Exploit for Inclusion of Functionality from Untrusted Control Sphere in Sudo_Project Sudo

CVE-2025-32463: Sudo Privilege Escalation chroot Este repos...

Exploit for Inclusion of Functionality from Untrusted Control Sphere in Sudo_Project Sudo

Heavily influenced/copied/based on the format of a similar repo...

Exploit for Inclusion of Functionality from Untrusted Control Sphere in Sudo_Project Sudo

📌 CVE-2025-32463 — Sudo --chroot Local Privilege Escalation...

Exploit for Inclusion of Functionality from Untrusted Control Sphere in Sudo_Project Sudo

Vulnerable: sudo 1.9.14 to 1.9.17 Patched...

Exploit for Inclusion of Functionality from Untrusted Control Sphere in Sudo_Project Sudo

CVE-2025-32463: Sudo Local Privilege Escalation Vulnerability...

EUVD-2021-1275

Malware in sbrugna...

CISA Sounds Alarm on Critical Sudo Flaw Actively Exploited in Linux and Unix Systems

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Monday added a critical security flaw impacting the Sudo command-line utility for Linux and Unix-like operating systems to its Known Exploited Vulnerabilities KEV catalog, citing evidence of active exploitation in the wild. The...

Exploit for Inclusion of Functionality from Untrusted Control Sphere in Sudo_Project Sudo

Sudo CVE-2025-32463 — PoC !GitHub last commithttps://img.s...

Exploit for Inclusion of Functionality from Untrusted Control Sphere in Sudo_Project Sudo

CVE-2025-32463 Exploit Tool This repository contains a Go-bas...

AZL-64449 CVE-2025-32462 affecting package sudo for versions less than 1.9.17-1

Sudo before 1.9.17p1, when used with a sudoers file that specifies a host that is neither the current host nor ALL, allows listed users to execute commands on unintended machines...

AZL-64464 CVE-2025-32463 affecting package sudo for versions less than 1.9.17-1

Sudo before 1.9.17p1 allows local users to obtain root access because /etc/nsswitch.conf from a user-controlled directory is used with the --chroot option...

AZL-64461 CVE-2025-32462 affecting package sudo for versions less than 1.9.17-1

Sudo before 1.9.17p1, when used with a sudoers file that specifies a host that is neither the current host nor ALL, allows listed users to execute commands on unintended machines...

PT-2025-27465

Name of the Vulnerable Software and Affected Versions: Sudo versions 1.8.8 through 1.9.17 Description: Sudo, a program designed to provide limited super user privileges, contains a vulnerability due to incorrect handling of the host -h or --host option. This flaw allows a local user to potentiall...

HashiCorp Consul: Multiple Vulnerabilities

Background HashiCorp Consul is a tool for service discovery, monitoring and configuration. Description Multiple vulnerabilities have been discovered in HashiCorp Consul. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details...

Hashicorp Consul HTTP health check endpoints returning an HTTP redirect may be abused as SSRF vector

A vulnerability was identified in Consul and Consul Enterprise “Consul” such that HTTP health check endpoints returning an HTTP redirect may be abused as a vector for server-side request forgery SSRF. This vulnerability, CVE-2022-29153, was fixed in Consul 1.9.17, 1.10.10, and 1.11.5...

PT-2022-19418 · Hashicorp +3 · Hashicorp Consul +4

Name of the Vulnerable Software and Affected Versions: HashiCorp Consul and Consul Enterprise versions 1.9.16 and earlier, 1.10.9 and earlier, 1.11.4 and earlier Description: A server-side request forgery issue may occur when the Consul client agent follows redirects returned by HTTP health check...

CVE-2020-26241

Go Ethereum, or "Geth", is the official Golang implementation of the Ethereum protocol. This is a Consensus vulnerability in Geth before version 1.9.17 which can be used to cause a chain-split where vulnerable nodes reject the canonical chain. Geth's pre-compiled dataCopy at 0x00...04 contract di...

Design/Logic Flaw

Go Ethereum, or "Geth", is the official Golang implementation of the Ethereum protocol. This is a Consensus vulnerability in Geth before version 1.9.17 which can be used to cause a chain-split where vulnerable nodes reject the canonical chain. Geth's pre-compiled dataCopy at 0x00...04 contract di...

PT-2020-16369 · Ethereum · Geth

Name of the Vulnerable Software and Affected Versions: Geth versions prior to 1.9.17 Description: This is a Consensus vulnerability in Geth that can be used to cause a chain-split where vulnerable nodes reject the canonical chain. Geth's pre-compiled dataCopy contract did a shallow copy on...