CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

7.2CVSS6.4AI score0.04296EPSS

EUVD-2005-0163

Malware in sbrugna...

Exploits0References10

7.5CVSS6.4AI score0.00472EPSS

EUVD-2005-1061

Malware in sbrugna...

4CVSS6.4AI score0.00275EPSS

EUVD-2015-0773

Malware in sbrugna...

7.7CVSS7.6AI score0.00623EPSS

EUVD-2017-15664

Malware in sbrugna...

SUSE CVE•added 2023/02/15 6:21 a.m.•2 views

SUSE CVE-2002-1160

The default configuration of the pamxauth module forwards MIT-Magic-Cookies to new X sessions, which could allow local users to gain root privileges by stealing the cookies from a temporary .xauth file, which is created with the original user's credentials after root uses su...

7.2CVSS6.8AI score0.00086EPSS

SUSE CVE•added 2023/02/15 5:57 a.m.•0 views

SUSE CVE-2010-3302

Buffer overflow in programs/pluto/xauth.c in the client in Openswan 2.6.25 through 2.6.28 might allow remote authenticated gateways to execute arbitrary code or cause a denial of service via long 1 ciscodnsinfo or 2 ciscodomaininfo data in a packet...

6.5CVSS7.8AI score0.06107EPSS

SUSE CVE•added 2023/02/15 5:57 a.m.•1 views

SUSE CVE-2010-3316

The runcoprocess function in pamxauth.c in the pamxauth module in Linux-PAM aka pam before 1.1.2 does not check the return values of the setuid, setgid, and setgroups system calls, which might allow local users to read arbitrary files by executing a program that relies on the pamxauth PAM check...

3.3CVSS6.4AI score0.00072EPSS

Exploits0References7

SUSE CVE•added 2023/02/15 5:55 a.m.•2 views

SUSE CVE-2010-4707

The checkacl function in pamxauth.c in the pamxauth module in Linux-PAM aka pam 1.1.2 and earlier does not verify that a certain ACL file is a regular file, which might allow local users to cause a denial of service resource consumption via a special file...

4.9CVSS6.2AI score0.00095EPSS

SUSE CVE•added 2023/02/15 5:55 a.m.•2 views

SUSE CVE-2010-4706

The pamsmclosesession function in pamxauth.c in the pamxauth module in Linux-PAM aka pam 1.1.2 and earlier does not properly handle a failure to determine a certain target uid, which might allow local users to delete unintended files by executing a program that relies on the pamxauth PAM check...

4.9CVSS6.2AI score0.00049EPSS

SUSE CVE•added 2023/02/15 5:54 a.m.•3 views

SUSE CVE-2011-0703

In gksu-polkit before 0.0.3, the source file for xauth may contain arbitrary commands that may allow an attacker to overtake an administrator X11 session...

9.8CVSS9.5AI score0.00432EPSS

SUSE CVE•added 2023/02/15 5:35 a.m.•2 views

SUSE CVE-2013-5018

The isasn1 function in strongSwan 4.1.11 through 5.0.4 does not properly validate the return value of the asn1length function, which allows remote attackers to cause a denial of service segmentation fault via a 1 XAuth username, 2 EAP identity, or 3 PEM encoded file that starts with a 0x04, 0x30,...

4.3CVSS6.9AI score0.02902EPSS

Exploits1References6

Rockylinux•added 2022/05/17 7:42 a.m.•10 views

new packages: xorg-x11-xauth

An update is available for xorg-x11-xauth. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky...

2.2AI score

Exploits0

OpenVAS•added 2021/06/09 12:0 a.m.•33 views

SUSE: Security Advisory (SUSE-SU-2016:2555-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.6AI score0.90046EPSS

Exploits30References16

UbuntuCve•added 2020/11/27 6:15 p.m.•18 views

CVE-2020-27746

Slurm before 19.05.8 and 20.x before 20.02.6 exposes Sensitive Information to an Unauthorized Actor because xauth for X11 magic cookies is affected by a race condition in a read operation on the /proc filesystem...

4.3CVSS6.8AI score0.00408EPSS