Aix
by IBM
CVEs (402)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-1999-0122 | 0.03 | — | 0.01 | Jul 21, 1997 | Buffer overflow in AIX lchangelv gives root access. | |||
| CVE-1999-0064 | 0.03 | — | 0.01 | May 26, 1997 | Buffer overflow in AIX lquerylv program gives root access to local users. | |||
| CVE-1999-0040 | 0.03 | — | 0.01 | May 1, 1997 | Buffer overflow in Xt library of X Windowing System allows local users to execute commands with root privileges. | |||
| CVE-1999-0112 | 0.03 | — | 0.01 | May 1, 1997 | Buffer overflow in AIX dtterm program for the CDE. | |||
| CVE-1999-1408 | 0.03 | — | 0.01 | Mar 5, 1997 | Vulnerability in AIX 4.1.4 and HP-UX 10.01 and 9.05 allows local users to cause a denial of service (crash) by using a socket to connect to a port on the localhost, calling shutdown to clear the socket, then using the same socket to connect to a different port on localhost. | |||
| CVE-1999-0130 | 0.03 | — | 0.01 | Nov 16, 1996 | Local users can start Sendmail in daemon mode and gain root privileges. | |||
| CVE-1999-0116 | 0.03 | — | 0.06 | Sep 19, 1996 | Denial of service when an attacker sends many SYN packets to create multiple connections without ever sending an ACK to complete the connection, aka SYN flood. | |||
| CVE-1999-0023 | 0.03 | — | 0.01 | Jul 24, 1996 | Local user gains root privileges via buffer overflow in rdist, via lookup() function. | |||
| CVE-2002-0679 | 0.02 | — | 0.23 | Sep 5, 2002 | Buffer overflow in Common Desktop Environment (CDE) ToolTalk RPC database server (rpc.ttdbserverd) allows remote attackers to execute arbitrary code via an argument to the _TT_CREATE_FILE procedure. | |||
| CVE-2012-4817 | 0.01 | — | 0.08 | Sep 14, 2012 | The NFSv4 client implementation in IBM AIX 5.3, 6.1, and 7.1, and VIOS before 2.2.1.4-FP-25 SP-02, does not properly handle GID values, which allows remote attackers to cause a denial of service via unspecified vectors. | |||
| CVE-2005-4272 | 0.01 | — | 0.09 | Dec 15, 2005 | Multiple buffer overflows in IBM AIX 5.1, 5.2, and 5.3 allow remote attackers to execute arbitrary code via (1) muxatmd and (2) slocal. | |||
| CVE-2004-0368 | 0.01 | — | 0.11 | May 4, 2004 | Double free vulnerability in dtlogin in CDE on Solaris, HP-UX, and other operating systems allows remote attackers to execute arbitrary code via a crafted XDMCP packet. | |||
| CVE-2003-0028 | 0.01 | — | 0.15 | Mar 25, 2003 | Integer overflow in the xdrmem_getbytes() function, and possibly other functions, of XDR (external data representation) libraries derived from SunRPC, including libnsl, libc, glibc, and dietlibc, allows remote attackers to execute arbitrary code via certain integer values in… | |||
| CVE-2002-0677 | 0.01 | — | 0.07 | Jul 23, 2002 | CDE ToolTalk database server (ttdbserver) allows remote attackers to overwrite arbitrary memory locations with a zero, and possibly gain privileges, via a file descriptor argument in an AUTH_UNIX procedure call, which is used as a table index by the _TT_ISCLOSE procedure. | |||
| CVE-2002-0678 | 0.01 | — | 0.09 | Jul 23, 2002 | CDE ToolTalk database server (ttdbserver) allows local users to overwrite arbitrary files via a symlink attack on the transaction log file used by the _TT_TRANSACTION RPC procedure. | |||
| CVE-2002-1621 | 0.01 | — | 0.07 | Apr 22, 2002 | Buffer overflow in the file_comp function in rcp for IBM AIX 4.3.x and 5.1 allows remote attackers to execute arbitrary code. | |||
| CVE-1999-0057 | 0.01 | — | 0.08 | Nov 16, 1998 | Vacation program allows command execution by remote users through a sendmail command. | |||
| CVE-1999-0627 | 0.01 | — | 0.07 | Mar 1, 1992 | The rexd service is running, which uses weak authentication that can allow an attacker to execute commands. | |||
| CVE-2025-36236 | 0.00 | — | 0.00 | Nov 13, 2025 | IBM AIX 7.2, and 7.3 and IBM VIOS 3.1, and 4.1 NIM server (formerly known as NIM master) service (nimesis) could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request to write arbitrary files on the system. | |||
| CVE-2025-36250 | 0.00 | — | 0.01 | Nov 13, 2025 | IBM AIX 7.2, and 7.3 and IBM VIOS 3.1, and 4.1 NIM server (formerly known as NIM master) service (nimesis) could allow a remote attacker to execute arbitrary commands due to improper process controls. This addresses additional attack vectors for a vulnerability that was… |
- CVE-1999-0122Jul 21, 1997risk 0.03cvss —epss 0.01
Buffer overflow in AIX lchangelv gives root access.
