EUVD-2026-32659

pamusb provides hardware authentication for Linux using ordinary removable media. Prior to 0.8.7, symlink attacks on pad directory and pad files enable authentication bypass and root file corruption. This vulnerability is fixed in 0.8.7...

EUVD-2026-32653

pamusb provides hardware authentication for Linux using ordinary removable media. Prior to 0.9.0, the pusbpadcompare function in src/pad.c only verified that the user-side pad /.pamusb/device.pad could be read, but did not enforce that the system-side pad the pad file on the USB device was also...

pam_usb 操作系统命令注入漏洞

pamusb is a Linux hardware authentication tool developed by McDope’s individual developer, based on USB devices. Versions of pamusb prior to 0.8.7 contained an operating system command injection vulnerability. This vulnerability stemmed from pamusb-pinentry reading the PINENTRYFALLBACKAPP...

pam_usb 竞争条件问题漏洞

pamusb is a Linux hardware authentication tool developed by McDope’s individual developer, based on USB devices. Versions of pamusb prior to 0.9.0 contained a race condition vulnerability. This vulnerability stemmed from the use of non-reentrant functions like strtok, which led to race conditions...

Ubuntu: Security Advisory (USN-8145-4)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004358)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004358 advisory. A potential vulnerability in the AMD extension to Linux hwmon service may allow an attacker to use the Linux-based Running Average Power Limit RAPL interface to show...

Linux Distros Unpatched Vulnerability : CVE-2023-53034

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: ntbhwswitchtec: Fix shift-out-of- bounds in switchtecntbmwsettrans There is a kernel API...

Linux Distros Unpatched Vulnerability : CVE-2025-38142

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: hwmon: asus-ec-sensors check sensor index in readstring Prevent a potential invalid memory...

USN-7332-3: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - PowerPC architecture; - Block layer subsystem; - GPIO subsystem; - GPU drivers; - Media drivers; - Network drivers;...

USN-6818-4: Linux kernel (HWE) vulnerabilities

Alon Zahavi discovered that the NVMe-oF/TCP subsystem in the Linux kernel did not properly validate H2C PDU data, leading to a null pointer dereference vulnerability. A remote attacker could use this to cause a denial of service system crash. CVE-2023-6356, CVE-2023-6535, CVE-2023-6536 It was...

USN-6043-1: Linux kernel vulnerabilities

It was discovered that the Traffic-Control Index TCINDEX implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for this CVE, kernel support for the...

Code injection

Pi-Hole is a network-wide ad blocking via your own Linux hardware, AdminLTE is a Pi-hole Dashboard for stats and more. In case of an attack, the threat actor will obtain the ability to perform an unauthorized query for blocked domains on queryads endpoint. In the case of application, this...

CVE-2022-23513 Pi-Hole/AdminLTE vulnerable due to improper access control in queryads endpoint

Pi-Hole is a network-wide ad blocking via your own Linux hardware, AdminLTE is a Pi-hole Dashboard for stats and more. In case of an attack, the threat actor will obtain the ability to perform an unauthorized query for blocked domains on queryads endpoint. In the case of application, this...

CVE-2022-23513 Pi-Hole/AdminLTE vulnerable due to improper access control in queryads endpoint

Pi-Hole is a network-wide ad blocking via your own Linux hardware, AdminLTE is a Pi-hole Dashboard for stats and more. In case of an attack, the threat actor will obtain the ability to perform an unauthorized query for blocked domains on queryads endpoint. In the case of application, this...

USN-5493-2: Linux kernel (HWE) vulnerability

It was discovered that the 8 Devices USB2CAN interface implementation in the Linux kernel did not properly handle certain error conditions, leading to a double-free. A local attacker could possibly use this to cause a denial of service system crash...

Ubuntu: Security Advisory (USN-4255-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-3836-2 linux-hwe, linux-gcp vulnerabilities

USN-3836-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 18.04 LTS for Ubuntu 16.04 LTS. Jann Horn discovered that the Linux kernel mishandles mapping UID or GID ranges inside...

USN-3655-2: Linux kernel (Trusty HWE) vulnerabilities

USN-3655-1 fixed vulnerabilities and added mitigations in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 ESM. Jann Horn and Ken Johnson discovered that microprocessors...

USN-3597-2 linux-hwe vulnerabilities

USN-3597-1 fixed vulnerabilities in the Linux kernel for Ubuntu 17.10. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 17.10 for Ubuntu 16.04 LTS. USNS 3541-2 and 3523-2 provided mitigations for Spectre and Meltdown CVE-2017-5715,...

USN-3581-2 linux-hwe, linux-azure, linux-gcp, linux-oem vulnerabilities

USN-3581-1 fixed vulnerabilities in the Linux kernel for Ubuntu 17.10. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 17.10 for Ubuntu 16.04 LTS. Mohamed Ghannam discovered that the IPv4 raw socket implementation in the Linux kernel contain...