Show filters
19 Total Results
Displaying 1-10 of 19
Sort by:
Attacker Value
Unknown

CVE-2025-24507

Disclosure Date: January 30, 2025 (last updated January 31, 2025)
This vulnerability allows appliance compromise at boot time.
0
0
Attacker Value
Unknown

CVE-2025-24506

Disclosure Date: January 30, 2025 (last updated January 31, 2025)
A specific authentication strategy allows to learn ids of PAM users associated with certain authentication types.
0
0
Attacker Value
Unknown

CVE-2025-24505

Disclosure Date: January 30, 2025 (last updated January 31, 2025)
This vulnerability allows a high-privileged authenticated PAM user to achieve remote command execution on the affected PAM system by uploading a specially crafted upgrade file.
0
0
Attacker Value
Unknown

CVE-2025-24504

Disclosure Date: January 30, 2025 (last updated January 31, 2025)
An improper input validation the CSRF filter results in unsanitized user input written to the application logs.
0
0
Attacker Value
Unknown

CVE-2025-24503

Disclosure Date: January 30, 2025 (last updated January 31, 2025)
A malicious actor can fix the session of a PAM user by tricking the user to click on a specially crafted link to the PAM server.
0
0
Attacker Value
Unknown

CVE-2025-24502

Disclosure Date: January 30, 2025 (last updated January 31, 2025)
An improper session validation allows an unauthenticated attacker to cause certain request notifications to be executed in the context of an incorrect user by spoofing the client IP address.
0
0
Attacker Value
Unknown

CVE-2025-24501

Disclosure Date: January 30, 2025 (last updated January 31, 2025)
An improper input validation allows an unauthenticated attacker to alter PAM logs by sending a specially crafted HTTP request.
0
0
Attacker Value
Unknown

CVE-2025-24500

Disclosure Date: January 30, 2025 (last updated January 31, 2025)
The vulnerability allows an unauthenticated attacker to access information in PAM database.
0
0
Attacker Value
Unknown

CVE-2024-38496

Disclosure Date: July 15, 2024 (last updated July 16, 2024)
The vulnerability allows a malicious low-privileged PAM user to access information about other PAM users and their group memberships.
0
0
Attacker Value
Unknown

CVE-2024-38495

Disclosure Date: July 15, 2024 (last updated July 16, 2024)
A specific authentication strategy allows a malicious attacker to learn ids of all PAM users defined in its database.
0
0
View More Topics  Next >