Total
795 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-8904 | 1 Ibm | 2 Aix, Vios | 2025-04-12 | 7.2 HIGH | N/A |
| lquerylv in cmdlvm in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.2.x allows local users to gain privileges via a crafted DBGCMD_LQUERYLV environment-variable value. | |||||
| CVE-2014-4805 | 2 Ibm, Linux | 3 Aix, Db2, Linux Kernel | 2025-04-12 | 2.1 LOW | N/A |
| IBM DB2 10.5 before FP4 on Linux and AIX creates temporary files during CDE table LOAD operations, which allows local users to obtain sensitive information by reading a file while a LOAD is occurring. | |||||
| CVE-2016-5995 | 3 Hp, Ibm, Linux | 5 Hp-ux, Aix, Db2 and 2 more | 2025-04-12 | 6.9 MEDIUM | 7.3 HIGH |
| Untrusted search path vulnerability in IBM DB2 9.7 through FP11, 10.1 through FP5, 10.5 before FP8, and 11.1 GA on Linux, AIX, and HP-UX allows local users to gain privileges via a Trojan horse library that is accessed by a setuid or setgid program. | |||||
| CVE-2016-0281 | 1 Ibm | 2 Aix, Vios | 2025-04-12 | 4.3 MEDIUM | 3.7 LOW |
| The mustendd driver in IBM AIX 5.3, 6.1, 7.1, and 7.2 and VIOS 2.2.x, when the jumbo_frames feature is not enabled, allows remote attackers to cause a denial of service (FC1763 or FC5899 adapter crash) via crafted packets. | |||||
| CVE-2015-4948 | 1 Ibm | 2 Aix, Vios | 2025-04-12 | 6.9 MEDIUM | N/A |
| netstat in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.2.x, when a fibre channel adapter is used, allows local users to gain privileges via unspecified vectors. | |||||
| CVE-2011-1384 | 1 Ibm | 2 Aix, Invscout.rte | 2025-04-11 | 4.0 MEDIUM | N/A |
| The (1) bin/invscoutClient_VPD_Survey and (2) sbin/invscout_lsvpd programs in invscout.rte before 2.2.0.19 on IBM AIX 7.1, 6.1, 5.3, and earlier allow local users to delete arbitrary files, or trigger inventory scout operations on arbitrary files, via a symlink attack on an unspecified file. | |||||
| CVE-2010-3187 | 1 Ibm | 1 Aix | 2025-04-11 | 10.0 HIGH | N/A |
| Buffer overflow in ftpd in IBM AIX 5.3 and earlier allows remote attackers to execute arbitrary code via a long NLST command. | |||||
| CVE-2010-1347 | 2 Ibm, Linux | 3 Aix, Director Agent, Linux Kernel | 2025-04-11 | 7.2 HIGH | N/A |
| Director Agent 6.1 before 6.1.2.3 in IBM Systems Director on AIX and Linux uses incorrect permissions for the (1) diruninstall and (2) opt/ibm/director/bin/wcitinst scripts, which allows local users to gain privileges by executing these scripts. | |||||
| CVE-2012-2179 | 1 Ibm | 1 Aix | 2025-04-11 | 6.9 MEDIUM | N/A |
| libodm.a in IBM AIX 5.3, 6.1, and 7.1 allows local users to overwrite arbitrary files via a symlink attack on a temporary file. | |||||
| CVE-2011-4160 | 4 Hp, Ibm, Linux and 1 more | 6 Hp-ux, Operations Agent, Performance Agent and 3 more | 2025-04-11 | 3.2 LOW | N/A |
| Unspecified vulnerability in HP Operations Agent 11.00 and Performance Agent 4.73 and 5.0 on AIX, HP-UX, Linux, and Solaris allows local users to bypass intended directory-access restrictions via unknown vectors. | |||||
| CVE-2013-4002 | 9 Apache, Canonical, Hp and 6 more | 21 Xerces2 Java, Ubuntu Linux, Hp-ux and 18 more | 2025-04-11 | 7.1 HIGH | N/A |
| XMLscanner.java in Apache Xerces2 Java Parser before 2.12.0, as used in the Java Runtime Environment (JRE) in IBM Java 5.0 before 5.0 SR16-FP3, 6 before 6 SR14, 6.0.1 before 6.0.1 SR6, and 7 before 7 SR5 as well as Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, Java SE Embedded 7u40 and earlier, and possibly other products allows remote attackers to cause a denial of service via vectors related to XML attribute names. | |||||
| CVE-2011-1561 | 1 Ibm | 1 Aix | 2025-04-11 | 6.8 MEDIUM | N/A |
| The LDAP login feature in bos.rte.security 6.1.6.4 in IBM AIX 6.1, when ldap_auth is enabled in ldap.cfg, allows remote attackers to bypass authentication via a login attempt with an arbitrary password. | |||||
| CVE-2010-4773 | 4 Hitachi, Ibm, Linux and 1 more | 6 Eur Form Client, Eur Form Service, Ucosminexus Eur Form Service and 3 more | 2025-04-11 | 10.0 HIGH | N/A |
| Unspecified vulnerability in Hitachi EUR Form Client before 05-10 -/D 2010.11.15 and 05-10-CA (* 2) 2010.11.15; Hitachi EUR Form Service before 05-10 -/D 2010.11.15; and uCosminexus EUR Form Service before 07-60 -/D 2010.11.15 on Windows, before 05-10 -/D 2010.11.15 and 07-50 -/D 2010.11.15 on Linux, and before 07-50 -/C 2010.11.15 on AIX; allows remote attackers to execute arbitrary code via unknown attack vectors. | |||||
| CVE-2010-2594 | 7 Ibm, Intersect Alliance, Linux and 4 more | 14 Aix, Snare Agent, Snare Epilog and 11 more | 2025-04-11 | 6.8 MEDIUM | N/A |
| Multiple cross-site request forgery (CSRF) vulnerabilities in the web management interface in InterSect Alliance Snare Agent 3.2.3 and earlier on Solaris, Snare Agent 3.1.7 and earlier on Windows, Snare Agent 1.5.0 and earlier on Linux and AIX, Snare Agent 1.4 and earlier on IRIX, Snare Epilog 1.5.3 and earlier on Windows, and Snare Epilog 1.2 and earlier on UNIX allow remote attackers to hijack the authentication of administrators for requests that (1) change the password or (2) change the listening port. | |||||
| CVE-2012-0723 | 1 Ibm | 2 Aix, Vios | 2025-04-11 | 4.9 MEDIUM | N/A |
| The kernel in IBM AIX 5.3, 6.1, and 7.1, and VIOS 2.2.1.4-FP-25 SP-02, does not properly implement the dupmsg system call, which allows local users to cause a denial of service (system crash) via a crafted application. | |||||
| CVE-2012-0194 | 1 Ibm | 1 Aix | 2025-04-11 | 7.1 HIGH | N/A |
| The TCP implementation in IBM AIX 5.3, 6.1, and 7.1, when the Large Send Offload option is enabled, allows remote attackers to cause a denial of service (assertion failure and panic) via an unspecified series of packets. | |||||
| CVE-2011-1385 | 1 Ibm | 2 Aix, Vios | 2025-04-11 | 7.8 HIGH | N/A |
| IBM AIX 5.3, 6.1, and 7.1, and VIOS 2.1.x and 2.2.x, allows remote attackers to cause a denial of service (system crash) via an ICMP Echo Reply packet that contains 1 in the Identifier field, a different vulnerability than CVE-2012-0194. | |||||
| CVE-2012-4817 | 1 Ibm | 2 Aix, Vios | 2025-04-11 | 5.0 MEDIUM | N/A |
| The NFSv4 client implementation in IBM AIX 5.3, 6.1, and 7.1, and VIOS before 2.2.1.4-FP-25 SP-02, does not properly handle GID values, which allows remote attackers to cause a denial of service via unspecified vectors. | |||||
| CVE-2013-5419 | 1 Ibm | 1 Aix | 2025-04-11 | 6.9 MEDIUM | N/A |
| Multiple buffer overflows in (1) mkque and (2) mkquedev in bos.rte.printers in IBM AIX 6.1 and 7.1 allow local users to gain privileges by leveraging printq group membership. | |||||
| CVE-2012-2200 | 1 Ibm | 2 Aix, Vios | 2025-04-11 | 7.2 HIGH | N/A |
| The default configuration of sendmail in IBM AIX 6.1 and 7.1, and VIOS 2.2.1.4-FP-25 SP-02, allows local users to gain privileges by entering a command in a .forward file in a home directory. | |||||