|
1341
|
6.3 |
MEDIUM
Local
|
-
|
-
|
pam_usb provides hardware authentication for Linux using ordinary removable media. Prior to 0.9.0, multiple pam_usb helper tools resolved external binaries through the PATH environment variable rathe…
|
CWE-427
Uncontrolled Search Path Element
|
CVE-2026-47274
|
2026-05-28 22:57 |
2026-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1342
|
8.1 |
HIGH
Network
|
-
|
-
|
pam_usb provides hardware authentication for Linux using ordinary removable media. Prior to 0.9.1, when a PAM service is configured with deny_remote=false in pam_usb (commonly done for display manage…
|
CWE-863
Incorrect Authorization
|
CVE-2026-48064
|
2026-05-28 22:57 |
2026-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1343
|
6.7 |
MEDIUM
Local
|
-
|
-
|
pam_usb provides hardware authentication for Linux using ordinary removable media. Prior to 0.9.1, src/conf.c allocates heap memory proportional to n_devices, a count derived from libxml2 XPath evalu…
|
CWE-122
CWE-190
Heap-based Buffer Overflow
Integer Overflow or Wraparound
|
CVE-2026-48065
|
2026-05-28 22:57 |
2026-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1344
|
5.7 |
MEDIUM
Local
|
-
|
-
|
pam_usb provides hardware authentication for Linux using ordinary removable media. Prior to 0.9.1, src/log.c contains a process-wide static pointer that is written on every PAM invocation with the ad…
|
CWE-362
CWE-476
Race Condition
NULL Pointer Dereference
|
CVE-2026-48066
|
2026-05-28 22:57 |
2026-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1345
|
4.4 |
MEDIUM
Local
|
-
|
-
|
pam_usb provides hardware authentication for Linux using ordinary removable media. Prior to 0.9.1, src/evdev.c silently ignores EACCES errors when opening /dev/input/event* nodes, causing pusb_has_vi…
|
CWE-390
CWE-693
Detection of Error Condition Without Action
Protection Mechanism Failure
|
CVE-2026-48792
|
2026-05-28 22:57 |
2026-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1346
|
7.8 |
HIGH
Local
|
-
|
-
|
pam_usb provides hardware authentication for Linux using ordinary removable media. Prior to 0.8.7, pamusb-pinentry reads the PINENTRY_FALLBACK_APP environment variable and executes it directly withou…
|
CWE-78
OS Command
|
CVE-2026-44709
|
2026-05-28 22:57 |
2026-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1347
|
4.6 |
MEDIUM
Physics
|
-
|
-
|
pam_usb provides hardware authentication for Linux using ordinary removable media. Prior to 0.8.7, src/device.c passed the return values of udisks_drive_get_serial(), udisks_drive_get_vendor(), and u…
|
CWE-476
NULL Pointer Dereference
|
CVE-2026-44710
|
2026-05-28 22:57 |
2026-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1348
|
8.2 |
HIGH
Local
|
-
|
-
|
pam_usb provides hardware authentication for Linux using ordinary removable media. Prior to 0.8.7, a crafted UUID such as $(id>/tmp/rce) in the config causes root RCE when pamusb-conf --reset-pads is…
|
CWE-78
CWE-88
OS Command
Argument Injection
|
CVE-2026-44712
|
2026-05-28 22:57 |
2026-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1349
|
8.8 |
HIGH
Local
|
-
|
-
|
pam_usb provides hardware authentication for Linux using ordinary removable media. Prior to 0.8.7, src/tmux.c reads the user's $TMUX environment variable, splits it on commas, and interpolates the so…
|
CWE-78
CWE-116
OS Command
Improper Encoding or Escaping of Output
|
CVE-2026-44713
|
2026-05-28 22:57 |
2026-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1350
|
7.4 |
HIGH
Network
|
-
|
-
|
pam_usb provides hardware authentication for Linux using ordinary removable media. Prior to 0.9.0, pam_usb's deny_remote feature checks utmpx ut_addr_v6 to detect whether an authentication request o…
|
CWE-284
Improper Access Control
|
CVE-2026-47269
|
2026-05-28 22:57 |
2026-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
