|
991
|
5.1 |
MEDIUM
Local
|
-
|
-
|
pam_usb provides hardware authentication for Linux using ordinary removable media. Prior to 0.9.0, src/mem.c implemented out-of-memory guards for xmalloc(), xrealloc(), and xstrdup() using assert(dat…
|
CWE-476
NULL Pointer Dereference
|
CVE-2026-47271
|
2026-05-28 22:57 |
2026-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
992
|
7.1 |
HIGH
Local
|
-
|
-
|
pam_usb provides hardware authentication for Linux using ordinary removable media. Prior to 0.9.0, the pusb_pad_compare() function in src/pad.c only verified that the user-side pad (~/.pamusb/device.…
|
CWE-287
CWE-908
Improper Authentication
Use of Uninitialized Resource
|
CVE-2026-47272
|
2026-05-28 22:57 |
2026-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
993
|
8.1 |
HIGH
Network
|
-
|
-
|
pam_usb provides hardware authentication for Linux using ordinary removable media. Prior to 0.9.1, when a PAM service is configured with deny_remote=false in pam_usb (commonly done for display manage…
|
CWE-863
Incorrect Authorization
|
CVE-2026-48064
|
2026-05-28 22:57 |
2026-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
994
|
6.7 |
MEDIUM
Local
|
-
|
-
|
pam_usb provides hardware authentication for Linux using ordinary removable media. Prior to 0.9.1, src/conf.c allocates heap memory proportional to n_devices, a count derived from libxml2 XPath evalu…
|
CWE-122
CWE-190
Heap-based Buffer Overflow
Integer Overflow or Wraparound
|
CVE-2026-48065
|
2026-05-28 22:57 |
2026-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
995
|
4.4 |
MEDIUM
Local
|
-
|
-
|
pam_usb provides hardware authentication for Linux using ordinary removable media. Prior to 0.9.1, src/evdev.c silently ignores EACCES errors when opening /dev/input/event* nodes, causing pusb_has_vi…
|
CWE-390
CWE-693
Detection of Error Condition Without Action
Protection Mechanism Failure
|
CVE-2026-48792
|
2026-05-28 22:57 |
2026-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
996
|
7.8 |
HIGH
Local
|
-
|
-
|
pam_usb provides hardware authentication for Linux using ordinary removable media. Prior to 0.8.7, pamusb-pinentry reads the PINENTRY_FALLBACK_APP environment variable and executes it directly withou…
|
CWE-78
OS Command
|
CVE-2026-44709
|
2026-05-28 22:57 |
2026-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
997
|
4.6 |
MEDIUM
Physics
|
-
|
-
|
pam_usb provides hardware authentication for Linux using ordinary removable media. Prior to 0.8.7, src/device.c passed the return values of udisks_drive_get_serial(), udisks_drive_get_vendor(), and u…
|
CWE-476
NULL Pointer Dereference
|
CVE-2026-44710
|
2026-05-28 22:57 |
2026-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
998
|
8.2 |
HIGH
Local
|
-
|
-
|
pam_usb provides hardware authentication for Linux using ordinary removable media. Prior to 0.8.7, a crafted UUID such as $(id>/tmp/rce) in the config causes root RCE when pamusb-conf --reset-pads is…
|
CWE-78
CWE-88
OS Command
Argument Injection
|
CVE-2026-44712
|
2026-05-28 22:57 |
2026-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
999
|
8.8 |
HIGH
Local
|
-
|
-
|
pam_usb provides hardware authentication for Linux using ordinary removable media. Prior to 0.8.7, src/tmux.c reads the user's $TMUX environment variable, splits it on commas, and interpolates the so…
|
CWE-78
CWE-116
OS Command
Improper Encoding or Escaping of Output
|
CVE-2026-44713
|
2026-05-28 22:57 |
2026-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1000
|
7.4 |
HIGH
Network
|
-
|
-
|
pam_usb provides hardware authentication for Linux using ordinary removable media. Prior to 0.9.0, pam_usb's deny_remote feature checks utmpx ut_addr_v6 to detect whether an authentication request o…
|
CWE-284
Improper Access Control
|
CVE-2026-47269
|
2026-05-28 22:57 |
2026-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
