CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

PAM Pluggable Authentication Modules is a system security tool that allows system administrators to set authentication policy without having to recompile programs that handle authentication...

7.8CVSS9.9AI score0.00072EPSS

Exploits0

Fedora•added 2025/06/21 1:28 a.m.•4 views

[SECURITY] Fedora 42 Update: pam-1.7.0-6.fc42

PAM Pluggable Authentication Modules is a system security tool that allows system administrators to set authentication policy without having to recompile programs that handle authentication...

7.8CVSS7.5AI score0.00072EPSS

Exploits0

RedhatCVE•added 2025/05/23 9:0 a.m.•4 views

CVE-2024-38492

This vulnerability allows an unauthenticated attacker to achieve remote command execution on the affected PAM system by uploading a specially crafted PAM upgrade file...

9.4CVSS7.6AI score0.01567EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 9:0 a.m.•3 views

CVE-2024-36455

An improper input validation allows an unauthenticated attacker to achieve remote command execution on the affected PAM system by sending a specially crafted HTTP request...

9.4CVSS7.7AI score0.0113EPSS

Exploits0References1

NVD•added 2024/07/15 2:15 p.m.•13 views

CVE-2024-38494

This vulnerability allows a high-privileged authenticated PAM user to achieve remote command execution on the affected PAM system by sending a specially crafted HTTP request...

8.6CVSS0.00558EPSS

Exploits0References1

NVD•added 2024/07/15 2:15 p.m.•10 views

CVE-2024-38492

This vulnerability allows an unauthenticated attacker to achieve remote command execution on the affected PAM system by uploading a specially crafted PAM upgrade file...

9.4CVSS0.01567EPSS

Exploits0References1

NVD•added 2024/07/15 2:15 p.m.•18 views

CVE-2024-36456

This vulnerability allows an unauthenticated attacker to achieve remote command execution on the affected PAM system by uploading a specially crafted PAM upgrade file...

9.4CVSS0.01313EPSS

Exploits0References1

NVD•added 2024/07/15 2:15 p.m.•14 views

CVE-2024-36455

An improper input validation allows an unauthenticated attacker to achieve remote command execution on the affected PAM system by sending a specially crafted HTTP request...

9.4CVSS0.0113EPSS

Exploits0References1

CVE•added 2024/07/15 2:3 p.m.•39 views

CVE-2024-38494

Broadcom Symantec Privileged Access Management (PAM) contains a vulnerability that, when exploited by a high-privileged authenticated PAM user, enables remote command execution on the affected PAM system via a specially crafted HTTP request. Affected component appears to be the PAM software itsel...

8.6CVSS6.6AI score0.00558EPSS

Exploits0References1

CVE•added 2024/07/15 1:54 p.m.•37 views

CVE-2024-38492

CVE-2024-38492 affects Broadcom Symantec Privileged Access Management (PAM). The issue is a file-upload vulnerability where unauthenticated attackers can upload a crafted PAM upgrade file to achieve remote command execution on the PAM system. Root cause cited across sources is the lack of effecti...

9.4CVSS6.9AI score0.01567EPSS

Exploits0References1

CVE•added 2024/07/15 1:31 p.m.•40 views

CVE-2024-36456

CVE-2024-36456 affects Broadcom Symantec Privileged Access Management (PAM). A code injection vulnerability allows an unauthenticated attacker to achieve remote command execution on the PAM system by uploading a specially crafted PAM upgrade file. Impact is high (remote code execution, confidenti...

9.4CVSS6.9AI score0.01313EPSS

Exploits0References1

Positive Technologies•added 2024/07/15 12:0 a.m.•1 views

PT-2024-28032 · Pam · Pam

Name of the Vulnerable Software and Affected Versions: PAM system affected versions not specified Description: The issue allows an unauthenticated attacker to achieve remote command execution on the affected PAM system by uploading a specially crafted PAM upgrade file. Recommendations: At the...

9.4CVSS7.3AI score0.01567EPSS

Exploits0References4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by