Total
701 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2009-1292 | 2 Ibm, Unix | 3 Aix, Rational Clearcase, Unix | 2023-12-10 | 2.1 LOW | N/A |
UCM-CQ in IBM Rational ClearCase 7.0.0.x before 7.0.0.5, 7.0.1.x before 7.0.1.4, and 7.1.x before 7.1.0.1 on Linux and AIX places a username and password on the command line, which allows local users to obtain credentials by listing the process. | |||||
CVE-2008-2514 | 1 Ibm | 1 Aix | 2023-12-10 | 4.6 MEDIUM | N/A |
Buffer overflow in errpt in IBM AIX 5.2, 5.3, and 6.1 allows local users to gain privileges via unknown attack vectors. | |||||
CVE-2009-0370 | 1 Ibm | 1 Aix | 2023-12-10 | 7.2 HIGH | N/A |
Multiple unspecified vulnerabilities in IBM AIX 5.2.0 through 6.1.2 allow local users to append data to arbitrary files, related to (1) rmsock and (2) rmsock64 not creating "secure log files." | |||||
CVE-2009-0779 | 1 Ibm | 1 Aix | 2023-12-10 | 7.2 HIGH | N/A |
Buffer overflow in pppdial in IBM AIX 5.3 and 6.1 allows local users to gain privileges via a long "input string." | |||||
CVE-2009-2669 | 1 Ibm | 1 Aix | 2023-12-10 | 7.2 HIGH | N/A |
A certain debugging component in IBM AIX 5.3 and 6.1 does not properly handle the (1) _LIB_INIT_DBG and (2) _LIB_INIT_DBG_FILE environment variables, which allows local users to gain privileges by leveraging a setuid-root program to create an arbitrary root-owned file with world-writable permissions, related to libC.a (aka the XL C++ runtime library) in AIX 5.3 and libc.a in AIX 6.1. | |||||
CVE-2008-1598 | 1 Ibm | 1 Aix | 2023-12-10 | 4.7 MEDIUM | N/A |
The kernel in IBM AIX 6.1 allows local users with ProbeVue privileges to read arbitrary kernel memory and obtain sensitive information via unspecified vectors. | |||||
CVE-2009-1355 | 1 Ibm | 1 Aix | 2023-12-10 | 7.2 HIGH | N/A |
Stack-based buffer overflow in muxatmd in IBM AIX 5.2, 5.3, and 6.1 allows local users to gain privileges via a long filename. | |||||
CVE-2009-1522 | 2 Ibm, Microsoft | 3 Aix, Tivoli Storage Manager Client, Windows | 2023-12-10 | 7.1 HIGH | N/A |
The IBM Tivoli Storage Manager (TSM) client 5.5.0.0 through 5.5.1.17 on AIX and Windows, when SSL is used, allows remote attackers to conduct unspecified man-in-the-middle attacks and read arbitrary files via unknown vectors. | |||||
CVE-2008-1601 | 1 Ibm | 1 Aix | 2023-12-10 | 7.2 HIGH | N/A |
Stack-based buffer overflow in the reboot program on IBM AIX 5.2 and 5.3 allows local users in the shutdown group to gain privileges. | |||||
CVE-2009-1954 | 1 Ibm | 1 Aix | 2023-12-10 | 7.8 HIGH | N/A |
Unspecified vulnerability in portmapper (aka portmap) in IBM AIX 5.3 allows attackers to cause a denial of service (daemon hang) via unknown vectors, related to libtli. | |||||
CVE-2008-4018 | 1 Ibm | 1 Aix | 2023-12-10 | 7.2 HIGH | N/A |
swcons in bos.rte.console in IBM AIX 5.2.0 through 6.1.1 allows local users in the system group to create or overwrite an arbitrary file, and establish weak permissions and root ownership for this file, via unspecified vectors. NOTE: this can be leveraged to gain privileges. NOTE: this issue exists because of an incomplete fix for CVE-2007-5805. | |||||
CVE-2008-1597 | 1 Ibm | 1 Aix | 2023-12-10 | 4.9 MEDIUM | N/A |
The WPAR system call implementation in the kernel in IBM AIX 6.1 allows local users to cause a denial of service via unknown calls that trigger "undefined behavior." | |||||
CVE-2007-5764 | 1 Ibm | 1 Aix | 2023-12-10 | 7.2 HIGH | N/A |
Buffer overflow in the pioout program in printers.rte in IBM AIX 5.2, 5.3, and 6.1 allows local users to gain privileges via a long command line option. | |||||
CVE-2007-4797 | 1 Ibm | 1 Aix | 2023-12-10 | 7.2 HIGH | N/A |
Multiple buffer overflows in unspecified svprint (System V print) commands in bos.svprint.rte in IBM AIX 5.2 and 5.3 allow local users to gain privileges via unspecified vectors. | |||||
CVE-2006-5010 | 1 Ibm | 1 Aix | 2023-12-10 | 7.2 HIGH | N/A |
Untrusted search path vulnerability in acctctl in IBM AIX 5.3.0 allows local users to execute arbitrary commands by modifying the path to point to a malicious mkdir program. | |||||
CVE-2007-1913 | 8 Apple, Hp, Ibm and 5 more | 11 Macos, Hp-ux, Tru64 and 8 more | 2023-12-10 | 5.0 MEDIUM | N/A |
The TRUSTED_SYSTEM_SECURITY function in the SAP RFC Library 6.40 and 7.00 before 20061211 allows remote attackers to verify the existence of users and groups on systems and domains via unspecified vectors, a different vulnerability than CVE-2006-6010. NOTE: This information is based upon a vague initial disclosure. Details will be updated after the grace period has ended. | |||||
CVE-2007-4228 | 1 Ibm | 1 Aix | 2023-12-10 | 4.7 MEDIUM | N/A |
rmpvc on IBM AIX 4.3 allows local users to cause a denial of service (system crash) via long port logical name (-l) argument. | |||||
CVE-2007-0618 | 1 Ibm | 1 Aix | 2023-12-10 | 7.5 HIGH | N/A |
Unspecified vulnerability in (1) pop3d, (2) pop3ds, (3) imapd, and (4) imapds in IBM AIX 5.3.0 has unspecified impact and attack vectors, involving an "authentication vulnerability." | |||||
CVE-2007-0392 | 1 Ibm | 1 Aix | 2023-12-10 | 4.6 MEDIUM | N/A |
IBM AIX 5.3 does not properly verify the status of file descriptors before setuid execution, which allows local users to gain privileges by closing file descriptor 0, 1, or 2 and then invoking a setuid program, a variant of CVE-2002-0572. | |||||
CVE-2007-4798 | 1 Ibm | 1 Aix | 2023-12-10 | 6.6 MEDIUM | N/A |
Unspecified vulnerability in invscout in Inventory Scout in invscout.rte in IBM AIX 5.2 and 5.3 allows local users to delete system files that have names matching the final substring of a hostname alias, as demonstrated by hostnames ending in "unix". |