Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

56 matches found

EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2001-1150

Malware in sbrugna...

7.5CVSS6.4AI score0.00471EPSS
Exploits0References2
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2013-4183

Malware in sbrugna...

2.1CVSS6.4AI score0.00057EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2025/08/24 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2007-2243

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenSSH 4.6 and earlier, when ChallengeResponseAuthentication is enabled, allows remote attackers to determine the existence of user accounts by attempting to...

5CVSS7.6AI score0.00441EPSS
Exploits1References2
RedhatCVE
RedhatCVEadded 2025/05/22 6:46 a.m.7 views

CVE-2019-19522

OpenBSD 6.6, in a non-default configuration where S/Key or YubiKey authentication is enabled, allows local users to become root by leveraging membership in the auth group. This occurs because root's file can be written to /etc/skey or /var/db/yubikey, and need not be owned by root...

7.8CVSS6.8AI score0.00198EPSS
Exploits3References1
SUSE CVE
SUSE CVEadded 2023/02/15 6:12 a.m.1 views

SUSE CVE-2007-2243

OpenSSH 4.6 and earlier, when ChallengeResponseAuthentication is enabled, allows remote attackers to determine the existence of user accounts by attempting to authenticate via S/KEY, which displays a different response if the user account exists, a similar issue to CVE-2001-1483...

5CVSS8.2AI score0.00441EPSS
Exploits1References4
OpenVAS
OpenVASadded 2021/05/27 12:0 a.m.24 views

OpenSSH < 4.7 Improper Authentication Vulnerabilities

OpenSSH is prone to multiple improper authentication vulnerabilities. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

5CVSS6.6AI score0.00441EPSS
Exploits1References3
Tenable Nessus
Tenable Nessusadded 2020/01/06 12:0 a.m.33 views

OpenBSD 6.6 Multiple Authentication Bypass Vulnerabilities

Binary data openbsdauthbypass.nbin...

9.8CVSS8AI score0.02229EPSS
Exploits8References6
ThreatPost
ThreatPostadded 2019/12/05 4:6 p.m.135 views

OpenBSD Hit with Authentication, LPE Bugs

An authentication bypass and three local privilege-escalation LPE bugs have been uncovered in OpenBSD, the Unix-like open-source operating system known for its security protections. The most severe of the vulnerabilities is the bypass CVE-2019-19521, which is remotely exploitable. OpenBSD uses BS...

7.5CVSS1AI score0.02229EPSS
Exploits8References7
NVD
NVDadded 2019/12/05 12:15 a.m.15 views

CVE-2019-19522

OpenBSD 6.6, in a non-default configuration where S/Key or YubiKey authentication is enabled, allows local users to become root by leveraging membership in the auth group. This occurs because root's file can be written to /etc/skey or /var/db/yubikey, and need not be owned by root...

7.8CVSS7.6AI score0.00198EPSS
Exploits3References6
OSV
OSVadded 2019/12/05 12:15 a.m.2 views

CVE-2019-19522

OpenBSD 6.6, in a non-default configuration where S/Key or YubiKey authentication is enabled, allows local users to become root by leveraging membership in the auth group. This occurs because root's file can be written to /etc/skey or /var/db/yubikey, and need not be owned by root...

7.8CVSS7.3AI score0.00198EPSS
Exploits3References6
Prion
Prionadded 2019/12/05 12:15 a.m.30 views

Default configuration

OpenBSD 6.6, in a non-default configuration where S/Key or YubiKey authentication is enabled, allows local users to become root by leveraging membership in the auth group. This occurs because root's file can be written to /etc/skey or /var/db/yubikey, and need not be owned by root...

7.2CVSS7.5AI score0.00198EPSS
Exploits3References6Affected Software1
CNVD
CNVDadded 2019/12/05 12:0 a.m.0 views

OpenBSD has an unspecified vulnerability (CNVD-2019-44737)

OpenBSD is a cross-platform, BSD-based UNIX-like operating system from the Canadian OpenBSD project team. A security vulnerability exists in OpenBSD version 6.6. When the S/Key or YubiKey authentication mechanism is turned on, a local attacker can exploit the vulnerability to become the root user...

7.8CVSS6.8AI score0.00198EPSS
Exploits3References1
Packet Storm
Packet Stormadded 2019/12/05 12:0 a.m.316 views

Qualys Security Advisory - OpenBSD Authentication Bypass / Privilege Escalation

Qualys Security Advisory Authentication vulnerabilities in OpenBSD ============================================================================== Contents ============================================================================== 1. CVE-2019-19521: Authentication bypass 1.1. Analysis 1.2. Cas...

0.8AI score0.02229EPSS
Exploits8
Cvelist
Cvelistadded 2019/12/04 11:33 p.m.17 views

CVE-2019-19522

OpenBSD 6.6, in a non-default configuration where S/Key or YubiKey authentication is enabled, allows local users to become root by leveraging membership in the auth group. This occurs because root's file can be written to /etc/skey or /var/db/yubikey, and need not be owned by root...

8.2AI score0.00198EPSS
Exploits3References6
CVE
CVEadded 2019/12/04 11:33 p.m.75 views

CVE-2019-19522

OpenBSD 6.6 is affected when S/Key or YubiKey authentication is enabled (non-default). A local attacker in the auth group can escalate to root because root’s file can be written to /etc/skey or /var/db/yubikey and need not be owned by root. This CVE corresponds to CVE-2019-19522. Reported impact ...

7.8CVSS8AI score0.00198EPSS
Exploits3References6Affected Software1
OpenVAS
OpenVASadded 2015/09/29 12:0 a.m.11 views

Gentoo Security Advisory GLSA 201402-12

Gentoo Linux Local Security Checks GLSA 201402-12 SPDX-FileCopyrightText: 2015 Eero Volotinen Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription...

2.1CVSS5.1AI score0.00057EPSS
Exploits0References1
NVD
NVDadded 2014/04/28 2:9 p.m.6 views

CVE-2013-4285

A certain Gentoo patch for the PAM S/Key module does not properly clear credentials from memory, which allows local users to obtain sensitive information by reading system memory...

2.1CVSS5.8AI score0.00057EPSS
Exploits0References1
Prion
Prionadded 2014/04/28 2:9 p.m.6 views

Design/Logic Flaw

A certain Gentoo patch for the PAM S/Key module does not properly clear credentials from memory, which allows local users to obtain sensitive information by reading system memory...

2.1CVSS6.3AI score0.00057EPSS
Exploits0References1
Cvelist
Cvelistadded 2014/04/28 2:0 p.m.10 views

CVE-2013-4285

A certain Gentoo patch for the PAM S/Key module does not properly clear credentials from memory, which allows local users to obtain sensitive information by reading system memory...

5.7AI score0.00057EPSS
Exploits0References1
CVE
CVEadded 2014/04/28 2:0 p.m.34 views

CVE-2013-4285

The CVE concerns Gentoo’s patch to the PAM S/Key module that fails to clear credentials from memory. A local attacker with privileged access could inspect memory dumps to obtain cleartext credentials. Affected software is the PAM S/Key module used by Gentoo; the underlying issue is that credentia...

2.1CVSS5.9AI score0.00057EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder