Skip to main content

Powervm Hypervisor

13 CVEs product

Monthly

CVE-2025-36238 MEDIUM This Month

Powervm Hypervisor versions up to fw950.00 contains a vulnerability that allows attackers to a local user with administration privileges to obtain sensitive information from (CVSS 6.0).

IBM Powervm Hypervisor
NVD
CVSS 3.1
6.0
EPSS
0.0%
CVE-2025-36035 MEDIUM This Month

IBM PowerVM Hypervisor FW950.00 through FW950.E0, FW1050.00 through FW1050.50, and FW1060.00 through FW1060.40 could allow a local privileged user to cause a denial of service by issuing a specially. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service IBM Powervm Hypervisor
NVD
CVSS 3.1
6.7
EPSS
0.0%
CVE-2025-0986 MEDIUM This Month

IBM PowerVM Hypervisor FW1050.00 through FW1050.30 and FW1060.00 through FW1060.20 could allow a local user, under certain Linux processor combability mode configurations, to cause undetected data. Rated medium severity (CVSS 4.5), this vulnerability is no authentication required. No vendor patch available.

Information Disclosure IBM Powervm Hypervisor
NVD
CVSS 3.1
4.5
EPSS
0.0%
CVE-2024-41781 MEDIUM This Month

IBM PowerVM Platform KeyStore (IBM PowerVM Hypervisor FW950.00 through FW950.90, FW1030.00 through FW1030.60, FW1050.00 through FW1050.20, and FW1060.00 through FW1060.10 functionality can be. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

IBM Information Disclosure Powervm Hypervisor
NVD
CVSS 3.1
5.9
EPSS
0.3%
CVE-2023-25683 HIGH This Week

IBM PowerVM Hypervisor FW950.00 through FW950.71, FW1010.00 through FW1010.40, FW1020.00 through FW1020.20, and FW1030.00 through FW1030.11 could allow an attacker to obtain sensitive information if. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure IBM Powervm Hypervisor
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2023-30440 HIGH This Week

IBM PowerVM Hypervisor FW860.00 through FW860.B3, FW950.00 through FW950.70, FW1010.00 through FW1010.50, FW1020.00 through FW1020.30, and FW1030.00 through FW1030.10 could allow a local attacker. Rated high severity (CVSS 7.9), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service IBM Powervm Hypervisor
NVD
CVSS 3.1
7.9
EPSS
0.2%
CVE-2023-30438 HIGH This Week

An internally discovered vulnerability in PowerVM on IBM Power9 and Power10 systems could allow an attacker with privileged user access to a logical partition to perform an undetected violation of. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. No vendor patch available.

RCE IBM Powervm Hypervisor
NVD
CVSS 3.1
8.8
EPSS
0.2%
CVE-2022-34331 CRITICAL Act Now

After performing a sequence of Power FW950, FW1010 maintenance operations a SRIOV network adapter can be improperly configured leading to desired VEPA configuration being disabled. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass IBM Powervm Hypervisor
NVD
CVSS 3.1
9.8
EPSS
0.5%
CVE-2022-22445 MEDIUM This Month

An attacker that gains service access to the FSP (POWER9 only) or gains admin authority to a partition can compromise partition firmware. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Powervm Hypervisor
NVD
CVSS 3.1
6.5
EPSS
0.6%
CVE-2021-38937 MEDIUM This Month

IBM PowerVM Hypervisor FW940, FW950, and FW1010 could allow an authenticated user to cause the system to crash using a specially crafted IBMi Hypervisor call. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM Denial Of Service Powervm Hypervisor
NVD
CVSS 3.1
6.5
EPSS
1.0%
CVE-2021-38917 CRITICAL Act Now

IBM PowerVM Hypervisor FW860, FW940, and FW950 could allow an attacker that gains service access to the FSP can read and write arbitrary host system memory through a series of carefully crafted. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

IBM Information Disclosure Powervm Hypervisor
NVD
CVSS 3.1
9.1
EPSS
1.5%
CVE-2021-29795 MEDIUM PATCH This Month

IBM PowerVM Hypervisor FW860, FW930, FW940, and FW950 could allow a local user to create a specially crafted sequence of hypervisor calls from a partition that could crash the system. Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity.

