Lucene search
K

93 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/18 12:0 a.m.5 views

Siemens RuggedCom Rox Path Traversal (CVE-2025-6020)

A flaw was found in linux-pam. The module pamnamespace may use access user-controlled paths without proper protection, allowing local users to elevate their privileges to root via multiple symlink attacks and race conditions. This plugin only works with Tenable.ot. Please visit...

7.8CVSS7AI score0.0039EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2026/03/16 12:0 a.m.4 views

Huawei EulerOS: Security Advisory for pam (EulerOS-SA-2026-1508)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS5.8AI score0.0039EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/03/06 12:0 a.m.7 views

NewStart CGSL MAIN 6.06 (SP) : pam Multiple Vulnerabilities (NS-SA-2026-0005)

The remote NewStart CGSL host, running version MAIN 6.06 SP, has pam packages installed that are affected by multiple vulnerabilities: - pamnamespace.c in the pamnamespace module in Linux-PAM aka pam before 1.1.3 uses the environment of the invoking application or service during execution of the...

7.2CVSS6.1AI score0.04087EPSS
Exploits2References15
Rosalinux
Rosalinux
added 2026/02/16 12:24 p.m.8 views

Advisory ROSA-SA-2026-3197

Software: pam 1.3.1 OS: ROSA Virtualization 2.1 unaffected versions = pam-1.3.1-39.rv3 affected versions pam-1.3.1-39.rv3 CVE-ID: CVE-2025-6020 BDU-ID: 2025-07273 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the pamnamespace module of the Linux-PAM authentication module is caused by a race...

7.8CVSS7AI score0.0039EPSS
Exploits0
Rosalinux
Rosalinux
added 2026/02/16 10:56 a.m.8 views

Advisory ROSA-SA-2026-3179

Software: pam 1.3.1 OS: ROSA Virtualization 3.0 unaffected versions = pam-1.3.1-39.0.2.rv30 affected versions pam-1.3.1-39.0.2.rv30 CVE-ID: CVE-2025-6020 BDU-ID: 2025-07273 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the pamnamespace module of the Linux-PAM authentication module is caused by a...

7.8CVSS7AI score0.0039EPSS
Exploits0
Rosalinux
Rosalinux
added 2026/02/16 7:27 a.m.5 views

Advisory ROSA-SA-2026-3159

Software: pam 1.3.1 OS: ROSA Virtualization 3.1 unaffected versions = pam-1.3.1-39.0.2.rv31 affected versions pam-1.3.1-39.0.2.rv31 CVE-ID: CVE-2025-6020 BDU-ID: 2025-07273 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the pamnamespace module of the Linux-PAM authentication module is caused by a...

7.8CVSS7.4AI score0.0039EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/01/31 12:0 a.m.3 views

EulerOS Virtualization 2.10.1 : pam (EulerOS-SA-2026-1137)

According to the versions of the pam package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw was found in linux-pam. The module pamnamespace may use access user-controlled paths without proper protection, allowing local...

7.8CVSS5.9AI score0.0039EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.5 views

MiracleLinux 7 : pam-1.1.8-23.0.1.0.2.el7.AXS7 (AXSA:2025-10893:07)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-10893:07 advisory. CVE-2025-6020: fix potential privilege escalation in pamnamspace CVEs: CVE-2025-6020 A flaw was found in linux-pam. The module pamnamespace may use access...

7.8CVSS5.5AI score0.0039EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2026/01/14 9:36 a.m.6 views

Security Bulletin:Vulnerability in pam affects IBM Netezza Appliance

Summary The pam package is used by IBM Netezza Appliance . IBM Netezza Appliance has addressed the applicable CVE CVE-2025-8941 Vulnerability Details CVEID:CVE-2025-8941 DESCRIPTION: A flaw was found in linux-pam. The pamnamespace module may improperly handle user-controlled paths, allowing local...

