Vulnerabilities > Linux PAM > Linux PAM > 1.3.1

DATE CVE VULNERABILITY TITLE RISK
2024-02-06 CVE-2024-22365 Unspecified vulnerability in Linux-Pam
linux-pam (aka Linux PAM) before 1.6.0 allows attackers to cause a denial of service (blocked login process) via mkfifo because the openat call (for protect_dir) lacks O_DIRECTORY.
local
low complexity
linux-pam
5.5
5.5
2022-09-19 CVE-2022-28321 Improper Authentication vulnerability in Linux-Pam
The Linux-PAM package before 1.5.2-6.1 for openSUSE Tumbleweed allows authentication bypass for SSH logins.
network
low complexity
linux-pam CWE-287
critical
 9.8
9.8