IBM Denial Of Service Powervm Hypervisor
NVD
CVSS 3.1
6.0
EPSS
0.2%
CVE-2021-20505 MEDIUM This Month

The PowerVM Logical Partition Mobility(LPM) (PowerVM Hypervisor FW920, FW930, FW940, and FW950) encryption key exchange protocol can be compromised. Rated medium severity (CVSS 4.4), this vulnerability is remotely exploitable. No vendor patch available.

IBM Microsoft Information Disclosure Powervm Hypervisor
NVD
CVSS 3.1
4.4
EPSS
0.5%
EPSS 0% CVSS 6.0
MEDIUM This Month

Powervm Hypervisor versions up to fw950.00 contains a vulnerability that allows attackers to a local user with administration privileges to obtain sensitive information from (CVSS 6.0).

IBM Powervm Hypervisor
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

IBM PowerVM Hypervisor FW950.00 through FW950.E0, FW1050.00 through FW1050.50, and FW1060.00 through FW1060.40 could allow a local privileged user to cause a denial of service by issuing a specially. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service IBM Powervm Hypervisor
NVD
EPSS 0% CVSS 4.5
MEDIUM This Month

IBM PowerVM Hypervisor FW1050.00 through FW1050.30 and FW1060.00 through FW1060.20 could allow a local user, under certain Linux processor combability mode configurations, to cause undetected data. Rated medium severity (CVSS 4.5), this vulnerability is no authentication required. No vendor patch available.

Information Disclosure IBM Powervm Hypervisor
NVD
EPSS 0% CVSS 5.9
MEDIUM This Month

IBM PowerVM Platform KeyStore (IBM PowerVM Hypervisor FW950.00 through FW950.90, FW1030.00 through FW1030.60, FW1050.00 through FW1050.20, and FW1060.00 through FW1060.10 functionality can be. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

IBM Information Disclosure Powervm Hypervisor
NVD
EPSS 1% CVSS 7.5
HIGH This Week

IBM PowerVM Hypervisor FW950.00 through FW950.71, FW1010.00 through FW1010.40, FW1020.00 through FW1020.20, and FW1030.00 through FW1030.11 could allow an attacker to obtain sensitive information if. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure IBM Powervm Hypervisor
NVD
EPSS 0% CVSS 7.9
HIGH This Week

IBM PowerVM Hypervisor FW860.00 through FW860.B3, FW950.00 through FW950.70, FW1010.00 through FW1010.50, FW1020.00 through FW1020.30, and FW1030.00 through FW1030.10 could allow a local attacker. Rated high severity (CVSS 7.9), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service IBM Powervm Hypervisor
NVD
EPSS 0% CVSS 8.8
HIGH This Week

An internally discovered vulnerability in PowerVM on IBM Power9 and Power10 systems could allow an attacker with privileged user access to a logical partition to perform an undetected violation of. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. No vendor patch available.

RCE IBM Powervm Hypervisor
NVD
EPSS 0% CVSS 9.8
CRITICAL Act Now

After performing a sequence of Power FW950, FW1010 maintenance operations a SRIOV network adapter can be improperly configured leading to desired VEPA configuration being disabled. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass IBM Powervm Hypervisor
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

An attacker that gains service access to the FSP (POWER9 only) or gains admin authority to a partition can compromise partition firmware. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Powervm Hypervisor
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

IBM PowerVM Hypervisor FW940, FW950, and FW1010 could allow an authenticated user to cause the system to crash using a specially crafted IBMi Hypervisor call. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM Denial Of Service Powervm Hypervisor
NVD
EPSS 1% CVSS 9.1
CRITICAL Act Now

IBM PowerVM Hypervisor FW860, FW940, and FW950 could allow an attacker that gains service access to the FSP can read and write arbitrary host system memory through a series of carefully crafted. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

IBM Information Disclosure Powervm Hypervisor
NVD
EPSS 0% CVSS 6.0
MEDIUM PATCH This Month

IBM PowerVM Hypervisor FW860, FW930, FW940, and FW950 could allow a local user to create a specially crafted sequence of hypervisor calls from a partition that could crash the system. Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity.

IBM Denial Of Service Powervm Hypervisor
NVD
EPSS 1% CVSS 4.4
MEDIUM This Month

The PowerVM Logical Partition Mobility(LPM) (PowerVM Hypervisor FW920, FW930, FW940, and FW950) encryption key exchange protocol can be compromised. Rated medium severity (CVSS 4.4), this vulnerability is remotely exploitable. No vendor patch available.

IBM Microsoft Information Disclosure +1
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy