| Bug | Description |
|---|
| TEMP-0000000-6F6CD4 | Insecure mailbox generation in passwd's useradd |
| CVE-2019-19882 | shadow 4.8, in certain circumstances affecting at least Gentoo, Arch L ... |
| CVE-2018-16588 | Privilege escalation can occur in the SUSE useradd.c code in useradd, ... |
| CVE-2018-7169 | An issue was discovered in shadow 4.5. newgidmap (in shadow-utils) is ... |
| CVE-2017-20002 | The Debian shadow package before 1:4.5-1 for Shadow incorrectly lists ... |
| CVE-2017-12424 | In shadow before 4.5, the newusers tool could be made to manipulate in ... |
| CVE-2017-2616 | A race condition was found in util-linux before 2.32.1 in the way su h ... |
| CVE-2016-6252 | Integer overflow in shadow 4.2.1 allows local users to gain privileges ... |
| CVE-2011-0721 | Multiple CRLF injection vulnerabilities in (1) chfn and (2) chsh in sh ... |
| CVE-2008-5394 | /bin/login in shadow 4.0.18.1 in Debian GNU/Linux, and probably other ... |
| CVE-2006-3597 | passwd before 1:4.0.13 on Ubuntu 6.06 LTS leaves the root password bla ... |
| CVE-2006-3378 | passwd command in shadow in Ubuntu 5.04 through 6.06 LTS, when called ... |
| CVE-2006-1844 | The Debian installer for the (1) shadow 4.0.14 and (2) base-config 2.5 ... |
| CVE-2006-1376 | The installation of Debian GNU/Linux 3.1r1 from the network install CD ... |
| CVE-2006-1183 | The Ubuntu 5.10 installer does not properly clear passwords from the i ... |
| CVE-2006-1174 | useradd in shadow-utils before 4.0.3, and possibly other versions befo ... |
| CVE-2005-4890 | There is a possible tty hijacking in shadow 4.x before 4.1.5 and sudo ... |
| CVE-2004-1001 | Unknown vulnerability in the passwd_check function in Shadow 4.0.4.1, ... |
| CVE-2002-1594 | Buffer overflow in (1) grpck and (2) pwck, if installed setuid on a sy ... |