Vulnerabilities > IBM > Vios > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-08-26 | CVE-2021-29862 | Unspecified vulnerability in IBM AIX and Vios IBM AIX 7.1, 7.2, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the AIX kernel to cause a denial of service. | 4.9 |
| 2020-11-20 | CVE-2020-4788 | IBM Power9 (AIX 7.1, 7.2, and VIOS 3.1) processors could allow a local user to obtain sensitive information from the data in the L1 cache under extenuating circumstances. | 4.7 |
| 2016-08-08 | CVE-2016-0281 | Improper Input Validation vulnerability in IBM AIX and Vios The mustendd driver in IBM AIX 5.3, 6.1, 7.1, and 7.2 and VIOS 2.2.x, when the jumbo_frames feature is not enabled, allows remote attackers to cause a denial of service (FC1763 or FC5899 adapter crash) via crafted packets. | 4.3 |
| 2016-08-08 | CVE-2016-0266 | 7PK - Security Features vulnerability in IBM AIX and Vios IBM AIX 5.3, 6.1, 7.1, and 7.2 and VIOS 2.2.x do not default to the latest TLS version, which makes it easier for man-in-the-middle attackers to obtain sensitive information via unspecified vectors. | 4.3 |
| 2015-10-16 | CVE-2015-4948 | Permissions, Privileges, and Access Controls vulnerability in IBM AIX and Vios netstat in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.2.x, when a fibre channel adapter is used, allows local users to gain privileges via unspecified vectors. | 6.9 |
| 2014-06-08 | CVE-2014-3977 | Link Following vulnerability in IBM AIX and Vios libodm.a in IBM AIX 6.1 and 7.1, and VIOS 2.2.x, allows local users to overwrite arbitrary files via a symlink attack on a temporary file. | 6.9 |
| 2014-05-08 | CVE-2014-0930 | Unspecified vulnerability in IBM AIX and Vios The ptrace system call in IBM AIX 5.3, 6.1, and 7.1, and VIOS 2.2.x, allows local users to cause a denial of service (system crash) or obtain sensitive information from kernel memory via a crafted PT_LDINFO operation. local ibm | 4.7 |
| 2012-10-20 | CVE-2012-4845 | Permissions, Privileges, and Access Controls vulnerability in IBM AIX and Vios The FTP client in IBM AIX 6.1 and 7.1, and VIOS 2.2.1.4-FP-25 SP-02, does not properly manage privileges in an RBAC environment, which allows attackers to bypass intended file-read restrictions by leveraging the setuid installation of the ftp executable file. | 6.8 |
| 2012-09-14 | CVE-2012-4817 | Unspecified vulnerability in IBM AIX and Vios The NFSv4 client implementation in IBM AIX 5.3, 6.1, and 7.1, and VIOS before 2.2.1.4-FP-25 SP-02, does not properly handle GID values, which allows remote attackers to cause a denial of service via unspecified vectors. | 5.0 |
| 2012-07-30 | CVE-2012-0723 | Improper Input Validation vulnerability in IBM AIX and Vios The kernel in IBM AIX 5.3, 6.1, and 7.1, and VIOS 2.2.1.4-FP-25 SP-02, does not properly implement the dupmsg system call, which allows local users to cause a denial of service (system crash) via a crafted application. | 4.9 |