28 matches found
EUVD-2025-3739
Malicious code in bioql PyPI...
EUVD-2024-37712
Malicious code in bioql PyPI...
EUVD-2024-36339
Malicious code in bioql PyPI...
EUVD-2025-3737
Malicious code in bioql PyPI...
EUVD-2024-37370
Malicious code in bioql PyPI...
Devolutions Server <= 2024.3.15.0 / 2025.1.3.0 <= 2025.1.7.0 Improper Privilege Assignment (DEVO-2025-0008)
The version of Devolutions Server installed on the remote host is prior or equal to 2024.3.15.0 or 2025.1.3.0 through 2025.1.7.0 and is, therefore, affected by an improper privilege assignment vulnerability: - Improper privilege assignment in PAM JIT privilege sets in Devolutions Server allows a...
CVE-2024-38496
The vulnerability allows a malicious low-privileged PAM user to access information about other PAM users and their group memberships...
CVE-2022-25625
A malicious unauthorized PAM user can access the administration configuration data and change the values...
CVE-2025-24503
A malicious actor can fix the session of a PAM user by tricking the user to click on a specially crafted link to the PAM server...
CVE-2025-24506
A specific authentication strategy allows to learn ids of PAM users associated with certain authentication types...
CVE-2025-24505
This vulnerability allows a high-privileged authenticated PAM user to achieve remote command execution on the affected PAM system by uploading a specially crafted upgrade file...
CVE-2025-24506
A specific authentication strategy allows to learn ids of PAM users associated with certain authentication types...
CVE-2025-24503
A malicious actor can fix the session of a PAM user by tricking the user to click on a specially crafted link to the PAM server...
CVE-2025-24506
Broadcom Symantec Privileged Access Management (PAM) is cited as affected by CVE-2025-24506. The connected PT-2025-5378 entry states: a specific authentication strategy allows learning the IDs of PAM users associated with certain authentication types, but it does not specify affected versions and...
CVE-2025-24506
A specific authentication strategy allows to learn ids of PAM users associated with certain authentication types...
CVE-2025-24505
Technical details about CVE-2025-24505, including affected products, versions, root cause, and fixes, are not publicly available in the provided connected documents. Monitor for updates.
CVE-2025-24505
This vulnerability allows a high-privileged authenticated PAM user to achieve remote command execution on the affected PAM system by uploading a specially crafted upgrade file...
CVE-2025-24505
This vulnerability allows a high-privileged authenticated PAM user to achieve remote command execution on the affected PAM system by uploading a specially crafted upgrade file...
CVE-2025-24503
Symantec Privileged Access Management (PAM) is affected by CVE-2025-24503. The PT-2025-5375 entry provides concrete details: versions prior to 4.2.1 are vulnerable to a cross-site request forgery-style issue where a malicious actor can fix ( hijack ) a PAM session by tricking a user into clicking...
CVE-2025-24503
A malicious actor can fix the session of a PAM user by tricking the user to click on a specially crafted link to the PAM server...