CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-52906 – IBM AIX denial of service
https://notcve.org/view.php?id=CVE-2024-52906
25 Dec 2024 — IBM AIX 7.2, 7.3, VIOS 3.1, and 4.1 could allow a non-privileged local user to exploit a vulnerability in the TCP/IP kernel extension to cause a denial of service. IBM AIX 7.2, 7.3, VIOS 3.1 y 4.1 podrían permitir que un usuario local sin privilegios aproveche una vulnerabilidad en la extensión del kernel TCP/IP para provocar una denegación de servicio. IBM AIX 7.2, 7.3, VIOS 3.1, and 4.1 could allow a non-privileged local user to exploit a vulnerability in the TCP/IP kernel extension to cause a denial of s... • https://www.ibm.com/support/pages/node/7179826 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-47102 – IBM AIX denial of service
https://notcve.org/view.php?id=CVE-2024-47102
25 Dec 2024 — IBM AIX 7.2, 7.3, VIOS 3.1, and 4.1 could allow a non-privileged local user to exploit a vulnerability in the AIX perfstat kernel extension to cause a denial of service. IBM AIX 7.2, 7.3, VIOS 3.1 y 4.1 podrían permitir que un usuario local sin privilegios aproveche una vulnerabilidad en la extensión del kernel perfstat de AIX para provocar una denegación de servicio. IBM AIX 7.2, 7.3, VIOS 3.1, and 4.1 could allow a non-privileged local user to exploit a vulnerability in the AIX perfstat kernel extension t... • https://www.ibm.com/support/pages/node/7179826 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-47115 – IBM AIX command execution
https://notcve.org/view.php?id=CVE-2024-47115
07 Dec 2024 — IBM AIX 7.2, 7.3 and VIOS 3.1 and 4.1 could allow a local user to execute arbitrary commands on the system due to improper neutralization of input. IBM AIX 7.2, 7.3 and VIOS 3.1 and 4.1 could allow a local user to execute arbitrary commands on the system due to improper neutralization of input. • https://www.ibm.com/support/pages/node/7178033 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 8.4EPSS: 0%CPEs: 2EXPL: 0CVE-2024-27260 – IBM AIX command execution
https://notcve.org/view.php?id=CVE-2024-27260
16 May 2024 — IBM AIX could 7.2, 7.3, VIOS 3.1, and VIOS 4.1 allow a non-privileged local user to exploit a vulnerability in the invscout command to execute arbitrary commands. IBM X-Force ID: 283985. IBM AIX podría 7.2, 7.3, VIOS 3.1 y VIOS 4.1 permitir que un usuario local sin privilegios aproveche una vulnerabilidad en el comando invscout para ejecutar comandos arbitrarios. ID de IBM X-Force: 283985. • https://exchange.xforce.ibmcloud.com/vulnerabilities/283985 • CWE-250: Execution with Unnecessary Privileges •
CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-27273 – IBM AIX privilege escalation
https://notcve.org/view.php?id=CVE-2024-27273
07 May 2024 — IBM AIX's Unix domain (AIX 7.2, 7.3, VIOS 3.1, and VIOS 4.1) datagram socket implementation could potentially expose applications using Unix domain datagram sockets with SO_PEERID operation and may lead to privilege escalation. IBM X-Force ID: 284903. La implementación de sockets de datagramas de dominio Unix de IBM AIX (AIX 7.2, 7.3, VIOS 3.1 y VIOS 4.1) podría exponer potencialmente aplicaciones que utilizan sockets de datagramas de dominio Unix con operación SO_PEERID y puede conducir a una escalada de p... • https://exchange.xforce.ibmcloud.com/vulnerabilities/284903 • CWE-266: Incorrect Privilege Assignment •
CVSS: 8.4EPSS: 0%CPEs: 1EXPL: 0CVE-2024-25021 – IBM AIX command execution
https://notcve.org/view.php?id=CVE-2024-25021
22 Feb 2024 — IBM AIX 7.3, VIOS 4.1's Perl implementation could allow a non-privileged local user to exploit a vulnerability to execute arbitrary commands. IBM X-Force ID: 281320. La implementación de Perl de IBM AIX 7.3, VIOS 4.1 podría permitir que un usuario local sin privilegios aproveche una vulnerabilidad para ejecutar comandos arbitrarios. ID de IBM X-Force: 281320. • https://exchange.xforce.ibmcloud.com/vulnerabilities/281320 • CWE-114: Process Control •
CVSS: 6.8EPSS: 0%CPEs: 5EXPL: 0CVE-2023-47141 – IBM Db2 denial of service
https://notcve.org/view.php?id=CVE-2023-47141
22 Jan 2024 — IIBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 could allow an authenticated user with CONNECT privileges to cause a denial of service using a specially crafted query. IBM X-Force ID: 270264. IIBM Db2 para Linux, UNIX y Windows (incluye Db2 Connect Server) 11.5 podría permitir que un usuario autenticado con privilegios CONNECT provoque una denegación de servicio mediante una consulta especialmente manipulada. ID de IBM X-Force: 270264. • https://exchange.xforce.ibmcloud.com/vulnerabilities/270264 • CWE-20: Improper Input Validation •
CVSS: 6.8EPSS: 0%CPEs: 9EXPL: 0CVE-2023-47158 – IBM Db2 denial of service
https://notcve.org/view.php?id=CVE-2023-47158
22 Jan 2024 — IBM DB2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1 and 11.5 could allow an authenticated user with CONNECT privileges to cause a denial of service using a specially crafted query. IBM X-Force ID: 270750. IBM DB2 para Linux, UNIX y Windows (incluye Db2 Connect Server) 10.1, 10.5 y 11.1 podría permitir que un usuario autenticado con privilegios CONNECT provoque una denegación de servicio mediante una consulta especialmente manipulada. ID de IBM X-Force: 270750. • https://exchange.xforce.ibmcloud.com/vulnerabilities/270750 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2023-47152 – IBM Db2 information disclosure
https://notcve.org/view.php?id=CVE-2023-47152
22 Jan 2024 — IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 is vulnerable to an insecure cryptographic algorithm and to information disclosure in stack trace under exceptional conditions. IBM X-Force ID: 270730. IBM Db2 para Linux, UNIX y Windows (incluye Db2 Connect Server) 11.5 es vulnerable a un algoritmo criptográfico inseguro y a la divulgación de información en el seguimiento de la pila en condiciones excepcionales. ID de IBM X-Force: 270730. IBM Db2 for Linux, UNIX and Windows (includes Db... • https://exchange.xforce.ibmcloud.com/vulnerabilities/270730 • CWE-209: Generation of Error Message Containing Sensitive Information •
CVSS: 6.8EPSS: 0%CPEs: 9EXPL: 0CVE-2023-27859 – IBM Db2 code execution
https://notcve.org/view.php?id=CVE-2023-27859
22 Jan 2024 — IBM Db2 10.1, 10.5, and 11.1 could allow a remote user to execute arbitrary code caused by installing like named jar files across multiple databases. A user could exploit this by installing a malicious jar file that overwrites the existing like named jar file in another database. IBM X-Force ID: 249205. IBM Db2 10.1, 10.5 y 11.1 podría permitir que un usuario remoto ejecute código arbitrario causado por la instalación de archivos jar con nombres similares en múltiples bases de datos. Un usuario podría aprov... • https://exchange.xforce.ibmcloud.com/vulnerabilities/249205 •