CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

431 matches found

OSV•added 2025/11/12 10:27 a.m.•3 views

RHSA-2025:20181 Red Hat Security Advisory: pam security update

Bulletin has no description...

7.8CVSS7.9AI score0.0039EPSS

Exploits0References9

Snyk•added 2025/11/11 4:43 p.m.•1 views

Use of Hard-coded Credentials

Overview Affected versions of this package are vulnerable to Use of Hard-coded Credentials in the AuthN implementation. An attacker can gain unauthorized access to sensitive information, escalate privileges, and tamper with data by leveraging hard-coded credentials. Remediation Upgrade...

8.8CVSS7AI score0.00313EPSS

Exploits0References2

Snyk•added 2025/11/11 4:43 p.m.•3 views

Missing Authorization

Overview Affected versions of this package are vulnerable to Missing Authorization in the AuthN implementation. An attacker can access sensitive information by sending unauthorized requests. Remediation Upgrade github.com/NVIDIA/aistore/api/authn to version 1.3.31 or higher. References - GitHub...

6.9CVSS6.5AI score0.00748EPSS

Exploits0References2

AstraLinux•added 2025/11/01 10:54 a.m.•4 views

Astra Linux - уязвимость в pam

A vulnerability was found in PAM. The secret information is stored in memory, where the attacker can trigger the victim program to execute by sending characters to its standard input stdin. As this occurs, the attacker can train the branch predictor to execute an ROP chain speculatively. This fla...

4.7CVSS5.6AI score0.00265EPSS

Exploits0References3

CNNVD•added 2025/10/27 12:0 a.m.•4 views

OpenVPN Access Server 安全漏洞

OpenVPN Access Server is a web-based VPN management interface from OpenVPN, Inc. A security vulnerability exists in OpenVPN Access Server versions 2.14.0 through 2.14.3, which stems from the RelayState parameter in the SAML Authentication module not being filtered correctly, which could lead to...

6.4CVSS5.9AI score0.00185EPSS

Exploits0References1

Redos•added 2025/10/22 12:0 a.m.•3 views

ROS-20251022-01

Authentication and authorization module for Apache 2.x HTTP server Modauthopenidc vulnerability is related to an information disclosure. Exploitation of the vulnerability allows an attacker acting remotely to disclose protected information...

8.2CVSS7.4AI score0.0051EPSS

Exploits0

Redos•added 2025/10/14 12:0 a.m.•5 views

ROS-20251014-02

A vulnerability in the pamsmauthenticate function of the Yubico pam-u2f PAM module is related to the return of an invalid status code state. Exploitation of the vulnerability could allow an attacker to escalate privileges...

7.3CVSS7.1AI score0.00397EPSS

Exploits0