Every CVE whose affected-product data names Ibm Aix, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (200)
CVE-2000-0844 — CVSS 10.0 (critical): Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local…
CVE-2009-3699 — CVSS 10.0 (critical): Stack-based buffer overflow in libcsa.a (aka the calendar daemon library) in IBM AIX 5.x through 5.3.10 and 6.x through 6.1.3, and VIOS 2.1…
CVE-2002-1621 — CVSS 10.0 (critical): Buffer overflow in the file_comp function in rcp for IBM AIX 4.3.x and 5.1 allows remote attackers to execute arbitrary code.
CVE-2009-3517 — CVSS 10.0 (critical): nfs.ext in IBM AIX 5.3.x through 5.3.9 and 6.1.0 through 6.1.2 does not properly use the nfs_portmon setting, which allows remote attackers…
CVE-2002-1689 — CVSS 10.0 (critical): Unknown vulnerability in the login program on AIX before 4.0 could allow remote users to specify 100 or more environment variables when…
CVE-2002-1690 — CVSS 10.0 (critical): Unknown vulnerability in AIX before 4.0 with unknown attack vectors and unknown impact, aka "security issue," as fixed by APAR IY28225.
CVE-1999-0048 — CVSS 10.0 (critical): Talkd, when given corrupt DNS information, can be used to execute arbitrary commands with root privileges.
CVE-2002-0679 — CVSS 10.0 (critical): Buffer overflow in Common Desktop Environment (CDE) ToolTalk RPC database server (rpc.ttdbserverd) allows remote attackers to execute…
CVE-2003-0170 — CVSS 10.0 (critical): Unknown vulnerability in ftpd in IBM AIX 5.2, when configured to use Kerberos 5 for authentication, allows remote attackers to gain…
CVE-2002-0743 — CVSS 10.0 (critical): mail and mailx in AIX 4.3.3 core dump when called with a very long argument, an indication of a buffer overflow.
CVE-2003-0694 — CVSS 10.0 (critical): The prescan function in Sendmail 8.12.9 allows remote attackers to execute arbitrary code via buffer overflow attacks, as demonstrated…
CVE-2002-0744 — CVSS 10.0 (critical): namerslv in AIX 4.3.3 core dumps when called with a very long argument, possibly as a result of a buffer overflow.
CVE-2003-0784 — CVSS 10.0 (critical): Format string vulnerability in tsm for the bos.rte.security fileset on AIX 5.2 allows remote attackers to gain root privileges via login…
CVE-2006-5008 — CVSS 10.0 (critical): Unspecified vulnerability in utape in IBM AIX 5.2.0 and 5.3.0 allows attackers to execute arbitrary commands and overwrite arbitrary files…
CVE-2004-0368 — CVSS 10.0 (critical): Double free vulnerability in dtlogin in CDE on Solaris, HP-UX, and other operating systems allows remote attackers to execute arbitrary…
CVE-2004-2388 — CVSS 10.0 (critical): rexecd for AIX 4.3.3 does not properly use a local copy of the pwd structure when calling getpwnam, which may cause the structure to be…
CVE-2005-4272 — CVSS 10.0 (critical): Multiple buffer overflows in IBM AIX 5.1, 5.2, and 5.3 allow remote attackers to execute arbitrary code via (1) muxatmd and (2) slocal.
CVE-2010-3187 — CVSS 10.0 (critical): Buffer overflow in ftpd in IBM AIX 5.3 and earlier allows remote attackers to execute arbitrary code via a long NLST command.
CVE-2005-1037 — CVSS 10.0 (critical): Unknown vulnerability in AIX 5.3.0, when configured as an NIS client, allows remote attackers to gain root privileges.
CVE-2001-1440 — CVSS 10.0 (critical): Unknown vulnerability in login for AIX 5.1L, when using loadable authentication modules, allows remote attackers to gain access to the…
CVE-1999-0745 — CVSS 10.0 (critical): Buffer overflow in Source Code Browser Program Database Name Server Daemon (pdnsd) for the IBM AIX C Set ++ compiler.
CVE-1999-1405 — CVSS 10.0 (critical): snap command in AIX before 4.3.2 creates the /tmp/ibmsupt directory with world-readable permissions and does not remove or clear the…
CVE-2010-1039 — CVSS 10.0 (critical): Format string vulnerability in the _msgout function in rpc.pcnfsd in IBM AIX 6.1, 5.3, and earlier; IBM VIOS 2.1, 1.5, and earlier…
CVE-2025-36250 — CVSS 10.0 (critical): IBM AIX 7.2, and 7.3 and IBM VIOS 3.1, and 4.1 NIM server (formerly known as NIM master) service (nimesis) could allow a remote attacker to…
CVE-1999-0097 — CVSS 10.0 (critical): The AIX FTP client can be forced to execute commands from a malicious server through shell metacharacters (e.g. a pipe character).
CVE-1999-0101 — CVSS 10.0 (critical): Buffer overflow in AIX and Solaris "gethostbyname" library call allows root access through corrupt DNS host names.
CVE-2024-56346 — CVSS 10.0 (critical): IBM AIX 7.2 and 7.3 nimesis NIM master service could allow a remote attacker to execute arbitrary commands due to improper process controls.
CVE-2001-0554 — CVSS 10.0 (critical): Buffer overflow in BSD-based telnetd telnet daemon on various operating systems allows remote attackers to execute arbitrary commands via a…
CVE-2001-0671 — CVSS 10.0 (critical): Buffer overflows in (1) send_status, (2) kill_print, and (3) chk_fhost in lpd in AIX 4.3 and 5.1 allow remote attackers to gain root…
CVE-2001-0797 — CVSS 10.0 (critical): Buffer overflow in login in various System V based operating systems allows remote attackers to execute arbitrary commands via a large…
CVE-2001-1080 — CVSS 10.0 (critical): diagrpt in AIX 4.3.x and 5.1 uses the DIAGDATADIR environment variable to find and execute certain programs, which allows local users to…
CVE-2025-36251 — CVSS 9.6 (critical): IBM AIX 7.2, and 7.3 and IBM VIOS 3.1, and 4.1 nimsh service SSL/TLS implementations could allow a remote attacker to execute arbitrary…
CVE-2024-56347 — CVSS 9.6 (critical): IBM AIX 7.2 and 7.3 nimsh service SSL/TLS protection mechanisms could allow a remote attacker to execute arbitrary commands due to improper…
CVE-2009-2727 — CVSS 9.3 (critical): Stack-based buffer overflow in the _tt_internal_realpath function in the ToolTalk library (libtt.a) in IBM AIX 5.2.0, 5.3.0, 5.3.7 through…
CVE-2018-1383 — CVSS 9.1 (critical): A software logic bug creates a vulnerability in an AIX 6.1, 7.1, and 7.2 daemon which could allow a user with root privileges on one…
CVE-2025-36096 — CVSS 9.0 (critical): IBM AIX 7.2, and 7.3 and IBM VIOS 3.1, and 4.1 stores NIM private keys used in NIM environments in an insecure way which is susceptible to…
CVE-2022-22351 — CVSS 8.6 (high): IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a non-privileged trusted host user to exploit a vulnerability in the nimsh daemon to cause…
CVE-2013-3005 — CVSS 8.5 (high): The TFTP client in IBM AIX 6.1 and 7.1, and VIOS 2.2.2.2-FP-26 SP-02, when RBAC is enabled, allows remote authenticated users to bypass…
CVE-2023-45170 — CVSS 8.4 (high): IBM AIX 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the piobe command to escalate…
CVE-2023-45168 — CVSS 8.4 (high): IBM AIX 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the invscout command to execute…
CVE-2023-45166 — CVSS 8.4 (high): IBM AIX 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the piodmgrsu command to obtain…
CVE-2025-33112 — CVSS 8.4 (high): IBM AIX 7.3 and IBM VIOS 4.1.1 Perl implementation could allow a non-privileged local user to exploit a vulnerability to execute arbitrary…
CVE-2024-25021 — CVSS 8.4 (high): IBM AIX 7.3, VIOS 4.1's Perl implementation could allow a non-privileged local user to exploit a vulnerability to execute arbitrary…
CVE-2023-45174 — CVSS 8.4 (high): IBM AIX 7.2, 7.3, and VIOS 3.1 could allow a privileged local user to exploit a vulnerability in the qdaemon command to escalate privileges…
