Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sudo vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-202242
Cisco ThousandEyes Enterprise Agent Virtual Appliance version thousandeyes-va-64-18.04 0.218 has an insecure sudo configuration which permits a low-privilege user to run arbitrary commands as root via the tcpdump command without a password.
NA
CVE-2023-202172
Cisco ThousandEyes Enterprise Agent Virtual Appliance version thousandeyes-va-64-18.04 0.218 has an insecure sudo configuration which permits a low-privilege user to read root-only files via the dig command without a password.
NA
CVE-2023-228092
Cisco ThousandEyes Enterprise Agent Virtual Appliance version thousandeyes-va-64-18.04 0.218 suffers from an unpatched vulnerability in sudoedit, allowed by sudo configuration, which permits a low-privilege user to modify arbitrary files as root and subsequently execute arbitrary...
NA
CVE-2023-20217
A vulnerability in the CLI of Cisco ThousandEyes Enterprise Agent, Virtual Appliance installation type, could allow an authenticated, local malicious user to elevate privileges on an affected device. This vulnerability is due to insufficient input validation by the operating syst...
Cisco Thousandeyes Enterprise Agent
Cisco Thousandeyes Recorder -
NA
CVE-2023-20224
A vulnerability in the CLI of Cisco ThousandEyes Enterprise Agent, Virtual Appliance installation type, could allow an authenticated, local malicious user to elevate privileges to root on an affected device. This vulnerability is due to insufficient input validation of user-suppl...
Cisco Thousandeyes Enterprise Agent
NA
CVE-2023-36624
Loxone Miniserver Go Gen.2 up to and including 14.0.3.28 allows an authenticated operating system user to escalate privileges via the Sudo configuration. This allows the elevated execution of binaries without a password requirement.
Loxone Miniserver Go Gen 2 Firmware
NA
CVE-2023-33747
CloudPanel v2.2.2 allows malicious users to execute a path traversal.
Mgt-commerce Cloudpanel
2 Github repositories
NA
CVE-2023-32696
CKAN is an open-source data management system for powering data hubs and data portals. Prior to versions 2.9.9 and 2.10.1, the `ckan` user (equivalent to www-data) owned code and configuration files in the docker container and the `ckan` user had the permissions to use sudo. Thes...
Okfn Ckan 2.10.0
Okfn Ckan
NA
CVE-2022-30759
In Nokia One-NDS (aka Network Directory Server) up to and including 20.9, some Sudo permissions can be exploited by some users to escalate to root privileges and execute arbitrary commands.
Nokia One-nds
NA
CVE-2022-31244
Nokia OneNDS 17r2 has Insecure Permissions vulnerability that allows for privilege escalation.
Nokia One-network Directory Server 17r2
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »