VYPR
Vendor

Linux Pam

Products
9
CVEs
35
Across products
46
Status
Private

Products

9

Recent CVEs

35
View all 35 CVEs →
  • CVE-2024-38492CriJul 15, 2024
    risk 0.61cvss epss 0.01

    This vulnerability allows an unauthenticated attacker to achieve remote command execution on the affected PAM system by uploading a specially crafted PAM upgrade file.

  • CVE-2024-36456CriJul 15, 2024
    risk 0.61cvss epss 0.01

    This vulnerability allows an unauthenticated attacker to achieve remote command execution on the affected PAM system by uploading a specially crafted PAM upgrade file.

  • CVE-2025-24505HigJan 30, 2025
    risk 0.57cvss epss 0.00

    This vulnerability allows a high-privileged authenticated PAM user to achieve remote command execution on the affected PAM system by uploading a specially crafted upgrade file.

  • CVE-2024-38494HigJul 15, 2024
    risk 0.56cvss epss 0.01

    This vulnerability allows a high-privileged authenticated PAM user to achieve remote command execution on the affected PAM system by sending a specially crafted HTTP request.

  • CVE-2025-6020HigJun 17, 2025
    risk 0.51cvss 7.8epss 0.00

    A flaw was found in linux-pam. The module pam_namespace may use access user-controlled paths without proper protection, allowing local users to elevate their privileges to root via multiple symlink attacks and race conditions.

  • CVE-2024-10963HigNov 7, 2024
    risk 0.48cvss 7.4epss 0.01

    A flaw was found in pam_access, where certain rules in its configuration file are mistakenly treated as hostnames. This vulnerability allows attackers to trick the system by pretending to be a trusted hostname, gaining unauthorized access. This issue poses a risk for systems…

  • CVE-2015-3238MedAug 24, 2015
    risk 0.42cvss 6.5epss 0.03

    The _unix_run_helper_binary function in the pam_unix module in Linux-PAM (aka pam) before 1.2.1, when unable to directly access passwords, allows local users to enumerate usernames or cause a denial of service (hang) via a large password.

  • CVE-2026-54411MedJun 14, 2026
    risk 0.38cvss 5.9epss 0.00

    Linux-PAM through 1.7.2 contains an observable timing discrepancy (CWE-208) in the pam_userdb module's plaintext-password comparison path in modules/pam_userdb/pam_userdb.c that allows a local or network-adjacent attacker able to repeatedly drive authentication through a calling…

  • CVE-2024-22365MedFeb 6, 2024
    risk 0.36cvss 5.5epss 0.00

    linux-pam (aka Linux PAM) before 1.6.0 allows attackers to cause a denial of service (blocked login process) via mkfifo because the openat call (for protect_dir) lacks O_DIRECTORY.

  • CVE-2016-4982MedJul 17, 2017
    risk 0.31cvss 4.7epss 0.00

    authd sets weak permissions for /etc/ident.key, which allows local users to obtain the key by leveraging a race condition between the creation of the key, and the chmod to protect it.

  • CVE-2003-0388Jul 24, 2003
    risk 0.03cvss epss 0.01

    pam_wheel in Linux-PAM 0.78, with the trust option enabled and the use_uid option disabled, allows local users to spoof log entries and gain privileges by causing getlogin() to return a spoofed user name.

  • CVE-2000-0843Nov 14, 2000
    risk 0.01cvss epss 0.07

    Buffer overflow in pam_smb and pam_ntdom pluggable authentication modules (PAM) allow remote attackers to execute arbitrary commands via a login with a long user name.

  • CVE-2022-28321Sep 19, 2022
    risk 0.00cvss epss 0.01

    The Linux-PAM package before 1.5.2-6.1 for openSUSE Tumbleweed allows authentication bypass for SSH logins. The pam_access.so module doesn't correctly restrict login if a user tries to connect from an IP address that is not resolvable via DNS. In such conditions, a user with…

  • CVE-2022-25625Aug 26, 2022
    risk 0.00cvss epss 0.01

    A malicious unauthorized PAM user can access the administration configuration data and change the values.

  • CVE-2020-36394Jun 22, 2021
    risk 0.00cvss epss 0.00

    pam_setquota.c in the pam_setquota module before 2020-05-29 for Linux-PAM allows local attackers to set their quota on an arbitrary filesystem, in certain situations where the attacker's home directory is a FUSE filesystem mounted under /home.

  • CVE-2020-27780Dec 17, 2020
    risk 0.00cvss epss 0.02

    A flaw was found in Linux-Pam in versions prior to 1.5.1 in the way it handle empty passwords for non-existing users. When the user doesn't exist PAM try to authenticate with root and in the case of an empty password it successfully authenticate.

  • CVE-2018-17953Nov 27, 2018
    risk 0.00cvss epss 0.01

    A incorrect variable in a SUSE specific patch for pam_access rule matching in PAM 1.3.0 in openSUSE Leap 15.0 and SUSE Linux Enterprise 15 could lead to pam_access rules not being applied (fail open).

  • CVE-2013-7041May 8, 2014
    risk 0.00cvss epss 0.02

    The pam_userdb module for Pam uses a case-insensitive method to compare hashed passwords, which makes it easier for attackers to guess the password via a brute force attack.

  • CVE-2014-2583Apr 10, 2014
    risk 0.00cvss epss 0.04

    Multiple directory traversal vulnerabilities in pam_timestamp.c in the pam_timestamp module for Linux-PAM (aka pam) 1.1.8 allow local users to create arbitrary files or possibly bypass authentication via a .. (dot dot) in the (1) PAM_RUSER value to the get_ruser function or (2)…

  • CVE-2011-3149Jul 22, 2012
    risk 0.00cvss epss 0.01

    The _expand_arg function in the pam_env module (modules/pam_env/pam_env.c) in Linux-PAM (aka pam) before 1.1.5 does not properly handle when environment variable expansion can overflow, which allows local users to cause a denial of service (CPU consumption).