Lucene search
+L

471 matches found

osv
osv
added 2026/07/09 12:49 p.m.1 views

OESA-2026-2903 pam security update

PAM Pluggable Authentication Modules is a system of libraries that handle the authentication tasks of applications services on the system. Security Fixes: Linux-PAM through 1.7.2 contains an observable timing discrepancy CWE-208 in the pamuserdb module's plaintext-password comparison path in...

8.2CVSS6.1AI score0.00321EPSS
Exploits0References2
osv
osv
added 2026/07/09 12:49 p.m.2 views

OESA-2026-2902 pam security update

PAM Pluggable Authentication Modules is a system of libraries that handle the authentication tasks of applications services on the system. Security Fixes: Linux-PAM through 1.7.2 contains an observable timing discrepancy CWE-208 in the pamuserdb module's plaintext-password comparison path in...

8.2CVSS6.1AI score0.00321EPSS
Exploits0References2
osv
osv
added 2026/07/09 12:49 p.m.2 views

OESA-2026-2901 pam security update

PAM Pluggable Authentication Modules is a system of libraries that handle the authentication tasks of applications services on the system. Security Fixes: Linux-PAM through 1.7.2 contains an observable timing discrepancy CWE-208 in the pamuserdb module's plaintext-password comparison path in...

8.2CVSS6.1AI score0.00321EPSS
Exploits0References2
osv
osv
added 2026/07/09 12:49 p.m.3 views

OESA-2026-2900 pam security update

PAM Pluggable Authentication Modules is a system of libraries that handle the authentication tasks of applications services on the system. Security Fixes: Linux-PAM through 1.7.2 contains an observable timing discrepancy CWE-208 in the pamuserdb module's plaintext-password comparison path in...

8.2CVSS6.1AI score0.00321EPSS
Exploits0References2
nessus
nessus
added 2026/06/16 12:0 a.m.15 views

Linux Distros Unpatched Vulnerability : CVE-2026-54411

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Linux-PAM through 1.7.2 contains an observable timing discrepancy CWE-208 in the pamuserdb module's plaintext-password comparison path in...

8.2CVSS6.1AI score0.00321EPSS
Exploits0References4
cvelist
cvelist
added 2026/06/14 5:21 p.m.33 views

CVE-2026-54411

Linux-PAM through 1.7.2 contains an observable timing discrepancy CWE-208 in the pamuserdb module's plaintext-password comparison path in modules/pamuserdb/pamuserdb.c that allows a local or network-adjacent attacker able to repeatedly drive authentication through a calling service to recover the...

8.2CVSS0.00321EPSS
Exploits0References4
vulnrichment
vulnrichment
added 2026/06/14 5:21 p.m.11 views

CVE-2026-54411

Linux-PAM through 1.7.2 contains an observable timing discrepancy CWE-208 in the pamuserdb module's plaintext-password comparison path in modules/pamuserdb/pamuserdb.c that allows a local or network-adjacent attacker able to repeatedly drive authentication through a calling service to recover the...

8.2CVSS5.3AI score0.00321EPSS
Exploits0References4
debiancve
debiancve
added 2026/06/14 5:21 p.m.9 views

CVE-2026-54411

Linux-PAM through 1.7.2 contains an observable timing discrepancy CWE-208 in the pamuserdb module's plaintext-password comparison path in modules/pamuserdb/pamuserdb.c that allows a local or network-adjacent attacker able to repeatedly drive authentication through a calling service to recover the...

8.2CVSS5.3AI score0.00321EPSS
Exploits0
euvd
euvd
added 2026/06/14 5:21 p.m.14 views

EUVD-2026-36662

Linux-PAM through 1.7.2 contains an observable timing discrepancy CWE-208 in the pamuserdb module's plaintext-password comparison path in modules/pamuserdb/pamuserdb.c that allows a local or network-adjacent attacker able to repeatedly drive authentication through a calling service to recover the...

