Vulnerabilities > Linux PAM

DATE	CVE	VULNERABILITY TITLE	RISK
2024-02-06	CVE-2024-22365	Unspecified vulnerability in Linux-Pam linux-pam (aka Linux PAM) before 1.6.0 allows attackers to cause a denial of service (blocked login process) via mkfifo because the openat call (for protect_dir) lacks O_DIRECTORY. local low complexity linux-pam	5.5
2022-09-19	CVE-2022-28321	Improper Authentication vulnerability in Linux-Pam The Linux-PAM package before 1.5.2-6.1 for openSUSE Tumbleweed allows authentication bypass for SSH logins. network low complexity linux-pam CWE-287 critical	9.8
2020-12-18	CVE-2020-27780	Unspecified vulnerability in Linux-Pam 1.5.0 A flaw was found in Linux-Pam in versions prior to 1.5.1 in the way it handle empty passwords for non-existing users. network low complexity linux-pam critical	9.8
2015-08-24	CVE-2015-3238	Information Exposure vulnerability in multiple products The _unix_run_helper_binary function in the pam_unix module in Linux-PAM (aka pam) before 1.2.1, when unable to directly access passwords, allows local users to enumerate usernames or cause a denial of service (hang) via a large password. network low complexity linux-pam oracle CWE-200	6.5

Vulnerabilities > Linux PAM {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Linux PAM"}]}