Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-7.3.0.5)

The version of AOS installed on the remote host is prior to 7.3.0.5. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-7.3.0.5 advisory. - inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer...

Nutanix AHV : Multiple Vulnerabilities (NXSA-AHV-20230302.103068)

The version of AHV installed on the remote host is prior to 20230302.103068. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AHV-20230302.103068 advisory. - The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.6, tvOS 17,...

Nutanix AHV : Multiple Vulnerabilities (NXSA-AHV-10.0.1.3)

The version of AHV installed on the remote host is prior to AHV-10.0.1.3. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AHV-10.0.1.3 advisory. - LZ4 before 1.9.2 has a heap-based buffer overflow in LZ4write32 related to LZ4compressdestSize, affecting application...

Linux Distros Unpatched Vulnerability : CVE-2025-24031

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PAM-PKCS11 is a Linux-PAM login module that allows a X.509 certificate based user login. In versions 0.6.12 and prior, the pampkcs11 module segfaults when a use...

linux-pam: Incomplete fix for CVE-2025-6020

A flaw was found in linux-pam. The pamnamespace module may improperly handle user-controlled paths, allowing local users to exploit symlink attacks and race conditions to elevate their privileges to root. This CVE provides a "complete" fix for CVE-2025-6020...

ALSA-2025:14557 Important: pam security update

Pluggable Authentication Modules PAM provide a system to set up authentication policies without the need to recompile programs to handle authentication. Security Fixes: linux-pam: Linux-pam directory Traversal CVE-2025-6020 For more details about the security issues, including the impact, a CVSS...

Security Bulletin: IBM QRadar SIEM contains multiple vulnerabilities

Summary IBM QRadar SIEM includes vulnerable components e.g., framework libraries that could be identified and exploited with automated tools. These have been addressed in the update. Vulnerability Details CVEID:CVE-2024-22365 DESCRIPTION: Linux-pam is vulnerable to a denial of service, caused by ...

SUSE CVE-2025-8941

A flaw was found in linux-pam. The pamnamespace module may improperly handle user-controlled paths, allowing local users to exploit symlink attacks and race conditions to elevate their privileges to root. This CVE provides a "complete" fix for CVE-2025-6020...

DEBIAN-CVE-2025-8941

A flaw was found in linux-pam. The pamnamespace module may improperly handle user-controlled paths, allowing local users to exploit symlink attacks and race conditions to elevate their privileges to root. This CVE provides a "complete" fix for CVE-2025-6020...

UBUNTU-CVE-2025-8941

A flaw was found in linux-pam. The pamnamespace module may improperly handle user-controlled paths, allowing local users to exploit symlink attacks and race conditions to elevate their privileges to root. This CVE provides a "complete" fix for CVE-2025-6020...

CVE-2025-8941

A flaw was found in linux-pam. The pamnamespace module may improperly handle user-controlled paths, allowing local users to exploit symlink attacks and race conditions to elevate their privileges to root. This CVE provides a "complete" fix for CVE-2025-6020...

CVE-2025-8941

CVE-2025-8941 affects linux-pam pam_namespace, which may mishandle user-controlled paths, enabling local privilege escalation via symlink attacks and race conditions. The issue is described as an incomplete/overlapping fix for CVE-2025-6020 and is reflected in multiple advisories across Red Hat, ...

CVE-2025-8941 Linux-pam: incomplete fix for cve-2025-6020

A flaw was found in linux-pam. The pamnamespace module may improperly handle user-controlled paths, allowing local users to exploit symlink attacks and race conditions to elevate their privileges to root. This CVE provides a "complete" fix for CVE-2025-6020...

CVE-2025-8941

A flaw was found in linux-pam. The pamnamespace module may improperly handle user-controlled paths, allowing local users to exploit symlink attacks and race conditions to elevate their privileges to root. This CVE provides a "complete" fix for CVE-2025-6020...

Linux-pam 路径遍历漏洞

Linux-pam is a pluggable-supported system authentication software for Linux from the Linux Foundation in the United States. Linux-pam suffers from a path traversal vulnerability that stems from the pamnamespace module improperly handling user-controlled paths, which could lead to elevation of...

PT-2025-33007

Name of the Vulnerable Software and Affected Versions linux-pam affected versions not specified Description The Pluggable Authentication Modules PAM framework contains a flaw in the pam namespace module. This module improperly handles user-controlled paths, potentially allowing local users to...

ROOT-OS-ALPINE-319-CVE-2024-22365 CVE-2024-22365 in rootio-linux-pam - Patched by Root

Root has patched CVE-2024-22365 in the rootio-linux-pam package for Root:Alpine:3.19. Multiple fixed versions available...

Medium: pam

Issue Overview: A flaw was found in linux-pam. The module pamnamespace may use access user-controlled paths without proper protection, allowing local users to elevate their privileges to root via multiple symlink attacks and race conditions. CVE-2025-6020 Affected Packages: pam Issue Correction:...

Linux Distros Unpatched Vulnerability : CVE-2025-6020

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in linux-pam. The module pamnamespace may use access user-controlled paths without proper protection, allowing local users to elevate their...

Medium: pam

Issue Overview: A flaw was found in linux-pam. The module pamnamespace may use access user-controlled paths without proper protection, allowing local users to elevate their privileges to root via multiple symlink attacks and race conditions. CVE-2025-6020 Affected Packages: pam Note: This advisor...