CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

RedHat Linux•added 2024/11/25 7:26 p.m.•31 views

Important: Red Hat Security Advisory: pam:1.5.1 security update

An update for the pam:1.5.1 module is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

7.4CVSS6.8AI score0.00798EPSS

Exploits0References2

RedHat Linux•added 2024/11/25 3:29 p.m.•232 views

Important: Red Hat Security Advisory: pam security update

An update for pam is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for eac...

7.4CVSS6.8AI score0.00798EPSS

Exploits0References2

AlmaLinux•added 2024/11/25 12:0 a.m.•20 views

Important: pam:1.5.1 security update

Pluggable Authentication Modules PAM provide a system to set up authentication policies without the need to recompile programs to handle authentication. Security Fixes: pam: Improper Hostname Interpretation in pamaccess Leads to Access Control Bypass CVE-2024-10963 For more details about the...

7.4CVSS7.6AI score0.00798EPSS

RedHat Linux•added 2024/11/19 4:46 a.m.•5 views

pam: libpam: Libpam vulnerable to read hashed password

A vulnerability was found in PAM. The secret information is stored in memory, where the attacker can trigger the victim program to execute by sending characters to its standard input stdin. As this occurs, the attacker can train the branch predictor to execute an ROP chain speculatively. This fla...

4.7CVSS7.4AI score0.00265EPSS

Positive Technologies•added 2024/11/06 12:0 a.m.•2 views

PT-2025-5896

Name of the Vulnerable Software and Affected Versions pam pkcs11 affected versions not specified Description The issue is related to errors in the authentication process of the PAM-PKCS11 module in Linux operating systems, specifically concerning the pam sm authenticate function. This could...

9.7CVSS8AI score0.00677EPSS

Exploits0References28

BDU FSTEC•added 2024/11/06 12:0 a.m.•3 views

Vulnerability of the Server component: The Pluggable Auth feature of the Oracle MySQL Server database management system, which allows attackers to cause service interruptions.

The vulnerability of the Oracle MySQL Server component, related to the Pluggable Auth feature of the Oracle Database Management System, involves improper cleaning or release of resources. Exploiting this vulnerability can allow an attacker to cause service interruptions using the MySQL protocol...

6.8CVSS6.4AI score0.00904EPSS

Exploits0References6Affected Software2

OSV•added 2024/10/23 2:15 p.m.•2 views

AZL-51729 CVE-2024-10041 affecting package pam for versions less than 1.5.3-4

4.7CVSS7AI score0.00265EPSS

OSV•added 2024/10/23 2:15 p.m.•1 views

DEBIAN-CVE-2024-10041

4.7CVSS6.2AI score0.00265EPSS

OSV•added 2024/10/23 2:15 p.m.•0 views

UBUNTU-CVE-2024-10041

4.7CVSS6.9AI score0.00265EPSS

Exploits0References3

Microsoft CVE•added 2024/10/23 12:0 a.m.•3 views

CVE-2024-21165

...

4.9CVSS6.4AI score0.00904EPSS

Fedora•added 2024/10/12 1:52 a.m.•8 views

[SECURITY] Fedora 39 Update: rust-brotli-7.0.0-2.fc39

A brotli compressor and decompressor that with an interface avoiding the rust stdlib. This makes it suitable for embedded devices and kernels. It is designed with a pluggable allocator so that the standard lib's allocator may be employed. The default build also includes a stdlib allocator and...

7.5AI score

Fedora•added 2024/10/12 12:20 a.m.•9 views

[SECURITY] Fedora 41 Update: rust-brotli-7.0.0-2.fc41

7.5AI score

CNNVD•added 2024/10/04 12:0 a.m.•4 views

OATH Toolkit 安全漏洞

OATH Toolkit is an open source toolkit from deepin. A security vulnerability exists in OATH Toolkit versions 2.6.7 through 2.6.11, which stems from a PAM module that allows a malicious user to compromise the environment when placing an OTP status file in a user's home directory...

7.1CVSS6.7AI score0.00341EPSS

Exploits0References10

OSV•added 2024/08/23 6:54 p.m.•11 views

GHSA-34QG-65M4-F23M Froxlor: /etc/pure-ftpd/db/mysql.conf is chmod 644 but contains <SQL_UNPRIVILEGED_PASSWORD>

Summary In Froxlor 2.1.9 and in the HEADs of the main, v2.2 and v2.1 branches , the XML templates in lib/configfiles/ set chmod 644 for /etc/pure-ftpd/db/mysql.conf, although that file contains . At least on Debian 12, all parent directories of /etc/pure-ftpd/db/mysql.conf are world readable by...

8.4CVSS7.4AI score

SUSE CVE•added 2024/08/06 4:49 a.m.•3 views

SUSE CVE-1999-0342

Linux PAM modules allow local users to gain root access using temporary files...

6.2CVSS7AI score0.00329EPSS

Exploits0References2

OSV•added 2024/07/16 11:15 p.m.•2 views

AZL-48322 CVE-2024-21165 affecting package mysql for versions less than 8.0.40-1

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Pluggable Auth. Supported versions that are affected are 8.0.37 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successfu...

4.9CVSS6.5AI score0.00904EPSS

OSV•added 2024/07/16 11:15 p.m.•2 views

AZL-48315 CVE-2024-21165 affecting package mysql for versions less than 8.0.40-1

4.9CVSS6.5AI score0.00904EPSS

OSV•added 2024/07/16 11:15 p.m.•0 views

UBUNTU-CVE-2024-21165

4.9CVSS7.2AI score0.00904EPSS

Positive Technologies•added 2024/07/15 12:0 a.m.•3 views

PT-2024-27009 · Pam · Pam

Name of the Vulnerable Software and Affected Versions: PAM system affected versions not specified Description: An improper input validation in the PAM system allows an unauthenticated attacker to achieve remote command execution by sending a specially crafted HTTP request. Recommendations: At the...

9.4CVSS7.4AI score0.00475EPSS