Vulnerabilities > IBM > AIX > 5.3
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-06-22 | CVE-2018-1655 | Information Exposure vulnerability in IBM AIX IBM AIX 5.3, 6.1, 7.1, and 7.2 contains a vulnerability in the rmsock command that may be used to expose kernel memory. | 5.5 |
| 2018-02-07 | CVE-2017-1692 | Unspecified vulnerability in IBM AIX IBM AIX 5.3, 6.1, 7.1, and 7.2 contains an unspecified vulnerability that would allow a locally authenticated user to obtain root level privileges. | 7.8 |
| 2017-10-04 | CVE-2017-1541 | Improper Input Validation vulnerability in IBM AIX A flaw in the AIX 5.3, 6.1, 7.1, and 7.2 JRE/SDK installp and updatep packages prevented the java.security, java.policy and javaws.policy files from being updated correctly. | 7.3 |
| 2017-02-15 | CVE-2016-6079 | Permissions, Privileges, and Access Controls vulnerability in IBM AIX and Vios IBM AIX 5.3, 6.1, 7.1, and 7.2 contains an unspecified vulnerability that would allow a locally authenticated user to obtain root level privileges. | 7.8 |
| 2016-09-26 | CVE-2016-6038 | Path Traversal vulnerability in IBM AIX 5.3/6.1/7.1 Directory traversal vulnerability in Eclipse Help in IBM Tivoli Lightweight Infrastructure (aka LWI), as used in AIX 5.3, 6.1, and 7.1, allows remote authenticated users to read arbitrary files via a crafted URL. | 6.5 |
| 2016-08-08 | CVE-2016-0281 | Improper Input Validation vulnerability in IBM AIX and Vios The mustendd driver in IBM AIX 5.3, 6.1, 7.1, and 7.2 and VIOS 2.2.x, when the jumbo_frames feature is not enabled, allows remote attackers to cause a denial of service (FC1763 or FC5899 adapter crash) via crafted packets. | 3.7 |
| 2016-08-08 | CVE-2016-0266 | 7PK - Security Features vulnerability in IBM AIX and Vios IBM AIX 5.3, 6.1, 7.1, and 7.2 and VIOS 2.2.x do not default to the latest TLS version, which makes it easier for man-in-the-middle attackers to obtain sensitive information via unspecified vectors. | 3.7 |
| 2014-10-15 | CVE-2014-3566 | Cryptographic Issues vulnerability in multiple products The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue. | 3.4 |