Vulnerabilities (CVE)

Filtered by vendor Ibm Subscribe
Filtered by product Vios
Total 73 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-29741 1 Ibm 2 Aix, Vios 2024-02-28 7.2 HIGH 7.8 HIGH
IBM AIX 7.1, 7.2, and VIOS 3.1 could allow a local user to exploit a vulnerability in Korn Shell (ksh) to gain root privileges. IBM X-Force ID: 201478.
CVE-2021-29727 1 Ibm 2 Aix, Vios 2024-02-28 4.9 MEDIUM 5.5 MEDIUM
IBM AIX 7.1, 7.2, and VIOS 3.1 could allow a local user to exploit a vulnerability in the AIX kernel to cause a denial of service. IBM X-Force ID: 201106.
CVE-2021-29862 1 Ibm 2 Aix, Vios 2024-02-28 4.9 MEDIUM 5.5 MEDIUM
IBM AIX 7.1, 7.2, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the AIX kernel to cause a denial of service. IBM X-Force ID: 206086.
CVE-2021-29801 1 Ibm 2 Aix, Vios 2024-02-28 7.2 HIGH 7.8 HIGH
IBM AIX 7.1, 7.2, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the kernel to gain root privileges. IBM X-Force ID: 203977.
CVE-2020-4829 1 Ibm 2 Aix, Vios 2024-02-28 7.2 HIGH 7.8 HIGH
IBM AIX 7.1, 7.2, and VIOS 3.1 could allow a local user to exploit a vulnerability in the ksu user command to gain root privileges. IBM X-Force ID: 189960.
CVE-2020-4788 3 Fedoraproject, Ibm, Oracle 7 Fedora, Aix, Power9 and 4 more 2024-02-28 1.9 LOW 4.7 MEDIUM
IBM Power9 (AIX 7.1, 7.2, and VIOS 3.1) processors could allow a local user to obtain sensitive information from the data in the L1 cache under extenuating circumstances. IBM X-Force ID: 189296.
CVE-2020-4887 1 Ibm 2 Aix, Vios 2024-02-28 2.1 LOW 5.5 MEDIUM
IBM AIX 7.1, 7.2 and AIX VIOS 3.1 could allow a local user to exploit a vulnerability in the gencore user command to create arbitrary files in any directory. IBM X-Force ID: 190911.
CVE-2016-8972 1 Ibm 2 Aix, Vios 2024-02-28 7.2 HIGH 7.8 HIGH
IBM AIX 6.1, 7.1, and 7.2 could allow a local user to gain root privileges using a specially crafted command within the bellmail client. IBM APARs: IV91006, IV91007, IV91008, IV91010, IV91011.
CVE-2016-6079 1 Ibm 2 Aix, Vios 2024-02-28 7.2 HIGH 7.8 HIGH
IBM AIX 5.3, 6.1, 7.1, and 7.2 contains an unspecified vulnerability that would allow a locally authenticated user to obtain root level privileges. IBM APARs: IV88658, IV87981, IV88419, IV87640, IV88053.
CVE-2015-4948 1 Ibm 2 Aix, Vios 2024-02-28 6.9 MEDIUM N/A
netstat in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.2.x, when a fibre channel adapter is used, allows local users to gain privileges via unspecified vectors.
CVE-2016-0266 1 Ibm 2 Aix, Vios 2024-02-28 4.3 MEDIUM 3.7 LOW
IBM AIX 5.3, 6.1, 7.1, and 7.2 and VIOS 2.2.x do not default to the latest TLS version, which makes it easier for man-in-the-middle attackers to obtain sensitive information via unspecified vectors.
CVE-2016-0281 1 Ibm 2 Aix, Vios 2024-02-28 4.3 MEDIUM 3.7 LOW
The mustendd driver in IBM AIX 5.3, 6.1, 7.1, and 7.2 and VIOS 2.2.x, when the jumbo_frames feature is not enabled, allows remote attackers to cause a denial of service (FC1763 or FC5899 adapter crash) via crafted packets.
CVE-2014-3566 11 Apple, Debian, Fedoraproject and 8 more 20 Mac Os X, Debian Linux, Fedora and 17 more 2024-02-28 4.3 MEDIUM 3.4 LOW
The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue.
CVE-2014-0930 1 Ibm 2 Aix, Vios 2024-02-28 4.7 MEDIUM N/A
The ptrace system call in IBM AIX 5.3, 6.1, and 7.1, and VIOS 2.2.x, allows local users to cause a denial of service (system crash) or obtain sensitive information from kernel memory via a crafted PT_LDINFO operation.
CVE-2014-8904 1 Ibm 2 Aix, Vios 2024-02-28 7.2 HIGH N/A
lquerylv in cmdlvm in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.2.x allows local users to gain privileges via a crafted DBGCMD_LQUERYLV environment-variable value.
CVE-2014-3977 1 Ibm 2 Aix, Vios 2024-02-28 6.9 MEDIUM N/A
libodm.a in IBM AIX 6.1 and 7.1, and VIOS 2.2.x, allows local users to overwrite arbitrary files via a symlink attack on a temporary file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-2179.
CVE-2014-3074 1 Ibm 2 Aix, Vios 2024-02-28 7.2 HIGH N/A
The runtime linker in IBM AIX 6.1 and 7.1 and VIOS 2.2.x allows local users to create a mode-666 root-owned file, and consequently gain privileges, by setting crafted MALLOCOPTIONS and MALLOCBUCKETS environment-variable values and then executing a setuid program.
CVE-2012-4833 1 Ibm 2 Aix, Vios 2024-02-28 2.1 LOW N/A
fuser in IBM AIX 6.1 and 7.1, and VIOS 2.2.1.4-FP-25 SP-02, does not properly restrict the -k option, which allows local users to kill arbitrary processes via a crafted command line.
CVE-2013-3035 1 Ibm 2 Aix, Vios 2024-02-28 7.1 HIGH N/A
The IPv6 implementation in the inet subsystem in IBM AIX 6.1 and 7.1, and VIOS 2.2.2.2-FP-26 SP-02, allows remote attackers to cause a denial of service (system hang) via a crafted packet to an IPv6 interface.
CVE-2012-4817 1 Ibm 2 Aix, Vios 2024-02-28 5.0 MEDIUM N/A
The NFSv4 client implementation in IBM AIX 5.3, 6.1, and 7.1, and VIOS before 2.2.1.4-FP-25 SP-02, does not properly handle GID values, which allows remote attackers to cause a denial of service via unspecified vectors.