Логотип exploitDog
bind:"CVE-2025-6018"
Консоль
Логотип exploitDog

exploitDog

bind:"CVE-2025-6018"

Количество 19

Количество 19

ubuntu логотип

CVE-2025-6018

15 дней назад

A Local Privilege Escalation (LPE) vulnerability has been discovered in pam-config within Linux Pluggable Authentication Modules (PAM). This flaw allows an unprivileged local attacker (for example, a user logged in via SSH) to obtain the elevated privileges normally reserved for a physically present, "allow_active" user. The highest risk is that the attacker can then perform all allow_active yes Polkit actions, which are typically restricted to console users, potentially gaining unauthorized control over system configurations, services, or other sensitive operations.

CVSS3: 7.8
EPSS: Низкий
redhat логотип

CVE-2025-6018

около 2 месяцев назад

A Local Privilege Escalation (LPE) vulnerability has been discovered in pam-config within Linux Pluggable Authentication Modules (PAM). This flaw allows an unprivileged local attacker (for example, a user logged in via SSH) to obtain the elevated privileges normally reserved for a physically present, "allow_active" user. The highest risk is that the attacker can then perform all allow_active yes Polkit actions, which are typically restricted to console users, potentially gaining unauthorized control over system configurations, services, or other sensitive operations.

CVSS3: 7.8
EPSS: Низкий
nvd логотип

CVE-2025-6018

15 дней назад

A Local Privilege Escalation (LPE) vulnerability has been discovered in pam-config within Linux Pluggable Authentication Modules (PAM). This flaw allows an unprivileged local attacker (for example, a user logged in via SSH) to obtain the elevated privileges normally reserved for a physically present, "allow_active" user. The highest risk is that the attacker can then perform all allow_active yes Polkit actions, which are typically restricted to console users, potentially gaining unauthorized control over system configurations, services, or other sensitive operations.

CVSS3: 7.8
EPSS: Низкий
debian логотип

CVE-2025-6018

15 дней назад

A Local Privilege Escalation (LPE) vulnerability has been discovered i ...

CVSS3: 7.8
EPSS: Низкий
suse-cvrf логотип

SUSE-SU-2025:02082-1

около 1 месяца назад

Security update for pam-config

EPSS: Низкий
suse-cvrf логотип

SUSE-SU-2025:02081-1

около 1 месяца назад

Security update for pam-config

EPSS: Низкий
suse-cvrf логотип

SUSE-SU-2025:02080-1

около 1 месяца назад

Security update for pam-config

EPSS: Низкий
suse-cvrf логотип

SUSE-SU-2025:02032-1

около 2 месяцев назад

Security update for pam_pkcs11

EPSS: Низкий
suse-cvrf логотип

SUSE-SU-2025:02031-1

около 2 месяцев назад

Security update for pam_pkcs11

EPSS: Низкий
suse-cvrf логотип

SUSE-SU-2025:02026-1

около 2 месяцев назад

Security update for pam_pkcs11

EPSS: Низкий
suse-cvrf логотип

SUSE-SU-2025:02015-1

около 2 месяцев назад

Security update for gdm

EPSS: Низкий
suse-cvrf логотип

SUSE-SU-2025:02005-1

около 2 месяцев назад

Security update for gdm

EPSS: Низкий
suse-cvrf логотип

SUSE-SU-2025:02004-1

около 2 месяцев назад

Security update for gdm

EPSS: Низкий
suse-cvrf логотип

SUSE-SU-2025:02003-1

около 2 месяцев назад

Security update for gdm

EPSS: Низкий
suse-cvrf логотип

SUSE-SU-2025:02002-1

около 2 месяцев назад

Security update for gdm

EPSS: Низкий
suse-cvrf логотип

SUSE-SU-2025:02001-1

около 2 месяцев назад

Security update for pam

EPSS: Низкий
github логотип

GHSA-cg9q-xmf9-7r6w

15 дней назад

A Local Privilege Escalation (LPE) vulnerability has been discovered in pam-config within Linux Pluggable Authentication Modules (PAM). This flaw allows an unprivileged local attacker (for example, a user logged in via SSH) to obtain the elevated privileges normally reserved for a physically present, "allow_active" user. The highest risk is that the attacker can then perform all allow_active yes Polkit actions, which are typically restricted to console users, potentially gaining unauthorized control over system configurations, services, or other sensitive operations.

