Show filters
73 Total Results
Displaying 1-10 of 73
Sort by:
Attacker Value
Moderate

CVE-2018-1655

Disclosure Date: June 22, 2018 (last updated November 26, 2024)
IBM AIX 5.3, 6.1, 7.1, and 7.2 contains a vulnerability in the rmsock command that may be used to expose kernel memory. IBM X-Force ID: 144748.
1
1
Attacker Value
Very High

CVE-2014-3074

Disclosure Date: July 02, 2014 (last updated October 05, 2023)
The runtime linker in IBM AIX 6.1 and 7.1 and VIOS 2.2.x allows local users to create a mode-666 root-owned file, and consequently gain privileges, by setting crafted MALLOCOPTIONS and MALLOCBUCKETS environment-variable values and then executing a setuid program.
1
1
Attacker Value
Very High

CVE-2014-3977

Disclosure Date: June 08, 2014 (last updated October 05, 2023)
libodm.a in IBM AIX 6.1 and 7.1, and VIOS 2.2.x, allows local users to overwrite arbitrary files via a symlink attack on a temporary file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-2179.
1
1
Attacker Value
Very High

CVE-2014-0930

Disclosure Date: May 08, 2014 (last updated October 05, 2023)
The ptrace system call in IBM AIX 5.3, 6.1, and 7.1, and VIOS 2.2.x, allows local users to cause a denial of service (system crash) or obtain sensitive information from kernel memory via a crafted PT_LDINFO operation.
1
1
Attacker Value
Very High

CVE-2013-4011

Disclosure Date: July 18, 2013 (last updated October 05, 2023)
Multiple unspecified vulnerabilities in the InfiniBand subsystem in IBM AIX 6.1 and 7.1, and VIOS 2.2.2.2-FP-26 SP-02, allow local users to gain privileges via vectors involving (1) arp.ib or (2) ibstat.
1
1
Attacker Value
Unknown

CVE-2020-4887

Disclosure Date: January 19, 2021 (last updated November 28, 2024)
IBM AIX 7.1, 7.2 and AIX VIOS 3.1 could allow a local user to exploit a vulnerability in the gencore user command to create arbitrary files in any directory. IBM X-Force ID: 190911.
Attack Vector: LocalPrivileges: LowUser Interaction: None
1
0
Attacker Value
Unknown

CVE-2014-3566

Disclosure Date: October 15, 2014 (last updated November 25, 2024)
The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
1
0
Attacker Value
Unknown

CVE-2023-28528

Disclosure Date: April 28, 2023 (last updated October 08, 2023)
IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the invscout command to execute arbitrary commands. IBM X-Force ID: 251207.
Attack Vector: LocalPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2023-26286

Disclosure Date: April 26, 2023 (last updated October 08, 2023)
IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the AIX runtime services library to execute arbitrary commands. IBM X-Force ID: 248421.
Attack Vector: LocalPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2022-47990

Disclosure Date: January 18, 2023 (last updated November 08, 2023)
IBM AIX 7.1, 7.2, 7.3 and VIOS , 3.1 could allow a non-privileged local user to exploit a vulnerability in X11 to cause a buffer overflow that could result in a denial of service or arbitrary code execution. IBM X-Force ID: 243556.  
Attack Vector: LocalPrivileges: LowUser Interaction: None
0
0
View More Topics  Next >