EUVD-2026-32655

pamusb provides hardware authentication for Linux using ordinary removable media. Prior to 0.9.0, pamusb is a PAM module loaded into the host process sudo, login, GDM, GNOME Shell. Display managers such as GDM run multiple concurrent authentication threads. Three functions used by the denyremote...

ROOT-OS-ALPINE-318-CVE-2024-22365 CVE-2024-22365 in rootio-linux-pam - Patched by Root

Root has patched CVE-2024-22365 in the rootio-linux-pam package for Root:Alpine:3.18. Multiple fixed versions available...

EulerOS Virtualization 2.12.0 : pam (EulerOS-SA-2026-1508)

According to the versions of the pam package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw was found in linux-pam. The module pamnamespace may use access user-controlled paths without proper protection, allowing local...

Huawei EulerOS: Security Advisory for pam (EulerOS-SA-2026-1451)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for pam (EulerOS-SA-2026-1508)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Advisory ROSA-SA-2026-3159

Software: pam 1.3.1 OS: ROSA Virtualization 3.1 unaffected versions = pam-1.3.1-39.0.2.rv31 affected versions pam-1.3.1-39.0.2.rv31 CVE-ID: CVE-2025-6020 BDU-ID: 2025-07273 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the pamnamespace module of the Linux-PAM authentication module is caused by a...

Huawei EulerOS: Security Advisory for pam (EulerOS-SA-2026-1137)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization 2.10.1 : pam (EulerOS-SA-2026-1137)

According to the versions of the pam package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw was found in linux-pam. The module pamnamespace may use access user-controlled paths without proper protection, allowing local...

Security Bulletin:Vulnerability in pam affects IBM Netezza Appliance

Summary The pam package is used by IBM Netezza Appliance . IBM Netezza Appliance has addressed the applicable CVE CVE-2025-8941 Vulnerability Details CVEID:CVE-2025-8941 DESCRIPTION: A flaw was found in linux-pam. The pamnamespace module may improperly handle user-controlled paths, allowing local...

pam security update

An update is available for pam. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Pluggable Authentication Modules PAM provide a system to set up authentication...

RLSA-2025:20181 Important: pam security update

Pluggable Authentication Modules PAM provide a system to set up authentication policies without the need to recompile programs to handle authentication. Security Fixes: linux-pam: Linux-pam directory Traversal CVE-2025-6020 For more details about the security issues, including the impact, a CVSS...

RockyLinux 10 : pam (RLSA-2025:20181)

The remote RockyLinux 10 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2025:20181 advisory. linux-pam: Linux-pam directory Traversal CVE-2025-6020 Tenable has extracted the preceding description block directly from the RockyLinux security advisory. Not...

MiracleLinux 8 : pam-1.3.1-37.el8_10 (AXSA:2025-10421:03)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-10421:03 advisory. linux-pam: Linux-pam directory Traversal CVE-2025-6020 Tenable has extracted the preceding description block directly from the MiracleLinux security advisor...

MiracleLinux 9 : pam-1.5.1-25.el9_6 (AXSA:2025-10566:04)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-10566:04 advisory. linux-pam: Linux-pam directory Traversal CVE-2025-6020 Tenable has extracted the preceding description block directly from the MiracleLinux security advisor...

CVE-1999-0342

Linux PAM modules allow local users to gain root access using temporary files...

Security Bulletin: Vulnerability in linux-pam affects IBM Netezza Appliance

Summary The linux-pam package is used by IBM Netezza Appliance . IBM Netezza Appliance has addressed the applicable CVE CVE-2025-8941 Vulnerability Details CVEID:CVE-2025-8941 DESCRIPTION: A flaw was found in linux-pam. The pamnamespace module may improperly handle user-controlled paths, allowing...

Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-7.1.1.1)

The version of AOS installed on the remote host is prior to 7.1.1.1. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-7.1.1.1 advisory. - Improper Neutralization of Escape, Meta, or Control Sequences vulnerability in Apache Tomcat. For a subset of unlikely...

Advisory ROSA-SA-2025-3089

Software: pam 1.1.8 OS: rosa-server79 unaffected versions = pam-1.1.8-23.0.3.res7 affected versions pam-1.1.8-23.0.3.res7 CVE-ID: CVE-2025-6020 BDU-ID: 2025-07273 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the pamnamespace module of the Linux-PAM authentication module is caused by a race...

Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-6.10.1.11)

The version of AOS installed on the remote host is prior to 6.10.1.11. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-6.10.1.11 advisory. - Improper Neutralization of Escape, Meta, or Control Sequences vulnerability in Apache Tomcat. For a subset of unlikely...

AlmaLinux 10 : pam (ALSA-2025:20181)

The remote AlmaLinux 10 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:20181 advisory. linux-pam: Linux-pam directory Traversal CVE-2025-6020 Tenable has extracted the preceding description block directly from the AlmaLinux security advisory. Note...