CVSS3: 7.8
EPSS: Низкий
fstec логотип

BDU:2025-07575

около 2 месяцев назад

Уязвимость компонента Udisks модуля аутентификации Linux-PAM, позволяющая нарушителю повысить свои привилегии до уровня root

CVSS3: 8.4
EPSS: Низкий
suse-cvrf логотип

SUSE-SU-2025:02013-1

около 2 месяцев назад

Security update for pam

EPSS: Низкий

Уязвимостей на страницу

Уязвимость
CVSS
EPSS
Опубликовано
ubuntu логотип
CVE-2025-6018

A Local Privilege Escalation (LPE) vulnerability has been discovered in pam-config within Linux Pluggable Authentication Modules (PAM). This flaw allows an unprivileged local attacker (for example, a user logged in via SSH) to obtain the elevated privileges normally reserved for a physically present, "allow_active" user. The highest risk is that the attacker can then perform all allow_active yes Polkit actions, which are typically restricted to console users, potentially gaining unauthorized control over system configurations, services, or other sensitive operations.

CVSS3: 7.8
0%
Низкий
15 дней назад
redhat логотип
CVE-2025-6018

A Local Privilege Escalation (LPE) vulnerability has been discovered in pam-config within Linux Pluggable Authentication Modules (PAM). This flaw allows an unprivileged local attacker (for example, a user logged in via SSH) to obtain the elevated privileges normally reserved for a physically present, "allow_active" user. The highest risk is that the attacker can then perform all allow_active yes Polkit actions, which are typically restricted to console users, potentially gaining unauthorized control over system configurations, services, or other sensitive operations.

CVSS3: 7.8
0%
Низкий
около 2 месяцев назад
nvd логотип
CVE-2025-6018

A Local Privilege Escalation (LPE) vulnerability has been discovered in pam-config within Linux Pluggable Authentication Modules (PAM). This flaw allows an unprivileged local attacker (for example, a user logged in via SSH) to obtain the elevated privileges normally reserved for a physically present, "allow_active" user. The highest risk is that the attacker can then perform all allow_active yes Polkit actions, which are typically restricted to console users, potentially gaining unauthorized control over system configurations, services, or other sensitive operations.

CVSS3: 7.8
0%
Низкий
15 дней назад
debian логотип
CVE-2025-6018

A Local Privilege Escalation (LPE) vulnerability has been discovered i ...

CVSS3: 7.8
0%
Низкий
15 дней назад
suse-cvrf логотип
SUSE-SU-2025:02082-1

Security update for pam-config

0%
Низкий
около 1 месяца назад
suse-cvrf логотип
SUSE-SU-2025:02081-1

Security update for pam-config

0%
Низкий
около 1 месяца назад
suse-cvrf логотип
SUSE-SU-2025:02080-1

Security update for pam-config

0%
Низкий
около 1 месяца назад
suse-cvrf логотип
SUSE-SU-2025:02032-1

Security update for pam_pkcs11

0%
Низкий
около 2 месяцев назад
suse-cvrf логотип
SUSE-SU-2025:02031-1

Security update for pam_pkcs11

0%
Низкий
около 2 месяцев назад
suse-cvrf логотип
SUSE-SU-2025:02026-1

Security update for pam_pkcs11

0%
Низкий
около 2 месяцев назад
suse-cvrf логотип
SUSE-SU-2025:02015-1

Security update for gdm

0%
Низкий
около 2 месяцев назад
suse-cvrf логотип
SUSE-SU-2025:02005-1

Security update for gdm

0%
Низкий
около 2 месяцев назад
suse-cvrf логотип
SUSE-SU-2025:02004-1

Security update for gdm

0%
Низкий
около 2 месяцев назад
suse-cvrf логотип
SUSE-SU-2025:02003-1

Security update for gdm

0%
Низкий
около 2 месяцев назад
suse-cvrf логотип
SUSE-SU-2025:02002-1

Security update for gdm

0%
Низкий
около 2 месяцев назад
suse-cvrf логотип
SUSE-SU-2025:02001-1

Security update for pam

0%
Низкий
около 2 месяцев назад
github логотип
GHSA-cg9q-xmf9-7r6w

A Local Privilege Escalation (LPE) vulnerability has been discovered in pam-config within Linux Pluggable Authentication Modules (PAM). This flaw allows an unprivileged local attacker (for example, a user logged in via SSH) to obtain the elevated privileges normally reserved for a physically present, "allow_active" user. The highest risk is that the attacker can then perform all allow_active yes Polkit actions, which are typically restricted to console users, potentially gaining unauthorized control over system configurations, services, or other sensitive operations.

CVSS3: 7.8
0%
Низкий
15 дней назад
fstec логотип
BDU:2025-07575

Уязвимость компонента Udisks модуля аутентификации Linux-PAM, позволяющая нарушителю повысить свои привилегии до уровня root

CVSS3: 8.4
0%
Низкий
около 2 месяцев назад
suse-cvrf логотип
SUSE-SU-2025:02013-1

Security update for pam

около 2 месяцев назад

Уязвимостей на страницу