8.2CVSS5.4AI score0.00321EPSS
Exploits0References4
ptsecurity
ptsecurity
added 2026/06/14 12:0 a.m.18 views

PT-2026-49134

Name of the Vulnerable Software and Affected Versions Linux-PAM versions prior to 1.7.3 Description A timing discrepancy exists in the pam userdb module's plaintext-password comparison path within modules/pam userdb/pam userdb.c. A local or network-adjacent attacker can recover the plaintext...

8.2CVSS5.3AI score0.00321EPSS
Exploits0References21
euvd
euvd
added 2026/05/27 8:10 p.m.14 views

EUVD-2026-32655

pamusb provides hardware authentication for Linux using ordinary removable media. Prior to 0.9.0, pamusb is a PAM module loaded into the host process sudo, login, GDM, GNOME Shell. Display managers such as GDM run multiple concurrent authentication threads. Three functions used by the denyremote...

6.3CVSS5.9AI score0.00108EPSS
Exploits0References3
osv
osv
added 2026/03/22 1:0 p.m.2 views

ROOT-OS-ALPINE-318-CVE-2024-22365 CVE-2024-22365 in rootio-linux-pam - Patched by Root

Root has patched CVE-2024-22365 in the rootio-linux-pam package for Root:Alpine:3.18. Multiple fixed versions available...

5.5CVSS6.8AI score0.00459EPSS
Exploits1
nessus
nessus
added 2026/03/17 12:0 a.m.5 views

EulerOS Virtualization 2.12.0 : pam (EulerOS-SA-2026-1508)

According to the versions of the pam package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw was found in linux-pam. The module pamnamespace may use access user-controlled paths without proper protection, allowing local...

7.8CVSS5.8AI score0.00399EPSS
Exploits0References2
openvas
openvas
added 2026/03/16 12:0 a.m.4 views

Huawei EulerOS: Security Advisory for pam (EulerOS-SA-2026-1508)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS5.8AI score0.00399EPSS
Exploits0References2
openvas
openvas
added 2026/03/16 12:0 a.m.3 views

Huawei EulerOS: Security Advisory for pam (EulerOS-SA-2026-1451)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS5.8AI score0.00399EPSS
Exploits0References2
rosalinux
rosalinux
added 2026/02/16 7:27 a.m.7 views

Advisory ROSA-SA-2026-3159

Software: pam 1.3.1 OS: ROSA Virtualization 3.1 unaffected versions = pam-1.3.1-39.0.2.rv31 affected versions pam-1.3.1-39.0.2.rv31 CVE-ID: CVE-2025-6020 BDU-ID: 2025-07273 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the pamnamespace module of the Linux-PAM authentication module is caused by a...

7.8CVSS7.4AI score0.00399EPSS
Exploits0
openvas
openvas
added 2026/02/02 12:0 a.m.4 views

Huawei EulerOS: Security Advisory for pam (EulerOS-SA-2026-1137)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS8.1AI score0.00399EPSS
Exploits0References2
nessus
nessus
added 2026/01/31 12:0 a.m.5 views

EulerOS Virtualization 2.10.1 : pam (EulerOS-SA-2026-1137)

According to the versions of the pam package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw was found in linux-pam. The module pamnamespace may use access user-controlled paths without proper protection, allowing local...

7.8CVSS5.9AI score0.00399EPSS
Exploits0References3
ibm
ibm
added 2026/01/14 9:36 a.m.8 views

Security Bulletin:Vulnerability in pam affects IBM Netezza Appliance

Summary The pam package is used by IBM Netezza Appliance . IBM Netezza Appliance has addressed the applicable CVE CVE-2025-8941 Vulnerability Details CVEID:CVE-2025-8941 DESCRIPTION: A flaw was found in linux-pam. The pamnamespace module may improperly handle user-controlled paths, allowing local...

7.8CVSS5.7AI score0.00264EPSS
Exploits0Affected Software1
rocky
rocky
added 2026/01/14 9:14 a.m.10 views

pam security update

An update is available for pam. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Pluggable Authentication Modules PAM provide a system to set up authentication...

7.8CVSS6.8AI score0.00399EPSS
Exploits0
Rows per page
Query Builder