Your submission was sent successfully! Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports


Toggle filters

11 – 20 of 79 results


CVE-2020-27780

High priority
Not affected

A flaw was found in Linux-Pam in versions prior to 1.5.1 in the way it handle empty passwords for non-existing users. When the user doesn't exist PAM try to authenticate with root and in the case of an empty password...

1 affected packages

pam

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
pam Not affected Not affected Not affected
Show less packages

CVE-2020-27743

Medium priority
Needs evaluation

libtac in pam_tacplus through 1.5.1 lacks a check for a failure of RAND_bytes()/RAND_pseudo_bytes(). This could lead to use of a non-random/predictable session_id.

1 affected packages

libpam-tacplus

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libpam-tacplus Not in release Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2020-13881

Low priority

Some fixes available 3 of 11

In support.c in pam_tacplus 1.3.8 through 1.5.1, the TACACS+ shared secret gets logged via syslog if the DEBUG loglevel and journald are used.

1 affected packages

libpam-tacplus

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libpam-tacplus Not in release Needs evaluation Fixed Fixed Fixed
Show less packages

CVE-2020-10595

Medium priority
Fixed

pam-krb5 before 4.9 has a buffer overflow that might cause remote code execution in situations involving supplemental prompting by a Kerberos library. It may overflow a buffer provided by the underlying Kerberos library by a...

1 affected packages

libpam-krb5

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libpam-krb5 Fixed Fixed
Show less packages

CVE-2020-1931

Medium priority
Fixed

A command execution issue was found in Apache SpamAssassin prior to 3.4.3. Carefully crafted nefarious Configuration (.cf) files can be configured to run system commands similar to CVE-2018-11805. This issue is less stealthy and...

1 affected packages

spamassassin

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
spamassassin Fixed Fixed
Show less packages

CVE-2020-1930

Medium priority
Fixed

A command execution issue was found in Apache SpamAssassin prior to 3.4.3. Carefully crafted nefarious rule configuration (.cf) files can be configured to run system commands similar to CVE-2018-11805. With this bug unpatched,...

1 affected packages

spamassassin

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
spamassassin Fixed Fixed
Show less packages

CVE-2019-12420

Medium priority
Fixed

In Apache SpamAssassin before 3.4.3, a message can be crafted in a way to use excessive resources. Upgrading to SA 3.4.3 as soon as possible is the recommended fix but details will not be shared publicly.

1 affected packages

spamassassin

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
spamassassin Fixed Fixed
Show less packages

CVE-2018-11805

Medium priority
Fixed

In Apache SpamAssassin before 3.4.3, nefarious CF files can be configured to run system commands without any output or errors. With this, exploits can be injected in a number of scenarios. In addition to upgrading to SA 3.4.3, we...

1 affected packages

spamassassin

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
spamassassin Fixed Fixed
Show less packages

CVE-2012-2350

Medium priority
Ignored

pam_shield before 0.9.4: Default configuration does not perform protective action

1 affected packages

pam-shield

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
pam-shield Not affected
Show less packages

CVE-2019-16729

Medium priority

Some fixes available 2 of 4

pam-python before 1.0.7-1 has an issue in regard to the default environment variable handling of Python, which could allow for local root escalation in certain PAM setups.

1 affected packages

pam-python

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
pam-python Not affected Fixed Fixed
Show less packages