528 matches found
📄 Oracle 19c / 21c Denial of Service
Oracle Database versions 19c and 21c proof of concept exploitation details for CVE-2023-22077. It illustrates that even though the "Lockdown Profile" security feature was in-place to restrict OS accessibility, an attacker is able to cause a denial of service attack that can impact all customers...
The vulnerability of the PAM-PKCS#11 authentication module in Linux operating systems allows a hacker to bypass the authentication process.
The vulnerability of the PAM-PKCS11 authentication module in Linux operating systems is related to deficiencies in the authentication process. Exploiting this vulnerability can allow a malicious actor to bypass the authentication process remotely...
CVE-2025-6018
A Local Privilege Escalation LPE vulnerability has been discovered in pam-config within Linux Pluggable Authentication Modules PAM. This flaw allows an unprivileged local attacker for example, a user logged in via SSH to obtain the elevated privileges normally reserved for a physically present,...
CVE-2025-6018
A Local Privilege Escalation LPE vulnerability has been discovered in pam-config within Linux Pluggable Authentication Modules PAM. This flaw allows an unprivileged local attacker for example, a user logged in via SSH to obtain the elevated privileges normally reserved for a physically present,...
Logwatch 7.13
Logwatch analyzes and reports on unix system logs. It is a customizable and pluggable log monitoring system which will go through the logs for a given period of time and make a customizable report. It should work right out of the package on most systems...
OESA-2025-1831 pam security update
PAM Pluggable Authentication Modules is a system of libraries that handle the authentication tasks of applications services on the system. Security Fixes: A vulnerability was found in Linux-PAM up to 1.7.0 and classified as critical.Using CWE to declare the problem leads to CWE-22. The product us...
OESA-2025-1830 pam security update
PAM Pluggable Authentication Modules is a system of libraries that handle the authentication tasks of applications services on the system. Security Fixes: A vulnerability was found in Linux-PAM up to 1.7.0 and classified as critical.Using CWE to declare the problem leads to CWE-22. The product us...
Linux-pam: linux-pam directory traversal
...
SSH-Passkeys: Leveraging Web Authentication for Passwordless SSH
We propose a method for using Web Authentication APIs for SSH authentication, enabling passwordless remote server login with passkeys. These are credentials that are managed throughout the key lifecycle by an authenticator on behalf of the user and offer strong security guarantees. Passwords rema...
Important: Red Hat Security Advisory: pam security update
An update for pam is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for eac...
RHEL 8 : pam (RHSA-2025:10358)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:10358 advisory. Pluggable Authentication Modules PAM provide a system to set up authentication policies without the need to recompile programs to handle...
RHEL 8 : pam (RHSA-2025:10359)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:10359 advisory. Pluggable Authentication Modules PAM provide a system to set up authentication policies without the need to recompile programs to handle...
RHEL 8 : pam (RHSA-2025:10361)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:10361 advisory. Pluggable Authentication Modules PAM provide a system to set up authentication policies without the need to recompile programs to handle...
OESA-2025-1746 pam security update
PAM Pluggable Authentication Modules is a system of libraries that handle the authentication tasks of applications services on the system. Security Fixes: Linux-pam is a plug-in and unplugged system authentication software for Linux teams. There is a security vulnerability in Linux-pam. This...
OESA-2025-1744 pam security update
PAM Pluggable Authentication Modules is a system of libraries that handle the authentication tasks of applications services on the system. Security Fixes: Linux-pam is a plug-in and unplugged system authentication software for Linux teams. There is a security vulnerability in Linux-pam. This...
OESA-2025-1743 pam security update
PAM Pluggable Authentication Modules is a system of libraries that handle the authentication tasks of applications services on the system. Security Fixes: Linux-pam is a plug-in and unplugged system authentication software for Linux teams. There is a security vulnerability in Linux-pam. This...
Important: Red Hat Security Advisory: pam security update
An update for pam is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...
Security update for pam
This update for pam fixes the following issues: CVE-2025-6020: pamnamespace: convert functions that may operate on a user-controlled path to operate on file descriptors instead of absolute path. And keep the bind-mount protection from protectmount as a defense in depthmeasure. bsc1244509 Patch...
SUSE-SU-2025:02001-1 Security update for pam
This update for pam fixes the following issues: - CVE-2025-6018: pamenv: Change the default to not read the user .pamenvironment file bsc1243226. - pamnamespace: convert functions that may operate on a user-controlled path to operate on file descriptors instead of absolute path bsc1244509...
OESA-2025-1601 pam security update
PAM Pluggable Authentication Modules is a system of libraries that handle the authentication tasks of applications services on the system. Security Fixes: A vulnerability was found in PAM. The secret information is stored in memory, where the attacker can trigger the victim program to execute by...