Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:a:ibm:vios:2.2.2.5:*:*:*:*:*:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2016-0281 |
The mustendd driver in IBM AIX 5.3, 6.1, 7.1, and 7.2 and VIOS 2.2.x, when the jumbo_frames feature is not enabled, allows remote attackers to cause a denial of service (FC1763 or FC5899 adapter crash) via crafted packets. Published: August 07, 2016; 9:59:02 PM -0400 |
V4.0:(not available) V3.0: 3.7 LOW V2.0: 4.3 MEDIUM |
CVE-2016-0266 |
IBM AIX 5.3, 6.1, 7.1, and 7.2 and VIOS 2.2.x do not default to the latest TLS version, which makes it easier for man-in-the-middle attackers to obtain sensitive information via unspecified vectors. Published: August 07, 2016; 9:59:00 PM -0400 |
V4.0:(not available) V3.0: 3.7 LOW V2.0: 4.3 MEDIUM |
CVE-2014-8904 |
lquerylv in cmdlvm in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.2.x allows local users to gain privileges via a crafted DBGCMD_LQUERYLV environment-variable value. Published: January 15, 2015; 5:59:03 PM -0500 |
V4.0:(not available) V3.x:(not available) V2.0: 7.2 HIGH |
CVE-2014-3566 |
The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue. Published: October 14, 2014; 8:55:02 PM -0400 |
V4.0:(not available) V3.1: 3.4 LOW V2.0: 4.3 MEDIUM |
CVE-2014-3074 |
The runtime linker in IBM AIX 6.1 and 7.1 and VIOS 2.2.x allows local users to create a mode-666 root-owned file, and consequently gain privileges, by setting crafted MALLOCOPTIONS and MALLOCBUCKETS environment-variable values and then executing a setuid program. Published: July 02, 2014; 6:35:25 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 7.2 HIGH |
CVE-2014-3977 |
libodm.a in IBM AIX 6.1 and 7.1, and VIOS 2.2.x, allows local users to overwrite arbitrary files via a symlink attack on a temporary file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-2179. Published: June 08, 2014; 7:55:04 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 6.9 MEDIUM |