Lucene search
K

38 matches found

EUVD
EUVD
added 2026/05/27 8:18 p.m.9 views

EUVD-2026-32659

pamusb provides hardware authentication for Linux using ordinary removable media. Prior to 0.8.7, symlink attacks on pad directory and pad files enable authentication bypass and root file corruption. This vulnerability is fixed in 0.8.7...

7.9CVSS5.8AI score0.00166EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/27 8:6 p.m.10 views

EUVD-2026-32653

pamusb provides hardware authentication for Linux using ordinary removable media. Prior to 0.9.0, the pusbpadcompare function in src/pad.c only verified that the user-side pad /.pamusb/device.pad could be read, but did not enforce that the system-side pad the pad file on the USB device was also...

7.1CVSS5.9AI score0.00119EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.11 views

pam_usb 竞争条件问题漏洞

pamusb is a Linux hardware authentication tool developed by McDope’s individual developer, based on USB devices. Versions of pamusb prior to 0.9.0 contained a race condition vulnerability. This vulnerability stemmed from the use of non-reentrant functions like strtok, which led to race conditions...

6.3CVSS5.9AI score0.00108EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.11 views

pam_usb 操作系统命令注入漏洞

pamusb is a Linux hardware authentication tool developed by McDope’s individual developer, based on USB devices. Versions of pamusb prior to 0.8.7 contained an operating system command injection vulnerability. This vulnerability stemmed from pamusb-pinentry reading the PINENTRYFALLBACKAPP...

7.8CVSS5.9AI score0.00151EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2026/04/13 12:0 a.m.12 views

Ubuntu: Security Advisory (USN-8145-4)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS6.8AI score0.0024EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.2 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004358)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004358 advisory. A potential vulnerability in the AMD extension to Linux hwmon service may allow an attacker to use the Linux-based Running Average Power Limit RAPL interface to show...

5.5CVSS6.3AI score0.00462EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/08/12 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2023-53034

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: ntbhwswitchtec: Fix shift-out-of- bounds in switchtecntbmwsettrans There is a kernel API...

7.1CVSS6.3AI score0.0018EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/08/12 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2025-38142

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: hwmon: asus-ec-sensors check sensor index in readstring Prevent a potential invalid memory...

5.5CVSS6.1AI score0.00156EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2025/06/25 12:0 a.m.8 views

Vulnerability of the w83792d_detect_subclients() function in the drivers/hwmon/w83792d.c module – This driver is used for monitoring hardware in Linux operating systems. It allows a hacker to cause system failures.

Vulnerability of the w83792ddetectsubclients function in the drivers/hwmon/w83792d.c module – The driver for monitoring hardware in Linux operating systems is vulnerable due to a NULL pointer dereferencing issue. Exploiting this vulnerability could allow an attacker to cause a system failure...

5.5CVSS6.4AI score0.00241EPSS
Exploits0References12Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/05/02 12:0 a.m.6 views

Vulnerability of the w83793_detect_subclients() function in the drivers/hwmon/w83793.c module – This driver for monitoring hardware in Linux operating systems allows a hacker to cause service failure.

Vulnerability of the w83793detectsubclients function in the drivers/hwmon/w83793.c module – The driver for monitoring hardware in Linux operating systems contains errors in its code. Exploiting this vulnerability could allow a remote attacker to cause service failures...

5.3CVSS6.8AI score0.01028EPSS
Exploits0References13Affected Software2
Ubuntu
Ubuntu
added 2025/03/13 9:40 a.m.23 views

USN-7332-3: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - PowerPC architecture; - Block layer subsystem; - GPIO subsystem; - GPU drivers; - Media drivers; - Network drivers;...

8.1CVSS7.4AI score0.03301EPSS
Exploits3
Ubuntu
Ubuntu
added 2024/06/18 11:24 p.m.200 views

USN-6818-4: Linux kernel (HWE) vulnerabilities

Alon Zahavi discovered that the NVMe-oF/TCP subsystem in the Linux kernel did not properly validate H2C PDU data, leading to a null pointer dereference vulnerability. A remote attacker could use this to cause a denial of service system crash. CVE-2023-6356, CVE-2023-6535, CVE-2023-6536 It was...

7.8CVSS6.9AI score0.78388EPSS
Exploits2
Ubuntu
Ubuntu
added 2023/04/26 1:39 p.m.164 views

USN-6043-1: Linux kernel vulnerabilities

It was discovered that the Traffic-Control Index TCINDEX implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for this CVE, kernel support for the...

7.8CVSS7AI score0.0788EPSS
Exploits15
Prion
Prion
added 2022/12/23 12:15 a.m.14 views

Code injection

Pi-Hole is a network-wide ad blocking via your own Linux hardware, AdminLTE is a Pi-hole Dashboard for stats and more. In case of an attack, the threat actor will obtain the ability to perform an unauthorized query for blocked domains on queryads endpoint. In the case of application, this...

5CVSS5.2AI score0.40162EPSS
Exploits4References3Affected Software1
Vulnrichment
Vulnrichment
added 2022/12/22 11:17 p.m.5 views

CVE-2022-23513 Pi-Hole/AdminLTE vulnerable due to improper access control in queryads endpoint

Pi-Hole is a network-wide ad blocking via your own Linux hardware, AdminLTE is a Pi-hole Dashboard for stats and more. In case of an attack, the threat actor will obtain the ability to perform an unauthorized query for blocked domains on queryads endpoint. In the case of application, this...

5.3CVSS5.6AI score0.40162EPSS
Exploits4References3
Cvelist
Cvelist
added 2022/12/22 11:17 p.m.39 views

CVE-2022-23513 Pi-Hole/AdminLTE vulnerable due to improper access control in queryads endpoint

Pi-Hole is a network-wide ad blocking via your own Linux hardware, AdminLTE is a Pi-hole Dashboard for stats and more. In case of an attack, the threat actor will obtain the ability to perform an unauthorized query for blocked domains on queryads endpoint. In the case of application, this...

5.3CVSS5.5AI score0.40162EPSS
Exploits4References3
Ubuntu
Ubuntu
added 2022/07/01 5:53 p.m.78 views

USN-5493-2: Linux kernel (HWE) vulnerability

It was discovered that the 8 Devices USB2CAN interface implementation in the Linux kernel did not properly handle certain error conditions, leading to a double-free. A local attacker could possibly use this to cause a denial of service system crash...

5.5CVSS6.6AI score0.00395EPSS
Exploits0
OpenVAS
OpenVAS
added 2020/01/29 12:0 a.m.71 views

Ubuntu: Security Advisory (USN-4255-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.2AI score0.01447EPSS
Exploits0References2
OSV
OSV
added 2018/12/04 4:49 a.m.8 views

USN-3836-2 linux-hwe, linux-gcp vulnerabilities

USN-3836-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 18.04 LTS for Ubuntu 16.04 LTS. Jann Horn discovered that the Linux kernel mishandles mapping UID or GID ranges inside...

7CVSS6.6AI score0.07611EPSS
Exploits25References3
Ubuntu
Ubuntu
added 2018/05/22 3:44 a.m.75 views

USN-3655-2: Linux kernel (Trusty HWE) vulnerabilities

USN-3655-1 fixed vulnerabilities and added mitigations in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 ESM. Jann Horn and Ken Johnson discovered that microprocessors...

8.8CVSS7.8AI score0.60631EPSS
Exploits2References1
Rows per page
Query Builder