3 matches found
CVE-2025-24032
PAM-PKCS#11 (Linux-PAM) vulnerability CVE-2025-24032 affects pam_pkcs11-0.6.0 and later up to 0.6.12/0.6.13 era, where the default cert_policy of none may bypass private-key signature checks. An attacker could create a token containing the user’s public data (e.g., certificate) and a known PIN an...
SUSE-SU-2023:2940-1 Security update for openssh
This update for openssh fixes the following issues: - CVE-2023-38408: Fixed a condition where specific libaries loaded via ssh-agent1's PKCS11 support could be abused to achieve remote code execution via a forwarded agent socket if those libraries were present on the victim's system and if the...
Weak nCipher PKCS#11 encryption
Library error may lead to uncrypted key in certificate...