Where
-Infinity
0

Trending

Last week
Last month
Last year

Vendor Risk Score

See how linux-pam compares to other vendors in security performance

View Risk Score →

CVE-2025-6019: LPE from allow_active to root in libblockdev via udisks

First published (updated )
https://seclists.org/oss-sec/2025/q2/263

pam: pam_namespace local privilege escalation (CVE-2025-6020)

First published (updated )
https://seclists.org/oss-sec/2025/q2/258

Linux-PAM pam_namespaceRace Condition

Risk 33
Severity
7
First published (updated )
REDHAT-BUG-2372512

IBM Cognos AnalyticsLinux-pam: linux-pam directory traversal

Risk 54
Severity
7.8
EPSS
0.02%
First published (updated )
CVE-2025-6020

pam_pkcs11: Possible Authentication Bypass in Error Situations (CVE-2025-24531)

First published (updated )
https://seclists.org/oss-sec/2025/q1/113
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

pam_pkcs11: Possible Authentication Bypass in Error Situations (CVE-2025-24531)

First published (updated )
https://seclists.org/oss-sec/2025/q1/109

pam-u2f: problematic PAM_IGNOturn values in pam_sm_authenticate() (CVE-2025-23013)

First published (updated )
https://seclists.org/oss-sec/2025/q1/27

pam-u2f: problematic PAM_IGNOturn values in pam_sm_authenticate() (CVE-2025-23013)

First published (updated )
https://seclists.org/oss-sec/2025/q1/26

pam-u2f: problematic PAM_IGNOturn values in pam_sm_authenticate() (CVE-2025-23013)

First published (updated )
https://seclists.org/oss-sec/2025/q1/25

Linux-PAM Linux-PAMPam: libpam: libpam vulnerable to read hashed password

Risk 28
Severity
4.7
First published (updated )
CVE-2024-10041
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Linux-PAM PAMA vulnerability was found in PAM. The secret is in memory, while the attacker can trigger the victim…

Risk 19
Severity
4
First published (updated )
REDHAT-BUG-2319212

CVE-2024-47191: Local root exploit in the PAM module pam_oath.so

First published (updated )
https://seclists.org/oss-sec/2024/q4/18

ubuntu/pampam: pam_namespace misses O_DIRECTORY flag in `protect_dir()` (CVE-2024-22365)

Risk 25
Severity
5.5
EPSS
0.04%
First published (updated )
CVE-2024-22365

Linux-PAM Linux-PAMThe Linux-PAM package before 1.5.2-6.1 for openSUSE Tumbleweed allows authentication bypass for SSH …

Risk 86
Severity
9.8
First published (updated )
CVE-2022-28321

redhat/pamA flaw was found in Linux-Pam in versions prior to 1.5.1 in the way it handle empty passwords for no…

Risk 89
Severity
10
First published (updated )
CVE-2020-27780
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

During a review of newly added PAM modules in the linux-pam project [1] I found a vulnerability [2] …

First published (updated )
https://seclists.org/oss-sec/2020/q2/169

Linux-PAM Linux-PAMInfoleak

Risk 41
Severity
6.5
First published (updated )
CVE-2015-3238

Linux-PAM Linux-PAMFrom the original report: "If SELinux is enabled, the _unix_run_helper_binary function in Linux-PAM …

Risk 18
Severity
4
First published (updated )
REDHAT-BUG-1228571

Linux-PAM Linux-PAMPath Traversal

Risk 35
Severity
5.8
First published (updated )
CVE-2014-2583

Linux-PAM pam_userdbIt was found that in pam_userdb module for PAM, password hashes weren't compared case-sensitively, w…

Risk 5
Severity
1
First published (updated )
REDHAT-BUG-1038555
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Linux-PAM Linux-PAMBuffer Overflow

Risk 34
Severity
4.6
First published (updated )
CVE-2011-3148

Linux-PAM Linux-PAMBuffer Overflow

Risk 13
Severity
2.1
First published (updated )
CVE-2011-3149

Linux-PAM Linux-PAMThe pam_sm_close_session function in pam_xauth.c in the pam_xauth module in Linux-PAM (aka pam) 1.1.…

Risk 28
Severity
4.9
First published (updated )
CVE-2010-4706

Linux-PAM Linux-PAMThe check_acl function in pam_xauth.c in the pam_xauth module in Linux-PAM (aka pam) 1.1.2 and earli…

Risk 28
Severity
4.9
First published (updated )
CVE-2010-4707

Linux-PAM Linux-PAMThe pam_env module in Linux-PAM (aka pam) 1.1.2 and earlier reads the .pam_environment file in a use…

Risk 63
Severity
7.2
First published (updated )
CVE-2010-4708
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Linux-PAM Linux-PAMThe privilege-dropping implementation in the (1) pam_env and (2) pam_mail modules in Linux-PAM (aka …

Risk 12
Severity
1.9
First published (updated )
CVE-2010-3431

Linux-PAM Linux-PAMpam_namespace.c in the pam_namespace module in Linux-PAM (aka pam) before 1.1.3 uses the environment…

Risk 61
Severity
6.9
First published (updated )
CVE-2010-3853

Linux-PAM Linux-PAMThe privilege-dropping implementation in the (1) pam_env and (2) pam_mail modules in Linux-PAM (aka …

Risk 26
Severity
4.7
First published (updated )
CVE-2010-3430

Linux-PAM Linux-PAMThe pam_mail and pam_env modules in Linux-PAM before 1.1.2 did not drop privileges before accessing …

Risk 19
Severity
4
First published (updated )
REDHAT-BUG-641361

Linux-PAM Linux-PAMIt was reported that pam_env and pam_mail modules do not drop privileges before accessing users' fil…

Risk 5
Severity
1
First published (updated )
REDHAT-BUG-641335
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2026 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203