PT-2025-6067 · Unknown +2 · Pam Pkcs11 +2

Name of the Vulnerable Software and Affected Versions: PAM-PKCS11 versions 0.6.12 and prior Description: The issue affects a Linux-PAM login module that allows X.509 certificate-based user login. When a user presses ctrl-c/ctrl-d while being asked for a PIN, the pam pkcs11 module segfaults...

PT-2024-9530 · Drupal · Drupal Core

Name of the Vulnerable Software and Affected Versions: Drupal Core versions 10.2.0 through 10.2.1 Drupal Core versions 10.1.0 through 10.1.7 Description: A vulnerability in Drupal Core allows Excessive Allocation, which can be exploited to trigger a denial of service DOS. The issue affects certai...

[oss-security] CVE-2014-4943: Linux privilege escalation in ppp over l2tp sockets

CVE-2014-4943 is a flaw in the Linux kernel allowing an unprivileged user to escalate to kernel privilege when CONFIGPPPOL2TP is enabled. If built as a module, a work-around to limit this to just the root user would be to add this to /etc/modprobe.conf: alias pppox-proto-1 off blacklist l2tpppp...