IBM : Security Vulnerabilities, CVEs, CVSS score >= 9
Execute commands as root via buffer overflow in Tooltalk database server (rpc.ttdbserverd).
Max CVSS
10.0
EPSS Score
4.41%
Published
1998-04-01
Updated
2018-10-30
Inverse query buffer overflow in BIND 4.9 and BIND 8 Releases.
Max CVSS
10.0
EPSS Score
9.01%
Published
1998-04-08
Updated
2018-10-30
Denial of Service vulnerabilities in BIND 4.9 and BIND 8 Releases via CNAME record and zone transfer.
Max CVSS
10.0
EPSS Score
1.15%
Published
1998-04-08
Updated
2018-10-30
Buffer overflow in statd allows root privileges.
Max CVSS
10.0
EPSS Score
0.28%
Published
1997-12-05
Updated
2018-10-30
Buffer overflow in University of Washington's implementation of IMAP and POP servers.
Max CVSS
10.0
EPSS Score
11.30%
Published
1997-04-07
Updated
2022-08-17
Buffer overflow of rlogin program using TERM environmental variable.
Max CVSS
10.0
EPSS Score
0.94%
Published
1997-02-06
Updated
2024-02-09
Talkd, when given corrupt DNS information, can be used to execute arbitrary commands with root privileges.
Max CVSS
10.0
EPSS Score
0.63%
Published
1997-01-27
Updated
2008-09-09
IRIX and AIX automountd services (autofsd) allow remote users to execute root commands.
Max CVSS
10.0
EPSS Score
0.68%
Published
1998-10-26
Updated
2008-09-05
The AIX FTP client can be forced to execute commands from a malicious server through shell metacharacters (e.g. a pipe character).
Max CVSS
10.0
EPSS Score
6.01%
Published
1997-10-29
Updated
2022-08-17
Buffer overflow in syslog utility allows local or remote attackers to gain root privileges.
Max CVSS
10.0
EPSS Score
0.73%
Published
1995-10-19
Updated
2022-08-17
Buffer overflow in AIX and Solaris "gethostbyname" library call allows root access through corrupt DNS host names.
Max CVSS
10.0
EPSS Score
0.60%
Published
1996-12-10
Updated
2008-09-09
Some implementations of rlogin allow root access if given a -froot parameter.
Max CVSS
10.0
EPSS Score
1.58%
Published
1994-05-23
Updated
2024-02-13
rpc.ypupdated (NIS) allows remote users to execute arbitrary commands.
Max CVSS
10.0
EPSS Score
54.79%
Published
1995-12-12
Updated
2022-08-17
Buffer overflow in Source Code Browser Program Database Name Server Daemon (pdnsd) for the IBM AIX C Set ++ compiler.
Max CVSS
10.0
EPSS Score
3.17%
Published
1999-08-18
Updated
2008-09-09
Buffer overflow in AIX ftpd in the libc library.
Max CVSS
10.0
EPSS Score
11.46%
Published
1999-09-28
Updated
2008-09-09
Denial of service in BIND named via malformed SIG records.
Max CVSS
10.0
EPSS Score
1.92%
Published
1999-11-10
Updated
2018-10-30
FTP installation script anon.ftp in AIX insecurely configures anonymous FTP, which allows remote attackers to execute arbitrary commands.
Max CVSS
10.0
EPSS Score
0.80%
Published
1992-04-27
Updated
2017-10-10
snap command in AIX before 4.3.2 creates the /tmp/ibmsupt directory with world-readable permissions and does not remove or clear the directory when snap -a is executed, which could allow local users to access the shadowed password file by creating /tmp/ibmsupt/general/passwd before root runs snap -a.
Max CVSS
10.0
EPSS Score
0.24%
Published
1999-02-17
Updated
2016-10-18
Buffer overflow in IBM Net.Data db2www CGI program allows remote attackers to execute arbitrary commands via a long PATH_INFO environmental variable.
Max CVSS
10.0
EPSS Score
0.58%
Published
2000-10-20
Updated
2017-10-10
Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen.
Max CVSS
10.0
EPSS Score
0.48%
Published
2000-11-14
Updated
2018-10-30
Buffer overflow in IBM WebSphere web application server (WAS) allows remote attackers to execute arbitrary commands via a long Host: request header.
Max CVSS
10.0
EPSS Score
0.31%
Published
2000-11-14
Updated
2017-10-10
ovactiond in HP OpenView Network Node Manager (NNM) 6.1 and Tivoli Netview 5.x and 6.x allows remote attackers to execute arbitrary commands via shell metacharacters in a certain SNMP trap message.
Max CVSS
10.0
EPSS Score
1.87%
Published
2001-09-20
Updated
2016-10-18
Buffer overflow in BSD-based telnetd telnet daemon on various operating systems allows remote attackers to execute arbitrary commands via a set of options including AYT (Are You There), which is not properly handled by the telrcv function.
Max CVSS
10.0
EPSS Score
0.92%
Published
2001-08-14
Updated
2022-01-21
Buffer overflows in (1) send_status, (2) kill_print, and (3) chk_fhost in lpd in AIX 4.3 and 5.1 allow remote attackers to gain root privileges.
Max CVSS
10.0
EPSS Score
0.95%
Published
2001-12-06
Updated
2008-09-05
CVE-2001-0797
Public exploit
Buffer overflow in login in various System V based operating systems allows remote attackers to execute arbitrary commands via a large number of arguments through services such as telnet and rlogin.
Max CVSS
10.0
EPSS Score
97.24%
Published
2001-12-12
Updated
2018-10-30