CVE-2025-14287

creationtimestamp| type| source ---|---|--- 2026-04-14 20:37:08+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mjiabzzpsw2y...

a2 (>=0.1.0 <=0.3.17), abadpour (>=6.13.1 <=7.24.1) +946 more potentially affected by CVE-2025-14287 via mlflow (>=0.8.2 <=3.6.0rc0)

mlflow PYPI version =0.8.2, =0.1.0, =6.13.1, =9.273.1, =1.1.0, =0.1.0, =0.1.0, =0.4.4, =0.3.0, =0.0.5, =1.0.0, =0.1.0, =1.1.1 - ai-helpers-pytorch-utils =0.1.0a1 - ailine-core =0.5.5 and more Source cves: CVE-2025-14287 Source advisory: OSV:GHSA-XCH3-2F9X-WH9F...

abadpour (>=6.13.1 <=7.24.1), abcli (>=9.273.1 <=9.572.1) +751 more potentially affected by CVE-2025-14287 via mlflow-skinny (>=3.0.0 <=3.8.0)

mlflow-skinny PYPI version =3.0.0, =6.13.1, =9.273.1, =2.0.0, =0.1.0, =0.1.0, =0.4.4, =0.3.0, =0.1.0, =1.0.0, =0.1.0, =0.20.9, =0.21.10 and more Source cves: CVE-2025-14287 Source advisory: SNYK:PYTHON-MLFLOWSKINNY-16698158...

abadpour (>=6.13.1 <=7.24.1), abcli (>=9.273.1 <=9.572.1) +694 more potentially affected by CVE-2025-14287 via mlflow (>=3.0.0rc2 <=3.6.0rc0)

mlflow PYPI version =3.0.0rc2, =6.13.1, =9.273.1, =2.0.0, =0.1.0, =0.1.0, =0.4.4, =0.3.0, =0.1.0, =1.0.0, =0.1.0, =0.20.9, =0.21.10 and more Source cves: CVE-2025-14287 Source advisory: SNYK:PYTHON-MLFLOW-15674468...

MiracleLinux 7 : sudo-1.8.23-4.el7.1 (AXSA:2019-4363:03)

The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2019-4363:03 advisory. Security Fix - sudoALL Runas ID 0xffffffff PAM CVE-2019-14287 CVEJVNhttp://jvndb.jvn.jp/ Tenable has extracted the preceding description block directly from...

TencentOS Server 3: sudo (TSSA-2022:0113)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2022:0113 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

RHEL 5 : sudo (RHSA-2019:4191)

The remote Redhat Enterprise Linux 5 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2019:4191 advisory. The sudo packages contain the sudo utility which allows system administrators to provide certain users with the permission to execute privileged...

K53746212: Sudo vulnerability CVE-2019-14287

Security Advisory Description In Sudo before 1.8.28, an attacker with access to a Runas ALL sudoer account can bypass certain policy blacklists and session PAM modules, and can cause incorrect logging, by invoking sudo with a crafted user ID. For example, this allows bypass of !root configuration...

Mageia: Security Advisory (MGASA-2019-0298)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2019:14193-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2019:2656-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2019:2666-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2019:2667-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2019:2668-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CentOS 8 : sudo (CESA-2019:3694)

The remote CentOS Linux 8 host has a package installed that is affected by a vulnerability as referenced in the CESA-2019:3694 advisory. - sudo: Privilege escalation via 'Runas' specification with 'ALL' keyword CVE-2019-14287 Note that Nessus has not tested for this issue but has instead relied...

Virtuozzo 6 : sudo / sudo-devel (VZLSA-2019-3755)

An update for sudo is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

sudo security, bug fix, and enhancement update

1.8.29-5 - RHEL 8.2 ERRATUM - CVE-2019-18634 Resolves: rhbz1798093 1.8.29-4 - RHEL 8.2 ERRATUM - CVE-2019-19232 Resolves: rhbz1786987 Resolves: rhbz1796518 1.8.29-2 - RHEL 8.2 ERRATUM - rebase to 1.8.29 Resolves: rhbz1733961 Resolves: rhbz1651662 1.8.28p1-1 - RHEL 8.2 ERRATUM - rebase to 1.8.28p1...

Huawei EulerOS: Security Advisory for sudo (EulerOS-SA-2020-1279)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory for sudo (FEDORA-2020-7c1b270959)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

GLSA-202003-12 : sudo: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202003-12 sudo: Multiple vulnerabilities Multiple vulnerabilities have been discovered in sudo. Please review the CVE identifiers referenced below for details. Impact : A local attacker could expose or corrupt memory information,...