VYPR

Vios

by IBM

CVEs (83)

  • CVE-2021-29862Aug 26, 2021
    risk 0.00cvss epss 0.00

    IBM AIX 7.1, 7.2, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the AIX kernel to cause a denial of service. IBM X-Force ID: 206086.

  • CVE-2021-29801Aug 26, 2021
    risk 0.00cvss epss 0.00

    IBM AIX 7.1, 7.2, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the kernel to gain root privileges. IBM X-Force ID: 203977.

  • CVE-2021-29727Aug 26, 2021
    risk 0.00cvss epss 0.00

    IBM AIX 7.1, 7.2, and VIOS 3.1 could allow a local user to exploit a vulnerability in the AIX kernel to cause a denial of service. IBM X-Force ID: 201106.

  • CVE-2021-29741Aug 2, 2021
    risk 0.00cvss epss 0.00

    IBM AIX 7.1, 7.2, and VIOS 3.1 could allow a local user to exploit a vulnerability in Korn Shell (ksh) to gain root privileges. IBM X-Force ID: 201478.

  • CVE-2021-29693Jun 28, 2021
    risk 0.00cvss epss 0.01

    IBM AIX 7.1, 7.2, and VIOS 3.1 could allow a local user that is in the with elevated group privileges to cause a denial of service due to a vulnerability in the lpd daemon. IBM X-Force ID: 200255.

  • CVE-2020-4887Jan 20, 2021
    risk 0.00cvss epss 0.00

    IBM AIX 7.1, 7.2 and AIX VIOS 3.1 could allow a local user to exploit a vulnerability in the gencore user command to create arbitrary files in any directory. IBM X-Force ID: 190911.

  • CVE-2020-4829Dec 10, 2020
    risk 0.00cvss epss 0.00

    IBM AIX 7.1, 7.2, and VIOS 3.1 could allow a local user to exploit a vulnerability in the ksu user command to gain root privileges. IBM X-Force ID: 189960.

  • CVE-2020-4788Nov 20, 2020
    risk 0.00cvss epss 0.00

    IBM Power9 (AIX 7.1, 7.2, and VIOS 3.1) processors could allow a local user to obtain sensitive information from the data in the L1 cache under extenuating circumstances. IBM X-Force ID: 189296.

  • CVE-2015-4948Oct 16, 2015
    risk 0.00cvss epss 0.00

    netstat in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.2.x, when a fibre channel adapter is used, allows local users to gain privileges via unspecified vectors.

  • CVE-2014-3074Jul 2, 2014
    risk 0.00cvss epss 0.01

    The runtime linker in IBM AIX 6.1 and 7.1 and VIOS 2.2.x allows local users to create a mode-666 root-owned file, and consequently gain privileges, by setting crafted MALLOCOPTIONS and MALLOCBUCKETS environment-variable values and then executing a setuid program.

  • CVE-2014-0930May 8, 2014
    risk 0.00cvss epss 0.00

    The ptrace system call in IBM AIX 5.3, 6.1, and 7.1, and VIOS 2.2.x, allows local users to cause a denial of service (system crash) or obtain sensitive information from kernel memory via a crafted PT_LDINFO operation.

  • CVE-2013-3005Jul 6, 2013
    risk 0.00cvss epss 0.03

    The TFTP client in IBM AIX 6.1 and 7.1, and VIOS 2.2.2.2-FP-26 SP-02, when RBAC is enabled, allows remote authenticated users to bypass intended file-ownership restrictions, and read or overwrite arbitrary files, via unspecified vectors.

  • CVE-2013-3035Jun 21, 2013
    risk 0.00cvss epss 0.04

    The IPv6 implementation in the inet subsystem in IBM AIX 6.1 and 7.1, and VIOS 2.2.2.2-FP-26 SP-02, allows remote attackers to cause a denial of service (system hang) via a crafted packet to an IPv6 interface.

  • CVE-2012-4845Oct 20, 2012
    risk 0.00cvss epss 0.02

    The FTP client in IBM AIX 6.1 and 7.1, and VIOS 2.2.1.4-FP-25 SP-02, does not properly manage privileges in an RBAC environment, which allows attackers to bypass intended file-read restrictions by leveraging the setuid installation of the ftp executable file.

  • CVE-2012-4833Oct 1, 2012
    risk 0.00cvss epss 0.00

    fuser in IBM AIX 6.1 and 7.1, and VIOS 2.2.1.4-FP-25 SP-02, does not properly restrict the -k option, which allows local users to kill arbitrary processes via a crafted command line.

  • CVE-2012-0723Jul 30, 2012
    risk 0.00cvss epss 0.00

    The kernel in IBM AIX 5.3, 6.1, and 7.1, and VIOS 2.2.1.4-FP-25 SP-02, does not properly implement the dupmsg system call, which allows local users to cause a denial of service (system crash) via a crafted application.

  • CVE-2012-2200Jun 27, 2012
    risk 0.00cvss epss 0.00

    The default configuration of sendmail in IBM AIX 6.1 and 7.1, and VIOS 2.2.1.4-FP-25 SP-02, allows local users to gain privileges by entering a command in a .forward file in a home directory.

  • CVE-2012-2192Jun 20, 2012
    risk 0.00cvss epss 0.00

    The socketpair function in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.2.1.4-FP-25 SP-02 allows local users to cause a denial of service (system crash) via a crafted application that leverages the presence of a socket on the free list.

  • CVE-2012-0745May 4, 2012
    risk 0.00cvss epss 0.00

    The getpwnam function in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.1.0.10 through 2.2.1.3 does not properly interact with customer-extended LDAP user filtering, which allows local users to gain privileges via unspecified vectors.

  • CVE-2011-1385Mar 2, 2012
    risk 0.00cvss epss 0.04

    IBM AIX 5.3, 6.1, and 7.1, and VIOS 2.1.x and 2.2.x, allows remote attackers to cause a denial of service (system crash) via an ICMP Echo Reply packet that contains 1 in the Identifier field, a different vulnerability than CVE-2012-0194.

Page 4 of 5