CVE-2022-41290 — CVSS 8.4 (high): IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the rm_rlcache_file command to…
CVE-2024-27260 — CVSS 8.4 (high): IBM AIX could 7.2, 7.3, VIOS 3.1, and VIOS 4.1 allow a non-privileged local user to exploit a vulnerability in the invscout command to…
CVE-2023-28528 — CVSS 8.4 (high): IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the invscout command to execute…
CVE-2023-26286 — CVSS 8.4 (high): IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the AIX runtime services library…
CVE-2025-36236 — CVSS 8.2 (high): IBM AIX 7.2, and 7.3 and IBM VIOS 3.1, and 4.1 NIM server (formerly known as NIM master) service (nimesis) could allow a remote attacker to…
CVE-2024-27273 — CVSS 8.1 (high): IBM AIX's Unix domain (AIX 7.2, 7.3, VIOS 3.1, and VIOS 4.1) datagram socket implementation could potentially expose applications using…
CVE-2021-29801 — CVSS 7.8 (high): IBM AIX 7.1, 7.2, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the kernel to gain root privileges…
CVE-2024-47115 — CVSS 7.8 (high): IBM AIX 7.2, 7.3 and VIOS 3.1 and 4.1 could allow a local user to execute arbitrary commands on the system due to improper neutralization…
CVE-2010-0922 — CVSS 7.8 (high): Unspecified vulnerability in secldapclntd in IBM AIX 5.3 with SP 5300-11-02 allows attackers to cause a denial of service (LDAP login…
CVE-2022-36768 — CVSS 7.8 (high): IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the invscout command to obtain…
CVE-2022-34356 — CVSS 7.8 (high): IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the AIX kernel to obtain root…
CVE-2017-1692 — CVSS 7.8 (high): IBM AIX 5.3, 6.1, 7.1, and 7.2 contains an unspecified vulnerability that would allow a locally authenticated user to obtain root level…
CVE-2016-6079 — CVSS 7.8 (high): IBM AIX 5.3, 6.1, 7.1, and 7.2 contains an unspecified vulnerability that would allow a locally authenticated user to obtain root level…
CVE-2017-1093 — CVSS 7.8 (high): IBM AIX 6.1, 7.1, and 7.2 could allow a local user to exploit a vulnerability in the bellmail binary to gain root privileges.
CVE-2016-8972 — CVSS 7.8 (high): IBM AIX 6.1, 7.1, and 7.2 could allow a local user to gain root privileges using a specially crafted command within the bellmail client…
CVE-2016-3053 — CVSS 7.8 (high): IBM AIX contains an unspecified vulnerability that would allow a locally authenticated user to obtain root level privileges.
CVE-2011-1385 — CVSS 7.8 (high): IBM AIX 5.3, 6.1, and 7.1, and VIOS 2.1.x and 2.2.x, allows remote attackers to cause a denial of service (system crash) via an ICMP Echo…
CVE-2021-29741 — CVSS 7.8 (high): IBM AIX 7.1, 7.2, and VIOS 3.1 could allow a local user to exploit a vulnerability in Korn Shell (ksh) to gain root privileges. IBM X-Force…
CVE-2010-1124 — CVSS 7.8 (high): bos.rte.libc 5.3.9.4 on IBM AIX 5.3 does not properly support reading a certain address field after a successful getaddrinfo function call…
CVE-2021-38991 — CVSS 7.8 (high): IBM AIX 7.0, 7.1, 7.2, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the lscore command which could…
CVE-2009-1954 — CVSS 7.8 (high): Unspecified vulnerability in portmapper (aka portmap) in IBM AIX 5.3 allows attackers to cause a denial of service (daemon hang) via…
CVE-2021-38990 — CVSS 7.8 (high): IBM AIX 7.1, 7.2, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the mount command which could lead to…
CVE-2020-4829 — CVSS 7.8 (high): IBM AIX 7.1, 7.2, and VIOS 3.1 could allow a local user to exploit a vulnerability in the ksu user command to gain root privileges. IBM…
CVE-2002-0677 — CVSS 7.5 (high): CDE ToolTalk database server (ttdbserver) allows remote attackers to overwrite arbitrary memory locations with a zero, and possibly gain…
CVE-2002-1622 — CVSS 7.5 (high): Buffer overflow in certain RPC routines in IBM AIX 4.3 may allow attackers to execute arbitrary code, related to a "variable data type."
CVE-2003-0028 — CVSS 7.5 (high): Integer overflow in the xdrmem_getbytes() function, and possibly other functions, of XDR (external data representation) libraries derived…
CVE-2003-0064 — CVSS 7.5 (high): The dtterm terminal emulator allows attackers to modify the window title via a certain character escape sequence and then insert it back to…
CVE-2003-0119 — CVSS 7.5 (high): The secldapclntd daemon in AIX 4.3, 5.1 and 5.2 uses an Internet socket when communicating with the loadmodule, which allows remote…
CVE-2003-0681 — CVSS 7.5 (high): A "potential buffer overflow in ruleset parsing" for Sendmail 8.12.9, when using the nonstandard rulesets (1) recipient (2), final, or (3)…
CVE-1999-0017 — CVSS 7.5 (high): FTP servers can allow an attacker to connect to arbitrary ports on machines other than the FTP client, aka FTP bounce.
CVE-2007-0618 — CVSS 7.5 (high): Unspecified vulnerability in (1) pop3d, (2) pop3ds, (3) imapd, and (4) imapds in IBM AIX 5.3.0 has unspecified impact and attack vectors…
CVE-2006-4254 — CVSS 7.5 (high): Unspecified vulnerability in setlocale in IBM AIX 5.1.0 through 5.3.0 allows local users to gain privileges via unspecified vectors.
CVE-1999-0337 — CVSS 7.5 (high): AIX batch queue (bsh) allows local and remote users to gain additional privileges when network printing is enabled.
CVE-2005-3504 — CVSS 7.5 (high): Buffer overflow in swcons in IBM AIX 5.2, when debug malloc is enabled, allows remote attackers to cause a core dump and possibly execute…
CVE-2005-3396 — CVSS 7.5 (high): Buffer overflow in the chcons (chcon) command in IBM AIX 5.2 and 5.3, when DEBUG MALLOC is enabled, might allow attackers to execute…
CVE-1999-0687 — CVSS 7.5 (high): The ToolTalk ttsession daemon uses weak RPC authentication, which allows a remote attacker to execute commands.
CVE-1999-0085 — CVSS 7.5 (high): Buffer overflow in rwhod on AIX and other operating systems allows remote attackers to execute arbitrary code via a UDP packet with a long…
CVE-1999-0903 — CVSS 7.5 (high): genfilt in the AIX Packet Filtering Module does not properly filter traffic to destination ports greater than 32767.
CVE-1999-1574 — CVSS 7.5 (high): Buffer overflow in the lex routines of nslookup for AIX 4.3 may allow attackers to cause a core dump and possibly execute arbitrary code…
CVE-2001-1529 — CVSS 7.5 (high): Buffer overflow in rpc.yppasswdd (yppasswd server) in AIX allows attackers to gain unauthorized access via a long string. NOTE: due to lack…
CVE-2025-36244 — CVSS 7.4 (high): IBM AIX 7.2, 7.3, IBM VIOS 3.1, and 4.1, when configured to use Kerberos network authentication, could allow a local user to write to files…
CVE-2017-1541 — CVSS 7.3 (high): A flaw in the AIX 5.3, 6.1, 7.1, and 7.2 JRE/SDK installp and updatep packages prevented the java.security, java.policy and javaws.policy…
CVE-2025-62230 — CVSS 7.3 (high): A flaw was discovered in the X.Org X server’s X Keyboard (Xkb) extension when handling client resource cleanup. The software frees…
CVE-2025-62231 — CVSS 7.3 (high): A flaw was identified in the X.Org X server’s X Keyboard (Xkb) extension where improper bounds checking in the XkbSetCompatMap() function…
CVE-1999-0318 — CVSS 7.2 (high): Buffer overflow in xmcd 2.0p12 allows local users to gain access through an environmental variable.
CVE-1999-0131 — CVSS 7.2 (high): Buffer overflow and denial of service in Sendmail 8.7.5 and earlier through GECOS field gives root access to local users.
CVE-1999-0138 — CVSS 7.2 (high): The suidperl and sperl program do not give up root privileges when changing UIDs back to the original users, allowing root access.
CVE-1999-0691 — CVSS 7.2 (high): Buffer overflow in the AddSuLog function of the CDE dtaction utility allows local users to gain root privileges via a long user name.
CVE-1999-0693 — CVSS 7.2 (high): Buffer overflow in TT_SESSION environment variable in ToolTalk shared library allows local users to gain root privileges.
CVE-1999-1013 — CVSS 7.2 (high): named-xfer in AIX 4.1.5 and 4.2.1 allows members of the system group to overwrite system files to gain root access via the -f parameter and…
CVE-1999-1121 — CVSS 7.2 (high): The default configuration for UUCP in AIX before 3.2 allows local users to gain root privileges.
CVE-1999-1208 — CVSS 7.2 (high): Buffer overflow in ping in AIX 4.2 and earlier allows local users to gain root privileges via a long command line argument.
CVE-1999-1487 — CVSS 7.2 (high): Vulnerability in digest in AIX 4.3 allows printq users to gain root privileges by creating and/or modifing any file on the system.
CVE-1999-1552 — CVSS 7.2 (high): dpsexec (DPS Server) when running under XDM in IBM AIX 3.2.5 and earlier does not properly check privileges, which allows local users to…
CVE-1999-1583 — CVSS 7.2 (high): Buffer overflow in nslookup for AIX 4.3 allows local users to execute arbitrary code via a long hostname command line argument.
CVE-1999-1589 — CVSS 7.2 (high): Unspecified vulnerability in crontab in IBM AIX 3.2 allows local users to gain root privileges via unknown attack vectors.
CVE-2000-0249 — CVSS 7.2 (high): The AIX Fast Response Cache Accelerator (FRCA) allows local users to modify arbitrary files via the configuration capability in the…
CVE-2000-1120 — CVSS 7.2 (high): Buffer overflow in digest command in IBM AIX 4.3.x and earlier allows local users to execute arbitrary commands.
CVE-2000-1121 — CVSS 7.2 (high): Buffer overflow in enq command in IBM AIX 4.3.x and earlier may allow local users to execute arbitrary commands via a long -M argument.
CVE-2000-1122 — CVSS 7.2 (high): Buffer overflow in setclock command in IBM AIX 4.3.x and earlier may allow local users to execute arbitrary commands via a long argument.
CVE-2000-1123 — CVSS 7.2 (high): Buffer overflow in pioout command in IBM AIX 4.3.x and earlier may allow local users to execute arbitrary commands.
CVE-2000-1124 — CVSS 7.2 (high): Buffer overflow in piobe command in IBM AIX 4.3.x allows local users to gain privileges via long environmental variables.
CVE-2000-1216 — CVSS 7.2 (high): Buffer overflow in portmir for AIX 4.3.0 allows local users to corrupt lock files and gain root privileges via the echo_error routine.
CVE-2000-1222 — CVSS 7.2 (high): AIX sysback before 4.2.1.13 uses a relative path to find and execute the hostname program, which allows local users to gain privileges by…
CVE-2001-0533 — CVSS 7.2 (high): Buffer overflow in libi18n library in IBM AIX 5.1 and 4.3.x allows local users to gain root privileges via a long LANG environmental…
CVE-2001-1329 — CVSS 7.2 (high): Buffer overflow in rsh on AIX 4.2.0.0 may allow local users to gain root privileges via a long command line argument.
CVE-2001-1330 — CVSS 7.2 (high): Buffer overflow in rsh on AIX 4.2.0.0 may allow local users to gain root privileges via a long command line argument.
CVE-2002-0678 — CVSS 7.2 (high): CDE ToolTalk database server (ttdbserver) allows local users to overwrite arbitrary files via a symlink attack on the transaction log file…
CVE-2002-1548 — CVSS 7.2 (high): Unknown vulnerability in autofs on AIX 4.3.0, when using executable maps, allows attackers to execute arbitrary commands as root, possibly…
CVE-2003-0257 — CVSS 7.2 (high): Format string vulnerability in the printer capability for IBM AIX .3, 5.1, and 5.2 allows local users to gain printq or root privileges.
