Oracle Linux 9 : gnutls (ELSA-2026-4188)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-4188 advisory. - Fix PKCS11 token initialization label overflow CVE-2025-9820 Tenable has extracted the preceding description block directly from the Oracle Linux...

EUVD-2010-3319

Malware in sbrugna...

EUVD-2016-1206

Malware in sbrugna...

EUVD-2002-1429

Malware in sbrugna...

EUVD-2020-21736

Malware in sbrugna...

EUVD-2024-41536

Malicious code in bioql PyPI...

Fedora 41 : gnutls (2025-814d6183dd)

The remote Fedora 41 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-814d6183dd advisory. This updates gnutls to the latest upstream release. Notable changes are: PKCS11 cryptographic provider support Support for kTLS rekeying with kernel 6.14+...

Fedora 42 : gnutls (2025-16a24364ce)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-16a24364ce advisory. This updates gnutls to the latest upstream release. Notable changes are: PKCS11 cryptographic provider support Support for kTLS rekeying with kernel...

Exploit for Unquoted Search Path or Element in Openbsd Openssh

OpenSSH Vulnerability - CVE-2023-38408 :books: Introduct...

ROS-20250402-06

Vulnerability of pamsmauthenticate function of PAM-PKCS11 authentication module of Linux operating systems is related to authentication errors. Exploitation of the vulnerability could allow an attacker acting remotely, bypass the authentication procedure and gain unauthorized access to protected...

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 24.10 : PAM-PKCS#11 vulnerabilities (USN-7363-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 24.10 host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7363-1 advisory. Marcus Rckert and Matthias Gerstner discovered that PAM-PKCS11 did not properly handle certain...

p11-kit bug fix update

An update is available for p11-kit. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The p11-kit packages provide a mechanism to manage PKCS11 modules. The...

Linux Distros Unpatched Vulnerability : CVE-2025-24032

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PAM-PKCS11 is a Linux-PAM login module that allows a X.509 certificate based user login. Prior to version 0.6.13, if certpolicy is set to none the default value...

CVE-2025-24032

PAM-PKCS#11 (Linux-PAM) vulnerability CVE-2025-24032 affects pam_pkcs11-0.6.0 and later up to 0.6.12/0.6.13 era, where the default cert_policy of none may bypass private-key signature checks. An attacker could create a token containing the user’s public data (e.g., certificate) and a known PIN an...

CVE-2025-24032 PAM-PKCS#11 vulnerable to authentication bypass with default value for `cert_policy` (`none`)

PAM-PKCS11 is a Linux-PAM login module that allows a X.509 certificate based user login. Prior to version 0.6.13, if certpolicy is set to none the default value, then pampkcs11 will only check if the user is capable of logging into the token. An attacker may create a different token with the user...

CVE-2025-24032 PAM-PKCS#11 vulnerable to authentication bypass with default value for `cert_policy` (`none`)

PAM-PKCS11 is a Linux-PAM login module that allows a X.509 certificate based user login. Prior to version 0.6.13, if certpolicy is set to none the default value, then pampkcs11 will only check if the user is capable of logging into the token. An attacker may create a different token with the user...

CVE-2025-24031 PAM-PKCS#11 vulnerable to segmentation fault on ctrl-c/ctrl-d when asked for PIN

PAM-PKCS11 is a Linux-PAM login module that allows a X.509 certificate based user login. In versions 0.6.12 and prior, the pampkcs11 module segfaults when a user presses ctrl-c/ctrl-d when they are asked for a PIN. When a user enters no PIN at all, pamgetpwd will never initialize the password...

CVE-2025-24031 PAM-PKCS#11 vulnerable to segmentation fault on ctrl-c/ctrl-d when asked for PIN

PAM-PKCS11 is a Linux-PAM login module that allows a X.509 certificate based user login. In versions 0.6.12 and prior, the pampkcs11 module segfaults when a user presses ctrl-c/ctrl-d when they are asked for a PIN. When a user enters no PIN at all, pamgetpwd will never initialize the password...

CVE-2025-24031 PAM-PKCS#11 vulnerable to segmentation fault on ctrl-c/ctrl-d when asked for PIN

PAM-PKCS11 is a Linux-PAM login module that allows a X.509 certificate based user login. In versions 0.6.12 and prior, the pampkcs11 module segfaults when a user presses ctrl-c/ctrl-d when they are asked for a PIN. When a user enters no PIN at all, pamgetpwd will never initialize the password...

ROS-20241211-01

The vulnerability of the OpenSC smart card software toolkit and libraries is related to the fact that, that in pkcs15init buffers are partially filled with data, and initialized portions of the buffer can be accessed by bypassing the restrictions. Exploitation of the vulnerability could allow an...