Moderate
CVE-2018-1655
Disclosure Date: June 22, 2018 (last updated November 26, 2024)
IBM AIX 5.3, 6.1, 7.1, and 7.2 contains a vulnerability in the rmsock command that may be used to expose kernel memory. IBM X-Force ID: 144748.
1
Attacker Value
Unknown
CVE-2017-1274
Disclosure Date: April 25, 2017 (last updated November 26, 2024)
IBM Domino 8.5.3, and 9.0 is vulnerable to a stack based overflow in the IMAP service that could allow an authenticated attacker to execute arbitrary code by specifying a large mailbox name. IBM X-Force ID: 124749.
1
Attacker Value
Moderate
Heap overflow in glibc 2.2 name resolution (CVE-2015-0235)
Disclosure Date: January 28, 2015 (last updated October 05, 2023)
Heap-based buffer overflow in the __nss_hostname_digits_dots function in glibc 2.2, and other 2.x versions before 2.18, allows context-dependent attackers to execute arbitrary code via vectors related to the (1) gethostbyname or (2) gethostbyname2 function, aka "GHOST."
1
Attacker Value
Very High
CVE-2014-3074
Disclosure Date: July 02, 2014 (last updated October 05, 2023)
The runtime linker in IBM AIX 6.1 and 7.1 and VIOS 2.2.x allows local users to create a mode-666 root-owned file, and consequently gain privileges, by setting crafted MALLOCOPTIONS and MALLOCBUCKETS environment-variable values and then executing a setuid program.
1
Attacker Value
Very High
CVE-2014-3977
Disclosure Date: June 08, 2014 (last updated October 05, 2023)
libodm.a in IBM AIX 6.1 and 7.1, and VIOS 2.2.x, allows local users to overwrite arbitrary files via a symlink attack on a temporary file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-2179.
1
Attacker Value
Very High
CVE-2014-2591
Disclosure Date: May 14, 2014 (last updated October 05, 2023)
Untrusted search path vulnerability in BMC Patrol for AIX 3.9.00 allows local users to gain privileges via a crafted library, related to an incorrect RPATH setting.
1
Attacker Value
Very High
CVE-2014-0930
Disclosure Date: May 08, 2014 (last updated October 05, 2023)
The ptrace system call in IBM AIX 5.3, 6.1, and 7.1, and VIOS 2.2.x, allows local users to cause a denial of service (system crash) or obtain sensitive information from kernel memory via a crafted PT_LDINFO operation.
1
Attacker Value
Very High
CVE-2013-4011
Disclosure Date: July 18, 2013 (last updated October 05, 2023)
Multiple unspecified vulnerabilities in the InfiniBand subsystem in IBM AIX 6.1 and 7.1, and VIOS 2.2.2.2-FP-26 SP-02, allow local users to gain privileges via vectors involving (1) arp.ib or (2) ibstat.
1