CVE-2003-0697 — CVSS 7.2 (high): Format string vulnerability in lpd in the bos.rte.printers fileset for AIX 4.3 through 5.2, with debug enabled, allows local users to cause…
CVE-2003-1018 — CVSS 7.2 (high): Format string vulnerability in enq command in AIX 4.3, 5.1, and 5.2 allows local users with rintq group privileges to gain privileges via…
CVE-2004-0544 — CVSS 7.2 (high): Multiple buffer overflows in LVM for AIX 5.1 and 5.2 allow local users to gain privileges via the (1) putlvcb or (2) getlvcb commands.
CVE-2004-0545 — CVSS 7.2 (high): LVM for AIX 5.1 and 5.2 allows local users to overwrite arbitrary files via a symlink attack.
CVE-2004-1028 — CVSS 7.2 (high): Untrusted execution path vulnerability in chcod on AIX IBM 5.1.0, 5.2.0, and 5.3.0 allows local users to execute arbitrary programs by…
CVE-2004-1054 — CVSS 7.2 (high): Untrusted execution path vulnerability in invscout in IBM AIX 5.1.0, 5.2.0, and 5.3.0 allows local users to gain privileges by modifying…
CVE-2004-1329 — CVSS 7.2 (high): Untrusted execution path vulnerability in the diag commands (1) lsmcode, (2) diag_exec, (3) invscout, and (4) invscoutd in AIX 5.1 through…
CVE-2004-1330 — CVSS 7.2 (high): Buffer overflow in paginit in AIX 5.1 through 5.3 allows local users to execute arbitrary code via a long username.
CVE-2004-2312 — CVSS 7.2 (high): Buffer overflow in GNU make for IBM AIX 4.3.3, when installed setgid, allows local users to gain privileges via a long CC argument.
CVE-2005-0240 — CVSS 7.2 (high): Format string vulnerability in chdev on IBM AIX 5.2 allows local users to execute arbitrary code via format string specifiers in a command…
CVE-2005-0250 — CVSS 7.2 (high): Format string vulnerability in auditselect on IBM AIX 5.1, 5.2, and 5.3 allows local users to execute arbitrary code via format string…
CVE-2005-0262 — CVSS 7.2 (high): Buffer overflow in ipl_varyon on AIX 5.1, 5.2, and 5.3 allows local users to execute arbitrary code via a long -d argument.
CVE-2005-0263 — CVSS 7.2 (high): Buffer overflow in netpmon on AIX 5.1, 5.2, and 5.3 allows local users to execute arbitrary code via a long -O argument.
CVE-2005-2233 — CVSS 7.2 (high): Buffer overflow in multiple "p" commands in IBM AIX 5.1, 5.2 and 5.3 might allow local users to execute arbitrary code via long command…
CVE-2005-2235 — CVSS 7.2 (high): Buffer overflow in the diagTasksWebSM command in IBM AIX 5.1, 5.2 and 5.3, might allow local users to execute arbitrary code via long…
CVE-2005-2236 — CVSS 7.2 (high): Format string vulnerability in the paginit command in IBM AIX 5.3, and possibly other versions, might allow local users to execute…
CVE-2005-3060 — CVSS 7.2 (high): Buffer overflow in getconf in IBM AIX 5.2 to 5.3 allows local users to execute arbitrary code via unknown vectors.
CVE-2005-3749 — CVSS 7.2 (high): Unspecified "absolute path vulnerabilities" in the diagela command (diagela.sh) in IBM AIX 5.2 and 5.3 have unknown impact and attack…
CVE-2005-4068 — CVSS 7.2 (high): Unspecified "absolute path vulnerability" in umountall in IBM AIX 5.1 through 5.3 allows local users to cause unknown impact via unknown…
CVE-2005-4271 — CVSS 7.2 (high): Buffer overflow in the malloc debug system in IBM AIX 5.3 allows local users to execute arbitrary code.
