CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

45 matches found

CVE-2026-44709

pamusb provides hardware authentication for Linux using ordinary removable media. Prior to 0.8.7, pamusb-pinentry reads the PINENTRYFALLBACKAPP environment variable and executes it directly without any validation. Any process that can set environment variables before pamusb-pinentry is invoked ca...

7.8CVSS6AI score0.00023EPSS

Exploits0References1

Cvelist•added 2026/05/27 8:20 p.m.•36 views

CVE-2026-44709 pam_usb: PINENTRY_FALLBACK_APP environment variable allows arbitrary command execution

7.8CVSS0.00023EPSS

Exploits0References1

EUVD•added 2026/05/27 8:20 p.m.•4 views

EUVD-2026-32661

7.8CVSS6AI score0.00023EPSS

Exploits0References1

ATTACKERKB•added 2026/05/27 8:20 p.m.•7 views

CVE-2026-44709

7.8CVSS6AI score0.00023EPSS

Exploits0References2Affected Software1

Positive Technologies•added 2026/05/27 12:0 a.m.•5 views

PT-2026-44109

Name of the Vulnerable Software and Affected Versions pam usb versions prior to 0.8.7 Description pam usb provides hardware authentication for Linux using removable media. The pamusb-pinentry component reads the PINENTRY FALLBACK APP environment variable and executes it without validation. A...

7.8CVSS6AI score0.00023EPSS

Exploits0References3

CNNVD•added 2026/05/27 12:0 a.m.•4 views

pam_usb 操作系统命令注入漏洞

pamusb is a Linux hardware authentication tool developed by McDope’s individual developer, based on USB devices. Versions of pamusb prior to 0.8.7 contained an operating system command injection vulnerability. This vulnerability stemmed from pamusb-pinentry reading the PINENTRYFALLBACKAPP...

7.8CVSS5.9AI score0.00023EPSS

Exploits0References1

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2006-0079

Malware in sbrugna...

6.6CVSS6.1AI score0.00053EPSS

Exploits0References5

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2005-2025

Malware in sbrugna...

10CVSS6.4AI score0.00471EPSS

Exploits0References6

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2020-21036

Malware in sbrugna...

9.8CVSS9.3AI score0.00197EPSS

Exploits1References2

Tenable Nessus•added 2025/08/30 12:0 a.m.•3 views

Linux Distros Unpatched Vulnerability : CVE-2020-28638

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - askpassword in Tomb 2.0 through 2.7 returns a warning when pinentry-curses is used and $DISPLAY is non- empty, causing affected users' files to be encrypted wit...

9.8CVSS8.2AI score0.00197EPSS

Exploits1References2

RedhatCVE•added 2025/05/22 3:28 p.m.•5 views

CVE-2020-28638

askpassword in Tomb 2.0 through 2.7 returns a warning when pinentry-curses is used and $DISPLAY is non-empty, causing affected users' files to be encrypted with "tomb W Detected DISPLAY, but only pinentry-curses is found." as the encryption key...

9.8CVSS6.7AI score0.00197EPSS

Exploits1

SUSE CVE•added 2023/02/15 6:18 a.m.•1 views

SUSE CVE-2005-2023

The sendpinentryenvironment function in asshelp.c in gpg2 on SUSE Linux 9.3 does not properly handle certain options, which can prevent pinentry from being found and causes S/MIME signing to fail...

10CVSS7AI score0.00471EPSS

Exploits0References3

Rockylinux•added 2022/05/17 7:24 a.m.•17 views

new packages: pinentry

An update is available for pinentry. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Enterpris...

2.1AI score

Exploits0