7.8CVSS5.7AI score0.00254EPSS
Exploits0Affected Software1
OpenVAS
OpenVAS
added 2025/12/19 12:0 a.m.1 views

Huawei EulerOS: Security Advisory for pam (EulerOS-SA-2025-2591)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS6.7AI score0.0039EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/12/18 12:0 a.m.5 views

EulerOS Virtualization 2.13.1 : pam (EulerOS-SA-2025-2556)

According to the versions of the pam packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw was found in linux-pam. The pamnamespace module may improperly handle user-controlled paths, allowing local users to exploit...

7.8CVSS7.6AI score0.0039EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/12/15 12:0 a.m.15 views

Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-7.1.1.1)

The version of AOS installed on the remote host is prior to 7.1.1.1. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-7.1.1.1 advisory. - Improper Neutralization of Escape, Meta, or Control Sequences vulnerability in Apache Tomcat. For a subset of unlikely...

9.8CVSS7AI score0.66933EPSS
Exploits9References14
Tenable Nessus
Tenable Nessus
added 2025/12/03 12:0 a.m.2 views

Oracle Linux 10 : ELSA-2025-20181-0: / pam (ELSA-2025-201810)

The remote Oracle Linux 10 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-201810 advisory. 1.6.1-8 - pamnamespace: fix potential privilege escalation. Resolves: CVE-2025-6020 and RHEL-101174 Tenable has extracted the preceding description block...

7.8CVSS7.7AI score0.0039EPSS
Exploits0References2
Rosalinux
Rosalinux
added 2025/12/02 1:16 p.m.6 views

Advisory ROSA-SA-2025-3089

Software: pam 1.1.8 OS: rosa-server79 unaffected versions = pam-1.1.8-23.0.3.res7 affected versions pam-1.1.8-23.0.3.res7 CVE-ID: CVE-2025-6020 BDU-ID: 2025-07273 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the pamnamespace module of the Linux-PAM authentication module is caused by a race...

7.8CVSS8.9AI score0.0039EPSS
Exploits0
OpenVAS
OpenVAS
added 2025/11/21 12:0 a.m.1 views

Huawei EulerOS: Security Advisory for pam (EulerOS-SA-2025-2442)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.9AI score0.00254EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/11/21 12:0 a.m.1 views

EulerOS 2.0 SP13 : pam (EulerOS-SA-2025-2452)

According to the versions of the pam packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in linux-pam. The pamnamespace module may improperly handle user-controlled paths, allowing local users to exploit symlink attacks a...

7.8CVSS7.5AI score0.0039EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2025/11/11 8:27 a.m.4 views

linux-pam: Linux-pam directory Traversal

A flaw was found in linux-pam. The module pamnamespace may use access user-controlled paths without proper protection, allowing local users to elevate their privileges to root via multiple symlink attacks and race conditions...

7.8CVSS7.3AI score0.0039EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2025/11/11 12:0 a.m.6 views

Amazon Linux 2023 : pam, pam-devel (ALAS2023-2025-1257)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-1257 advisory. A flaw was found in linux-pam. The pamnamespace module may improperly handle user-controlled paths, allowing local users to exploit symlink attacks and race conditions to elevate their privileges to...

7.8CVSS7.4AI score0.0039EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/11/11 12:0 a.m.8 views

Amazon Linux 2 : pam, --advisory ALAS2-2025-3057 (ALAS-2025-3057)

The version of pam installed on the remote host is prior to 1.1.8-23. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-3057 advisory. A flaw was found in linux-pam. The pamnamespace module may improperly handle user-controlled paths, allowing local users to exploit...

7.8CVSS7.5AI score0.0039EPSS
Exploits0References4
Amazon
Amazon
added 2025/11/10 12:0 a.m.3 views

Medium: pam

Issue Overview: A flaw was found in linux-pam. The pamnamespace module may improperly handle user-controlled paths, allowing local users to exploit symlink attacks and race conditions to elevate their privileges to root. This CVE provides a "complete" fix for CVE-2025-6020. CVE-2025-8941 Affected...

7.8CVSS6.3AI score0.0039EPSS
Exploits0
Rows per page
Query Builder