CVE-2006-1246 — CVSS 7.2 (high): Unspecified vulnerability in mklvcopy in BOS.RTE.LVM in IBM AIX 5.3 allows local users to execute arbitrary commands when mklvcopy calls…
CVE-2006-2647 — CVSS 7.2 (high): Untrusted search path vulnerability in update_flash for IBM AIX 5.1, 5.2 and 5.3 allows local users to execute arbitrary commands via…
CVE-2006-4416 — CVSS 7.2 (high): Untrusted search path vulnerability in the mkvg command in IBM AIX 5.2 and 5.3 allows local users to gain privileges by modifying the path…
CVE-2006-4522 — CVSS 7.2 (high): Unspecified vulnerability in dtterm in IBM AIX 5.2 and 5.3 allows local users to execute arbitrary code with root privileges via…
CVE-2006-5003 — CVSS 7.2 (high): Unspecified vulnerability in the named8 command in IBM AIX 5.2.0 and 5.3.0 allows local users to execute arbitrary commands via unspecified…
CVE-2006-5005 — CVSS 7.2 (high): Unspecified vulnerability in bos.net.tcp.client in IBM AIX 5.2.0 and 5.3.0 allows local users to execute arbitrary commands via unspecified…
CVE-2006-5006 — CVSS 7.2 (high): Buffer overflow in cfgmgr in IBM AIX 5.2.0 and 5.3.0 allows local users to execute arbitrary code via a long directory path argument.
CVE-2006-5009 — CVSS 7.2 (high): Unspecified vulnerability in xlock in IBM AIX 5.2.0 and 5.3.0 allows local users to execute arbitrary commands and overwrite arbitrary…
CVE-2006-5010 — CVSS 7.2 (high): Untrusted search path vulnerability in acctctl in IBM AIX 5.3.0 allows local users to execute arbitrary commands by modifying the path to…
CVE-2006-5011 — CVSS 7.2 (high): Untrusted search path vulnerability in snappd in IBM AIX 5.2.0 and 5.3.0 allows local users to execute arbitrary commands via a Trojan…
CVE-2007-0978 — CVSS 7.2 (high): Buffer overflow in swcons in IBM AIX 5.3 allows local users to gain privileges via long input data.
CVE-2007-1798 — CVSS 7.2 (high): Buffer overflow in the drmgr command in IBM AIX 5.2 and 5.3 allows local users to cause a denial of service (crash) and possibly execute…
CVE-2007-3680 — CVSS 7.2 (high): Stack-based buffer overflow in the odm_searchpath function in libodm in IBM AIX 5.2.0 and 5.3.0 allows local users to execute arbitrary…
CVE-2007-4217 — CVSS 7.2 (high): Stack-based buffer overflow in the domacro function in ftp in IBM AIX 5.2 and 5.3 allows local users to gain privileges via a long…
CVE-2007-4354 — CVSS 7.2 (high): Buffer overflow in fileplace in bos.perf.tools in IBM AIX 5.2 and 5.3 allows local users to gain privileges via unspecified vectors.
CVE-2007-4355 — CVSS 7.2 (high): Buffer overflow in the at program on IBM AIX 5.3 allows local users to gain privileges via unspecified vectors.
CVE-2007-4513 — CVSS 7.2 (high): Multiple stack-based buffer overflows in IBM AIX 5.2 and 5.3 allow local users to gain privileges via a long argument to the (1) "-p"…
CVE-2007-4621 — CVSS 7.2 (high): Buffer overflow in crontab in IBM AIX 5.2 allows local users to gain privileges via long command line arguments.
CVE-2007-4622 — CVSS 7.2 (high): Integer underflow in the dns_name_fromtext function in (1) libdns_nonsecure.a and (2) libdns_secure.a in IBM AIX 5.2 allows local users to…
CVE-2007-4623 — CVSS 7.2 (high): Stack-based buffer overflow in the sendrmt function in bellmail in IBM AIX 5.2 and 5.3 allows local users to execute arbitrary code via a…
CVE-2007-4791 — CVSS 7.2 (high): Buffer overflow in the swcons command in bos.rte.console in IBM AIX 5.2 and 5.3 allows local users to gain privileges via unspecified…