Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sudo vulnerabilities and exploits
(subscribe to this query)
7.2
CVSSv3
CVE-2021-30462
VestaCP up to and including 0.9.8-24 allows the admin user to escalate privileges to root because the Sudo configuration does not require a password to run /usr/local/vesta/bin scripts.
Vestacp Vesta Control Panel
NA
CVE-2013-1068
The OpenStack Nova (python-nova) package 1:2013.2.3-0 prior to 1:2013.2.3-0ubuntu1.2 and 1:2014.1-0 prior to 1:2014.1-0ubuntu1.2 and Openstack Cinder (python-cinder) package 1:2013.2.3-0 prior to 1:2013.2.3-0ubuntu1.1 and 1:2014.1-0 prior to 1:2014.1-0ubuntu1.1 for Ubuntu 13.10 a...
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 13.10
NA
CVE-2011-5275
The install script in Domain Technologie Control (DTC) prior to 0.34.1 gives sudo permissions for chrootuid to the dtc user, which makes it easier for context-dependent users to gain privileges.
Gplhost Domain Technologie Control 0.29.8
Gplhost Domain Technologie Control 0.28.9
Gplhost Domain Technologie Control 0.32.1
Gplhost Domain Technologie Control 0.25.3
Gplhost Domain Technologie Control 0.30.6
Gplhost Domain Technologie Control 0.26.9
Gplhost Domain Technologie Control 0.29.1
Gplhost Domain Technologie Control 0.27.3
Gplhost Domain Technologie Control 0.28.4
Gplhost Domain Technologie Control
Gplhost Domain Technologie Control 0.32.3
Gplhost Domain Technologie Control 0.28.10
Gplhost Domain Technologie Control 0.25.1
Gplhost Domain Technologie Control 0.30.18
Gplhost Domain Technologie Control 0.26.8
Gplhost Domain Technologie Control 0.28.6
Gplhost Domain Technologie Control 0.28.2
Gplhost Domain Technologie Control 0.32.2
Gplhost Domain Technologie Control 0.29.14
Gplhost Domain Technologie Control 0.29.17
Gplhost Domain Technologie Control 0.26.7
Gplhost Domain Technologie Control 0.29.16
NA
CVE-2001-1240
The default configuration of sudo in Engarde Secure Linux 1.0.1 allows any user in the admin group to run certain commands that could be leveraged to gain full root access.
Engardelinux Secure Linux 1.0.1
7.8
CVSSv3
CVE-2020-10588
v2rayL 2.1.3 allows local users to achieve root access because /etc/v2rayL/add.sh and /etc/v2rayL/remove.sh are owned by a low-privileged user but execute as root via Sudo.
V2rayl Project V2rayl 2.1.3
7.8
CVSSv3
CVE-2023-36624
Loxone Miniserver Go Gen.2 up to and including 14.0.3.28 allows an authenticated operating system user to escalate privileges via the Sudo configuration. This allows the elevated execution of binaries without a password requirement.
Loxone Miniserver Go Gen 2 Firmware
6.4
CVSSv3
CVE-2023-5536
A feature in LXD (LP#1829071), affects the default configuration of Ubuntu Server which allows privileged users in the lxd group to escalate their privilege to root without requiring a sudo password.
Canonical Ubuntu Linux
6.7
CVSSv3
CVE-2016-0905
Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) in EMC Avamar Server prior to 7.3.0-233 allow local users to obtain root privileges by leveraging admin access and entering a sudo command.
Emc Avamar Server
NA
CVE-2005-1387
Cocktail 3.5.4 and possibly earlier in Mac OS X passes the administrative password on the command line to sudo in cleartext, which allows local users to gain sensitive information by running listing processes.
Kristofer Szymanski Cocktail 3.5.4
8.8
CVSSv3
CVE-2020-28909
Incorrect File Permissions in Nagios Fusion 4.1.8 and previous versions allows for Privilege Escalation to root via modification of scripts. Low-privileges users are able to modify files that can be executed by sudo.
Nagios Fusion
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »