Total
813 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2012-1796 | 4 Hp, Ibm, Linux and 1 more | 5 Hp-ux, Aix, Db2 and 2 more | 2026-04-29 | 7.2 HIGH | N/A |
| Unspecified vulnerability in IBM Tivoli Monitoring Agent (ITMA), as used in IBM DB2 9.5 before FP9 on UNIX, allows local users to gain privileges via unknown vectors. | |||||
| CVE-2012-2192 | 1 Ibm | 2 Aix, Vios | 2026-04-29 | 4.9 MEDIUM | N/A |
| The socketpair function in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.2.1.4-FP-25 SP-02 allows local users to cause a denial of service (system crash) via a crafted application that leverages the presence of a socket on the free list. | |||||
| CVE-2011-1385 | 1 Ibm | 2 Aix, Vios | 2026-04-29 | 7.8 HIGH | N/A |
| IBM AIX 5.3, 6.1, and 7.1, and VIOS 2.1.x and 2.2.x, allows remote attackers to cause a denial of service (system crash) via an ICMP Echo Reply packet that contains 1 in the Identifier field, a different vulnerability than CVE-2012-0194. | |||||
| CVE-2013-4011 | 1 Ibm | 2 Aix, Vios | 2026-04-29 | 7.2 HIGH | N/A |
| Multiple unspecified vulnerabilities in the InfiniBand subsystem in IBM AIX 6.1 and 7.1, and VIOS 2.2.2.2-FP-26 SP-02, allow local users to gain privileges via vectors involving (1) arp.ib or (2) ibstat. | |||||
| CVE-2013-4002 | 9 Apache, Canonical, Hp and 6 more | 21 Xerces2 Java, Ubuntu Linux, Hp-ux and 18 more | 2026-04-29 | 7.1 HIGH | N/A |
| XMLscanner.java in Apache Xerces2 Java Parser before 2.12.0, as used in the Java Runtime Environment (JRE) in IBM Java 5.0 before 5.0 SR16-FP3, 6 before 6 SR14, 6.0.1 before 6.0.1 SR6, and 7 before 7 SR5 as well as Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, Java SE Embedded 7u40 and earlier, and possibly other products allows remote attackers to cause a denial of service via vectors related to XML attribute names. | |||||
| CVE-2012-4845 | 1 Ibm | 2 Aix, Vios | 2026-04-29 | 6.8 MEDIUM | N/A |
| The FTP client in IBM AIX 6.1 and 7.1, and VIOS 2.2.1.4-FP-25 SP-02, does not properly manage privileges in an RBAC environment, which allows attackers to bypass intended file-read restrictions by leveraging the setuid installation of the ftp executable file. | |||||
| CVE-2013-3005 | 1 Ibm | 2 Aix, Vios | 2026-04-29 | 8.5 HIGH | N/A |
| The TFTP client in IBM AIX 6.1 and 7.1, and VIOS 2.2.2.2-FP-26 SP-02, when RBAC is enabled, allows remote authenticated users to bypass intended file-ownership restrictions, and read or overwrite arbitrary files, via unspecified vectors. | |||||
| CVE-2008-7288 | 1 Ibm | 2 Aix, Tivoli Directory Server | 2026-04-29 | 5.0 MEDIUM | N/A |
| IBM Tivoli Directory Server (TDS) 5.2 before 5.2.0.5-TIV-ITDS-LA0007 on AIX allows remote attackers to cause a denial of service (server destabilization) via an anonymous DIGEST-MD5 LDAP Bind operation. | |||||
| CVE-2011-1222 | 2 Ibm, Microsoft | 3 Aix, Tivoli Storage Manager, Windows | 2026-04-29 | 7.2 HIGH | N/A |
| Buffer overflow in the Journal Based Backup (JBB) feature in the backup-archive client in IBM Tivoli Storage Manager (TSM) before 5.4.3.4, 5.5.x before 5.5.3, 6.x before 6.1.4, and 6.2.x before 6.2.2 on Windows and AIX allows local users to gain privileges via unspecified vectors. | |||||
| CVE-2010-3187 | 1 Ibm | 1 Aix | 2026-04-29 | 10.0 HIGH | N/A |
| Buffer overflow in ftpd in IBM AIX 5.3 and earlier allows remote attackers to execute arbitrary code via a long NLST command. | |||||
| CVE-2012-2179 | 1 Ibm | 1 Aix | 2026-04-29 | 6.9 MEDIUM | N/A |
| libodm.a in IBM AIX 5.3, 6.1, and 7.1 allows local users to overwrite arbitrary files via a symlink attack on a temporary file. | |||||
| CVE-2013-3035 | 1 Ibm | 2 Aix, Vios | 2026-04-29 | 7.1 HIGH | N/A |
| The IPv6 implementation in the inet subsystem in IBM AIX 6.1 and 7.1, and VIOS 2.2.2.2-FP-26 SP-02, allows remote attackers to cause a denial of service (system hang) via a crafted packet to an IPv6 interface. | |||||
| CVE-2012-0745 | 1 Ibm | 2 Aix, Vios | 2026-04-29 | 7.2 HIGH | N/A |
| The getpwnam function in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.1.0.10 through 2.2.1.3 does not properly interact with customer-extended LDAP user filtering, which allows local users to gain privileges via unspecified vectors. | |||||
| CVE-2011-1375 | 1 Ibm | 1 Aix | 2026-04-29 | 4.9 MEDIUM | N/A |
| IBM AIX 6.1 and 7.1 does not restrict the wpar_limits_config and wpar_limits_modify system calls, which allows local users to cause a denial of service (system crash) via a crafted call. | |||||
| CVE-2010-3405 | 1 Ibm | 2 Aix, Vios | 2026-04-29 | 6.8 MEDIUM | N/A |
| Buffer overflow in sa_snap in the bos.esagent fileset in IBM AIX 6.1, 5.3, and earlier and VIOS 2.1, 1.5, and earlier allows local users to leverage system group membership and gain privileges via unspecified vectors. | |||||
| CVE-2012-0711 | 3 Ibm, Linux, Sun | 4 Aix, Db2, Linux Kernel and 1 more | 2026-04-29 | 7.5 HIGH | N/A |
| Integer signedness error in the db2dasrrm process in the DB2 Administration Server (DAS) in IBM DB2 9.1 through FP11, 9.5 before FP9, and 9.7 through FP5 on UNIX platforms allows remote attackers to execute arbitrary code via a crafted request that triggers a heap-based buffer overflow. | |||||
| CVE-2010-4622 | 1 Ibm | 2 Aix, Tivoli Access Manager For E-business | 2026-04-29 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in WebSEAL in IBM Tivoli Access Manager for e-business 6.1.1 before 6.1.1-TIV-AWS-FP0001 on AIX allows remote attackers to read arbitrary files via a %uff0e%uff0e (encoded dot dot) in a URI. | |||||
| CVE-2010-2090 | 2 Ibm, Microsoft | 3 Aix, Communications Server, Windows | 2026-04-29 | 5.0 MEDIUM | N/A |
| The npb_protocol_error function in sna V5router64 in IBM Communications Server for Windows 6.1.3 and Communications Server for AIX (aka CSAIX or CS/AIX) in sna.rte before 6.3.1.2 allows remote attackers to cause a denial of service (daemon crash) via APPC data containing a GDSID variable with a GDS length that is too small. | |||||
| CVE-2012-0723 | 1 Ibm | 2 Aix, Vios | 2026-04-29 | 4.9 MEDIUM | N/A |
| The kernel in IBM AIX 5.3, 6.1, and 7.1, and VIOS 2.2.1.4-FP-25 SP-02, does not properly implement the dupmsg system call, which allows local users to cause a denial of service (system crash) via a crafted application. | |||||
| CVE-2011-3982 | 1 Ibm | 1 Aix | 2026-04-29 | 2.1 LOW | N/A |
| The Fibre Channel driver for QLogic adapters in IBM AIX 6.1 and 7.1 does not properly handle DMA resource limitations, which allows local users to cause a denial of service (system hang) via vectors that generate a large amount of DMA I/O, related to a deadlock in timer processing across CPUs. | |||||