Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
pam pam vulnerabilities and exploits
(subscribe to this query)
1000
VMScore
CVE-2004-0083
Buffer overflow in ReadFontAlias from dirfile.c of XFree86 4.1.0 up to and including 4.3.0 allows local users and remote malicious users to execute arbitrary code via a font alias file (font.alias) with a long token, a different vulnerability than CVE-2004-0084 and CVE-2004-0106.
Xfree86 Project X11r6 4.3.0
Xfree86 Project X11r6 4.1.0
Xfree86 Project X11r6 4.1.11
Xfree86 Project X11r6 4.2.1
Xfree86 Project X11r6 4.1.12
Xfree86 Project X11r6 4.2.0
Openbsd Openbsd 3.3
Openbsd Openbsd 3.4
1 EDB exploit
1000
VMScore
CVE-2004-0084
Buffer overflow in the ReadFontAlias function in XFree86 4.1.0 to 4.3.0, when using the CopyISOLatin1Lowered function, allows local or remote authenticated users to execute arbitrary code via a malformed entry in the font alias (font.alias) file, a different vulnerability than CV...
Xfree86 Project X11r6 4.2.0
Xfree86 Project X11r6 4.2.1
Xfree86 Project X11r6 4.3.0
Xfree86 Project X11r6 4.1.11
Xfree86 Project X11r6 4.1.12
Xfree86 Project X11r6 4.1.0
Openbsd Openbsd 3.3
Openbsd Openbsd 3.4
1 EDB exploit
1000
VMScore
CVE-2002-0640
Buffer overflow in sshd in OpenSSH 2.3.1 up to and including 3.3 may allow remote malicious users to execute arbitrary code via a large number of responses during challenge response authentication when OpenBSD is using PAM modules with interactive keyboard authentication (PAMAuth...
Openbsd Openssh 2.3
Openbsd Openssh 2.5
Openbsd Openssh 3.0.1
Openbsd Openssh 3.0.1p1
Openbsd Openssh 3.2.2p1
Openbsd Openssh 3.2.3p1
Openbsd Openssh 2.1.1
Openbsd Openssh 2.2
Openbsd Openssh 2.9p2
Openbsd Openssh 3.0
Openbsd Openssh 3.1p1
Openbsd Openssh 3.2
Openbsd Openssh 1.2.2
Openbsd Openssh 2.5.1
Openbsd Openssh 2.5.2
Openbsd Openssh 2.9
Openbsd Openssh 3.0.2
Openbsd Openssh 3.0.2p1
Openbsd Openssh 3.3
Openbsd Openssh 3.3p1
Openbsd Openssh 1.2.3
Openbsd Openssh 2.1
2 EDB exploits
891
VMScore
CVE-2019-5021
Versions of the Official Alpine Linux Docker images (since v3.3) contain a NULL password for the `root` user. This vulnerability appears to be the result of a regression introduced in December of 2015. Due to the nature of this issue, systems deployed using affected versions of t...
Gliderlabs Docker-alpine
Opensuse Leap 15.0
Opensuse Leap 15.1
F5 Big-ip Controller 1.2.1
3 Github repositories
890
VMScore
CVE-2020-27780
A flaw was found in Linux-Pam in versions before 1.5.1 in the way it handle empty passwords for non-existing users. When the user doesn't exist PAM try to authenticate with root and in the case of an empty password it successfully authenticate.
Linux-pam Linux-pam
890
VMScore
CVE-2016-4422
The pam_sm_authenticate function in pam_sshauth.c in libpam-sshauth might allow context-dependent malicious users to bypass authentication or gain privileges via a system user account.
Libpam-sshauth Project Libpam-sshauth -
Debian Debian Linux 8.0
890
VMScore
CVE-2016-0693
Unspecified vulnerability in Oracle Sun Solaris 10 and 11.3 allows remote malicious users to affect confidentiality, integrity, and availability via vectors related to the PAM LDAP module.
Oracle Solaris 11.3
Oracle Solaris 10
890
VMScore
CVE-2008-1668
ftpd.c in (1) wu-ftpd 2.4.2 and (2) ftpd in HP HP-UX B.11.11 assigns uid 0 to the FTP client in certain operating-system misconfigurations in which PAM authentication can succeed even though no passwd entry is available for a user, which allows remote malicious users to gain priv...
Hp Hp-ux 11.11
890
VMScore
CVE-2008-0003
Stack-based buffer overflow in the PAMBasicAuthenticator::PAMCallback function in OpenPegasus CIM management server (tog-pegasus), when compiled to use PAM and without PEGASUS_USE_PAM_STANDALONE_PROC defined, might allow remote malicious users to execute arbitrary code via unknow...
Openpegasus Management Server 2.6.1
890
VMScore
CVE-2006-3742
The KDE PAM configuration shipped with Fedora Core 5 causes KDM passwords to be cached, which allows malicious users to login without a password by attempting to log in multiple times.
Kde Kdebase 3.5.4 0.4.fc5
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
privilege escalation
CVE-2024-20696
CVE-2024-29829
CVE-2024-33999
CVE-2024-35646
physical
CVE-2024-24919
CVE-2024-31030
local users
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »