Show filters
84 Total Results
Displaying 1-10 of 84
Sort by:
Attacker Value
Moderate

CVE-2018-1655

Disclosure Date: June 22, 2018 (last updated November 26, 2024)
IBM AIX 5.3, 6.1, 7.1, and 7.2 contains a vulnerability in the rmsock command that may be used to expose kernel memory. IBM X-Force ID: 144748.
1
1
Attacker Value
Very High

CVE-2014-3074

Disclosure Date: July 02, 2014 (last updated October 05, 2023)
The runtime linker in IBM AIX 6.1 and 7.1 and VIOS 2.2.x allows local users to create a mode-666 root-owned file, and consequently gain privileges, by setting crafted MALLOCOPTIONS and MALLOCBUCKETS environment-variable values and then executing a setuid program.
1
1
Attacker Value
Very High

CVE-2014-3977

Disclosure Date: June 08, 2014 (last updated October 05, 2023)
libodm.a in IBM AIX 6.1 and 7.1, and VIOS 2.2.x, allows local users to overwrite arbitrary files via a symlink attack on a temporary file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-2179.
1
1
Attacker Value
Very High

CVE-2014-0930

Disclosure Date: May 08, 2014 (last updated October 05, 2023)
The ptrace system call in IBM AIX 5.3, 6.1, and 7.1, and VIOS 2.2.x, allows local users to cause a denial of service (system crash) or obtain sensitive information from kernel memory via a crafted PT_LDINFO operation.
1
1
Attacker Value
Very High

CVE-2013-4011

Disclosure Date: July 18, 2013 (last updated October 05, 2023)
Multiple unspecified vulnerabilities in the InfiniBand subsystem in IBM AIX 6.1 and 7.1, and VIOS 2.2.2.2-FP-26 SP-02, allow local users to gain privileges via vectors involving (1) arp.ib or (2) ibstat.
1
1
Attacker Value
Unknown

CVE-2014-3566

Disclosure Date: October 15, 2014 (last updated November 25, 2024)
The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
1
0
Attacker Value
Unknown

CVE-2018-1383

Disclosure Date: February 13, 2018 (last updated November 26, 2024)
A software logic bug creates a vulnerability in an AIX 6.1, 7.1, and 7.2 daemon which could allow a user with root privileges on one system, to obtain root access on another machine. IBM X-force ID: 138117.
0
0
Attacker Value
Unknown

CVE-2017-1692

Disclosure Date: February 07, 2018 (last updated November 26, 2024)
IBM AIX 5.3, 6.1, 7.1, and 7.2 contains an unspecified vulnerability that would allow a locally authenticated user to obtain root level privileges. IBM X-Force ID: 134067.
0
0
Attacker Value
Unknown

CVE-2017-1541

Disclosure Date: October 04, 2017 (last updated November 26, 2024)
A flaw in the AIX 5.3, 6.1, 7.1, and 7.2 JRE/SDK installp and updatep packages prevented the java.security, java.policy and javaws.policy files from being updated correctly. IBM X-Force ID: 130809.
0
0
Attacker Value
Unknown

CVE-2016-8972

Disclosure Date: February 15, 2017 (last updated November 26, 2024)
IBM AIX 6.1, 7.1, and 7.2 could allow a local user to gain root privileges using a specially crafted command within the bellmail client. IBM APARs: IV91006, IV91007, IV91008, IV91010, IV91011.
0
0
View More Topics  Next >