CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

152 matches found

CVE-2026-48980

pamusb provides hardware authentication for Linux using removable media. In versions prior to 0.9.2, getenv environment variables XRDPSESSION, DISPLAY and TMUX allow environment variable injection into local-check logic. These environment variables influence whether a current session is local or...

6.3CVSS0.00018EPSS

Exploits0References2

NVD•added 5 days ago•9 views

CVE-2026-48985

pamusb provides hardware authentication for Linux using ordinary removable media. In versions 0.9.1 and below, pusbisloginctllocal can cause a NULL dereference crash when parsing loginctl output. The function calls popen and reads the result; if the Remote field is only a newline, fgets succeeds...

5.5CVSS0.00014EPSS

Exploits0References2

The Hacker News•added 2026/06/08 7:39 a.m.•21 views

UNC3753 Used Vishing and Physical Intrusions in U.S. Data Theft Extortion Campaign

Cybersecurity researchers have disclosed details of a financially motivated data theft extortion campaign that has targeted dozens of organizations across professional, legal, and financial services in the U.S. between January and May 2026. The activity has been attributed by Google Mandiant and...

5.6AI score

Exploits0

RedhatCVE•added 2026/06/05 7:12 p.m.•7 views

CVE-2026-44711

pamusb provides hardware authentication for Linux using ordinary removable media. Prior to 0.8.7, symlink attacks on pad directory and pad files enable authentication bypass and root file corruption. This vulnerability is fixed in 0.8.7...

7.9CVSS5.5AI score0.00166EPSS

Exploits0References1

EUVD•added 2026/05/27 8:6 p.m.•8 views

EUVD-2026-32653

pamusb provides hardware authentication for Linux using ordinary removable media. Prior to 0.9.0, the pusbpadcompare function in src/pad.c only verified that the user-side pad /.pamusb/device.pad could be read, but did not enforce that the system-side pad the pad file on the USB device was also...

7.1CVSS5.9AI score0.00119EPSS

Exploits0References1

EUVD•added 2026/05/27 8:3 p.m.•10 views

EUVD-2026-32652

pamusb provides hardware authentication for Linux using ordinary removable media. Prior to 0.9.0, pamusb builds XPath expressions from user-supplied identifiers PAM username, service name and device-supplied identifiers USB device serial, model, vendor to query /etc/pamusb.conf. These identifiers...

6.5CVSS5.9AI score0.00273EPSS

Exploits0References3

Positive Technologies•added 2026/05/27 12:0 a.m.•8 views

PT-2026-44109

Name of the Vulnerable Software and Affected Versions pam usb versions prior to 0.8.7 Description pam usb provides hardware authentication for Linux using removable media. The pamusb-pinentry component reads the PINENTRY FALLBACK APP environment variable and executes it without validation. A...

7.8CVSS6AI score0.00151EPSS

Exploits0References3

Positive Technologies•added 2026/05/27 12:0 a.m.•8 views

PT-2026-44090

pam usb provides hardware authentication for Linux using ordinary removable media. Prior to 0.9.1, src/log.c contains a process-wide static pointer that is written on every PAM invocation with the address of a stack-local variable. This violates the PAM re-entrancy requirement and creates a data...

5.7CVSS5.8AI score0.00116EPSS

Exploits0References4

ICS•added 2026/03/10 7:0 a.m.•3 views

Schneider Electric EcoStruxure Data Center Expert

GENERAL SECURITY RECOMMENDATIONS Schneider Electric strongly recommends the following industry cybersecurity best practices: Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network. Install physical controls so no unauthorized...

7.5CVSS6.5AI score0.00679EPSS

Exploits0References11

Tenable Nessus•added 2026/01/16 12:0 a.m.•2 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000721)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000721 advisory. The ext4orphandel function in fs/ext4/namei.c in the Linux kernel before 3.7.3 does not properly handle orphan-list entries for non-journal filesystems, which allows...

4.7CVSS6.2AI score0.00382EPSS

Exploits0References9

Tenable Nessus•added 2026/01/15 12:0 a.m.•2 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002379)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002379 advisory. The ext4orphandel function in fs/ext4/namei.c in the Linux kernel before 3.7.3 does not properly handle orphan-list entries for non-journal filesystems, which allows...

4.7CVSS6.2AI score0.00382EPSS

Exploits0References9

Tenable Nessus•added 2026/01/15 12:0 a.m.•3 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001973)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001973 advisory. The ext4orphandel function in fs/ext4/namei.c in the Linux kernel before 3.7.3 does not properly handle orphan-list entries for non-journal filesystems, which allows...

4.7CVSS6.2AI score0.00382EPSS

Exploits0References9

ICS•added 2026/01/13 8:0 a.m.•3 views

Schneider Electric EcoStruxure Power Build Rapsody (Update A)

GENERAL SECURITY RECOMMENDATIONS We strongly recommend the following industry cybersecurity best practices. Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network. Install physical controls so no unauthorized personnel can access...

6.9AI score

Exploits0References11

RedhatCVE•added 2026/01/07 9:41 a.m.•3 views

CVE-1999-0594

A Windows NT system does not restrict access to removable media drives such as a floppy disk drive or CDROM drive...

10CVSS6.9AI score0.01907EPSS

Exploits0References1

ICS•added 2025/11/11 8:0 a.m.•1 views

Schneider Electric EcoStruxure Machine SCADA Expert & Pro-face BLUE Open Studio

8.4CVSS6.2AI score0.00086EPSS

Exploits0References11

EUVD•added 2025/10/07 12:30 a.m.•8 views