Vulnerabilidades en mcdope
22 resultadosCVE-2026-48064HIGHpam_usb: PAM_RHOST check skipped when deny_remote=false allows XDMCP authentication bypassEPSS 0.3%CVE-2026-47269HIGHpam_usb: deny_remote feature incorrectly classifies IPv4-mapped IPv6 remote connections as localEPSS 0.3%CVE-2026-47273MEDIUMpam_usb: XPath injection via PAM-supplied identifiers in pam_usb configuration queriesEPSS 0.3%CVE-2026-44710MEDIUMpam_usb: NULL pointer dereference from UDisks device fields causes PAM crash and login denial-of-serviceEPSS 0.2%CVE-2026-44711HIGHpam_usb: Symlink attacks on pad directory and pad files enable authentication bypass and root file corruptionEPSS 0.2%CVE-2026-44713HIGHpam_usb: Command injection via $TMUX environment variable leads to RCE as rootEPSS 0.2%CVE-2026-44712HIGHpam_usb: Shell injection via device UUID and username in pamusb-conf and pamusb-agentEPSS 0.2%CVE-2026-44709HIGHpam_usb: PINENTRY_FALLBACK_APP environment variable allows arbitrary command executionEPSS 0.2%CVE-2026-48065MEDIUMpam_usb: Unchecked integer multiplication before xmalloc() in conf.c allows heap-based buffer overflow on 32-bit targetsEPSS 0.1%CVE-2026-47274MEDIUMpam_usb: Uncontrolled search path in pam_usb tools allows privilege escalation via PATH manipulationEPSS 0.1%CVE-2026-48792MEDIUMpam_usb: pusb_has_virtual_input_device() silently discards EACCES, disabling remote desktop detection under non-root executionEPSS 0.1%CVE-2026-48980MEDIUMpam_usb: getenv() used in PAM context allows environment variable injection into local-check logicEPSS 0.1%CVE-2026-47271MEDIUMpam_usb: OOM guards removed by -DNDEBUG cause NULL dereference and authentication process crashEPSS 0.1%CVE-2026-47272HIGHpam_usb: OTP pad authentication bypass via missing system pad check and uninitialized RNG bufferEPSS 0.1%CVE-2026-48066MEDIUMpam_usb: Thread-unsafe static pointer in log.c causes data race under concurrent PAM authenticationEPSS 0.1%CVE-2026-48981MEDIUMpam_usb: xmlReadFile flags=0 permits XXE network entity fetching in conf.cEPSS 0.1%CVE-2026-48985MEDIUMpam_usb: NULL Dereference Crash in pusb_is_loginctl_local when loginctl Returns Empty Remote FieldEPSS 0.1%CVE-2026-48984MEDIUMpam_usb: xfree() does not call explicit_bzero — sensitive cryptographic material may linger in freed heapEPSS 0.1%CVE-2026-47270MEDIUMpam_usb: strtok() race condition in multi-threaded PAM hosts can corrupt deny_remote resultEPSS 0.1%CVE-2026-48986MEDIUMpam_usb: Infinite loop DoS in process-tree walk when parent process exits during authenticationEPSS 0.1%