- CVE-1999-0064May 26, 1997risk 0.03cvss —epss 0.01
Buffer overflow in AIX lquerylv program gives root access to local users.
- CVE-1999-0040May 1, 1997risk 0.03cvss —epss 0.01
Buffer overflow in Xt library of X Windowing System allows local users to execute commands with root privileges.
- CVE-1999-0112May 1, 1997risk 0.03cvss —epss 0.01
Buffer overflow in AIX dtterm program for the CDE.
- CVE-1999-1408Mar 5, 1997risk 0.03cvss —epss 0.01
Vulnerability in AIX 4.1.4 and HP-UX 10.01 and 9.05 allows local users to cause a denial of service (crash) by using a socket to connect to a port on the localhost, calling shutdown to clear the socket, then using the same socket to connect to a different port on localhost.
- CVE-1999-0130Nov 16, 1996risk 0.03cvss —epss 0.01
Local users can start Sendmail in daemon mode and gain root privileges.
- CVE-1999-0116Sep 19, 1996risk 0.03cvss —epss 0.06
Denial of service when an attacker sends many SYN packets to create multiple connections without ever sending an ACK to complete the connection, aka SYN flood.
- CVE-1999-0023Jul 24, 1996risk 0.03cvss —epss 0.01
Local user gains root privileges via buffer overflow in rdist, via lookup() function.
- CVE-2002-0679Sep 5, 2002risk 0.02cvss —epss 0.23
Buffer overflow in Common Desktop Environment (CDE) ToolTalk RPC database server (rpc.ttdbserverd) allows remote attackers to execute arbitrary code via an argument to the _TT_CREATE_FILE procedure.
- CVE-2012-4817Sep 14, 2012risk 0.01cvss —epss 0.08
The NFSv4 client implementation in IBM AIX 5.3, 6.1, and 7.1, and VIOS before 2.2.1.4-FP-25 SP-02, does not properly handle GID values, which allows remote attackers to cause a denial of service via unspecified vectors.
- CVE-2005-4272Dec 15, 2005risk 0.01cvss —epss 0.09
Multiple buffer overflows in IBM AIX 5.1, 5.2, and 5.3 allow remote attackers to execute arbitrary code via (1) muxatmd and (2) slocal.
- CVE-2004-0368May 4, 2004risk 0.01cvss —epss 0.11
Double free vulnerability in dtlogin in CDE on Solaris, HP-UX, and other operating systems allows remote attackers to execute arbitrary code via a crafted XDMCP packet.
- CVE-2003-0028Mar 25, 2003risk 0.01cvss —epss 0.15
Integer overflow in the xdrmem_getbytes() function, and possibly other functions, of XDR (external data representation) libraries derived from SunRPC, including libnsl, libc, glibc, and dietlibc, allows remote attackers to execute arbitrary code via certain integer values in…
- CVE-2002-0677Jul 23, 2002risk 0.01cvss —epss 0.07
CDE ToolTalk database server (ttdbserver) allows remote attackers to overwrite arbitrary memory locations with a zero, and possibly gain privileges, via a file descriptor argument in an AUTH_UNIX procedure call, which is used as a table index by the _TT_ISCLOSE procedure.
- CVE-2002-0678Jul 23, 2002risk 0.01cvss —epss 0.09
CDE ToolTalk database server (ttdbserver) allows local users to overwrite arbitrary files via a symlink attack on the transaction log file used by the _TT_TRANSACTION RPC procedure.
- CVE-2002-1621Apr 22, 2002risk 0.01cvss —epss 0.07
Buffer overflow in the file_comp function in rcp for IBM AIX 4.3.x and 5.1 allows remote attackers to execute arbitrary code.
- CVE-1999-0057Nov 16, 1998risk 0.01cvss —epss 0.08
Vacation program allows command execution by remote users through a sendmail command.
- CVE-1999-0627Mar 1, 1992risk 0.01cvss —epss 0.07
The rexd service is running, which uses weak authentication that can allow an attacker to execute commands.
- CVE-2025-36236Nov 13, 2025risk 0.00cvss —epss 0.00
IBM AIX 7.2, and 7.3 and IBM VIOS 3.1, and 4.1 NIM server (formerly known as NIM master) service (nimesis) could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request to write arbitrary files on the system.
- CVE-2025-36250Nov 13, 2025risk 0.00cvss —epss 0.01
IBM AIX 7.2, and 7.3 and IBM VIOS 3.1, and 4.1 NIM server (formerly known as NIM master) service (nimesis) could allow a remote attacker to execute arbitrary commands due to improper process controls. This addresses additional attack vectors for a vulnerability that was…
Page 5 of 21