Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sudo vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2014-4870
/opt/vyatta/bin/sudo-users/vyatta-clear-dhcp-lease.pl on the Brocade Vyatta 5400 vRouter 6.4R(x), 6.6R(x), and 6.7R1 does not properly validate parameters, which allows local users to gain privileges by leveraging the sudo configuration.
Brocade Vyatta 5400 Vrouter Software 6.4
Brocade Vyatta 5400 Vrouter Software 6.6
Brocade Vyatta 5400 Vrouter Software 6.7
Brocade Vyatta 5400 Vrouter -
NA
CVE-2024-37408
fprintd up to and including 1.94.3 lacks a security attention mechanism, and thus unexpected actions might be authorized by "auth sufficient pam_fprintd.so" for Sudo.
8.8
CVSSv3
CVE-2018-15359
An authenticated attacker with low privileges can use insecure sudo configuration to expand attack surface in Eltex ESP-200 firmware version 1.2.0.
Eltex Esp-200 Firmware 1.2.0
7.8
CVSSv3
CVE-2020-10587
antiX and MX Linux allow local users to achieve root access via "persist-config --command /bin/sh" because of the Sudo configuration.
Antixlinux Antix Linux -
Mxlinux Mx Linux -
9.8
CVSSv3
CVE-2022-2104
The www-data (Apache web server) account is configured to run sudo with no password for many commands (including /bin/sh and /bin/bash).
Secheron Sepcos Control And Protection Relay Firmware
7.2
CVSSv3
CVE-2021-24011
A privilege escalation vulnerability in FortiNAC version below 8.8.2 may allow an admin user to escalate the privileges to root by abusing the sudo privileges.
Fortinet Fortinac
7.8
CVSSv3
CVE-2022-31244
Nokia OneNDS 17r2 has Insecure Permissions vulnerability that allows for privilege escalation.
Nokia One-network Directory Server 17r2
7.8
CVSSv3
CVE-2021-44954
In QVIS NVR DVR prior to 2021-12-13, an attacker can escalate privileges from a qvisdvr user to the root user by abusing a Sudo misconfiguration.
Qvis Dvr Firmware
Qvis Nvr Firmware
8.8
CVSSv3
CVE-2017-5198
SolarWinds LEM (aka SIEM) prior to 6.3.1 has an incorrect sudo configuration, which allows local users to obtain root access by editing /usr/local/contego/scripts/hostname.sh.
Solarwinds Log And Event Manager
5.5
CVSSv3
CVE-2021-47546
In the Linux kernel, the following vulnerability has been resolved: ipv6: fix memory leak in fib6_rule_suppress The kernel leaks memory when a `fib` rule is present in IPv6 nftables firewall rules and a suppress_prefix rule is present in the IPv6 routing rules (used by certain to...
Linux Linux Kernel
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-30065
CVE-2024-5843
CVE-2024-30080
code execution
CVE-2024-4577
CVE-2024-26169
wireless
remote code execution
CVE-2024-36103
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »