Lucene search
K

15 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.9 views

EUVD-2011-4068

Malware in sbrugna...

9.8CVSS8.9AI score0.02019EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2018-20869

Malware in sbrugna...

8.2CVSS8.1AI score0.01466EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2025/08/30 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2018-9275

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In checkusertoken in util.c in the Yubico PAM module aka pamyubico 2.18 through 2.25, successful logins can leak file descriptors to the auth mapping file, whic...

8.2CVSS6.3AI score0.01466EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2025/03/13 12:0 a.m.7 views

Vulnerability of the pam_sm_authenticate() function in the Yubico PAM module, pam-u2f, which allows a intruder to elevate their privileges

The vulnerability of the pamsmauthenticate function in the Yubico PAM module, specifically in pam-u2f, is related to the return of an incorrect status code. Exploiting this vulnerability could allow attackers to increase their privileges...

7.8CVSS8AI score0.00397EPSS
Exploits0References3Affected Software2
SUSE CVE
SUSE CVE
added 2025/01/16 3:48 a.m.4 views

SUSE CVE-2025-23013

In Yubico pam-u2f before 1.3.1, local privilege escalation can sometimes occur. This product implements a Pluggable Authentication Module PAM that can be deployed to support authentication using a YubiKey or other FIDO compliant authenticators on macOS or Linux. This software package has an issue...

7.8CVSS7AI score0.00397EPSS
Exploits0References9
NVD
NVD
added 2019/11/26 5:15 a.m.29 views

CVE-2011-4120

Yubico PAM Module before 2.10 performed user authentication when 'usefirstpass' PAM configuration option was not used and the module was configured as 'sufficient' in the PAM configuration. A remote attacker could use this flaw to circumvent common authentication process and obtain access to the...

9.8CVSS9.5AI score0.02019EPSS
Exploits0References4
OSV
OSV
added 2019/11/26 5:15 a.m.6 views

CVE-2011-4120

Yubico PAM Module before 2.10 performed user authentication when 'usefirstpass' PAM configuration option was not used and the module was configured as 'sufficient' in the PAM configuration. A remote attacker could use this flaw to circumvent common authentication process and obtain access to the...

9.8CVSS7AI score0.02019EPSS
Exploits0References8
Prion
Prion
added 2019/11/26 5:15 a.m.10 views

Design/Logic Flaw

Yubico PAM Module before 2.10 performed user authentication when 'usefirstpass' PAM configuration option was not used and the module was configured as 'sufficient' in the PAM configuration. A remote attacker could use this flaw to circumvent common authentication process and obtain access to the...

7.5CVSS7.2AI score0.02019EPSS
Exploits0References4Affected Software2
Debian CVE
Debian CVE
added 2019/11/26 4:17 a.m.20 views

CVE-2011-4120

Yubico PAM Module before 2.10 performed user authentication when 'usefirstpass' PAM configuration option was not used and the module was configured as 'sufficient' in the PAM configuration. A remote attacker could use this flaw to circumvent common authentication process and obtain access to the...

9.8CVSS3.6AI score0.02019EPSS
Exploits0
OSV
OSV
added 2019/06/04 9:29 p.m.1 views

DEBIAN-CVE-2019-12209

Yubico pam-u2f 1.0.7 attempts parsing of the configured authfile default $HOME/.config/Yubico/u2fkeys as root unless openasuser was enabled, and does not properly verify that the path lacks symlinks pointing to other files on the system owned by root. If the debug option is enabled in the PAM...

7.5CVSS6.3AI score0.02885EPSS
Exploits1References1
NVD
NVD
added 2018/04/04 6:29 p.m.16 views

CVE-2018-9275

In checkusertoken in util.c in the Yubico PAM module aka pamyubico 2.18 through 2.25, successful logins can leak file descriptors to the auth mapping file, which can lead to information disclosure serial number of a device and/or DoS reaching the maximum number of file descriptors...

8.2CVSS7.8AI score0.01466EPSS
Exploits0References3
OSV
OSV
added 2018/04/04 6:29 p.m.0 views

DEBIAN-CVE-2018-9275

In checkusertoken in util.c in the Yubico PAM module aka pamyubico 2.18 through 2.25, successful logins can leak file descriptors to the auth mapping file, which can lead to information disclosure serial number of a device and/or DoS reaching the maximum number of file descriptors...

8.2CVSS7.7AI score0.01466EPSS
Exploits0References1
Prion
Prion
added 2018/04/04 6:29 p.m.8 views

Information disclosure

In checkusertoken in util.c in the Yubico PAM module aka pamyubico 2.18 through 2.25, successful logins can leak file descriptors to the auth mapping file, which can lead to information disclosure serial number of a device and/or DoS reaching the maximum number of file descriptors...

6.4CVSS7.6AI score0.01466EPSS
Exploits0References3Affected Software1
UbuntuCve
UbuntuCve
added 2018/04/04 6:29 p.m.21 views

CVE-2018-9275

In checkusertoken in util.c in the Yubico PAM module aka pamyubico 2.18 through 2.25, successful logins can leak file descriptors to the auth mapping file, which can lead to information disclosure serial number of a device and/or DoS reaching the maximum number of file descriptors...

8.2CVSS6.8AI score0.01466EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2018/04/04 6:0 p.m.15 views

CVE-2018-9275

In checkusertoken in util.c in the Yubico PAM module aka pamyubico 2.18 through 2.25, successful logins can leak file descriptors to the auth mapping file, which can lead to information disclosure serial number of a device and/or DoS reaching the maximum number of file descriptors...

8.2CVSS2.6AI score0.01466EPSS
Exploits0
Rows per page
Query Builder