CVSS: 8.4EPSS: 0%CPEs: 4EXPL: 1CVE-2023-28528 – IBM AIX command execution
https://notcve.org/view.php?id=CVE-2023-28528
IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the invscout command to execute arbitrary commands. IBM X-Force ID: 251207. • http://packetstormsecurity.com/files/172458/IBM-AIX-7.2-inscout-Privilege-Escalation.html https://exchange.xforce.ibmcloud.com/vulnerabilities/251207 https://www.ibm.com/support/pages/node/6983232 https://talosintelligence.com/vulnerability_reports/TALOS-2023-1691 https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/aix/local/invscout_rpm_priv_esc.rb • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 8.4EPSS: 0%CPEs: 4EXPL: 0CVE-2023-26286 – IBM AIX privilege escalation
https://notcve.org/view.php?id=CVE-2023-26286
IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the AIX runtime services library to execute arbitrary commands. IBM X-Force ID: 248421. • https://exchange.xforce.ibmcloud.com/vulnerabilities/248421 https://www.ibm.com/support/pages/node/6983236 •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2022-47990 – IBM AIX denial of service
https://notcve.org/view.php?id=CVE-2022-47990
IBM AIX 7.1, 7.2, 7.3 and VIOS , 3.1 could allow a non-privileged local user to exploit a vulnerability in X11 to cause a buffer overflow that could result in a denial of service or arbitrary code execution. IBM X-Force ID: 243556. IBM AIX 7.1, 7.2, 7.3 y VIOS, 3.1 podrían permitir que un usuario local sin privilegios aproveche una vulnerabilidad en X11 para provocar un desbordamiento del búfer que podría provocar una denegación de servicio o la ejecución de código arbitrario. ID de IBM X-Force: 243556. • https://exchange.xforce.ibmcloud.com/vulnerabilities/243556 https://www.ibm.com/support/pages/node/6855827 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 8.4EPSS: 0%CPEs: 4EXPL: 0CVE-2022-41290 – IBM AIX privilege escalation
https://notcve.org/view.php?id=CVE-2022-41290
IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the rm_rlcache_file command to obtain root privileges. IBM X-Force ID: 236690. IBM AIX 7.1, 7.2, 7.3 y VIOS 3.1 podrían permitir que un usuario local sin privilegios aproveche una vulnerabilidad en el comando rm_rlcache_file para obtener privilegios de root. ID de IBM X-Force: 236690. • https://exchange.xforce.ibmcloud.com/vulnerabilities/236690 https://www.ibm.com/support/pages/node/6847917 • CWE-250: Execution with Unnecessary Privileges CWE-269: Improper Privilege Management •
CVSS: 6.2EPSS: 0%CPEs: 4EXPL: 0CVE-2022-39164 – IBM AIX denial of service
https://notcve.org/view.php?id=CVE-2022-39164
IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1could allow a non-privileged local user to exploit a vulnerability in the AIX kernel to cause a denial of service. IBM X-Force ID: 235181. IBM AIX 7.1, 7.2, 7.3 y VIOS 3.1 podrían permitir que un usuario local sin privilegios aproveche una vulnerabilidad en el kernel de AIX para provocar una denegación de servicio. ID de IBM X-Force: 235181. • https://exchange.xforce.ibmcloud.com/vulnerabilities/235181 https://www.ibm.com/support/pages/node/6847947 • CWE-400: Uncontrolled Resource Consumption •