Amazon Linux 2 : python-urllib3, --advisory ALAS2-2026-3156 (ALAS-2026-3156)

The version of python-urllib3 installed on the remote host is prior to 1.25.9-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3156 advisory. urllib3 is a user-friendly HTTP client library for Python. Starting in version 1.24 and prior to 2.6.0, the number...

MiracleLinux 8 : sudo-1.8.29-6.el8.1 (AXSA:2021-1334:04)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2021-1334:04 advisory. sudo: Heap buffer overflow in argument parsing CVE-2021-3156 Tenable has extracted the preceding description block directly from the MiracleLinux security...

MiracleLinux 7 : sudo-1.8.23-10.el7.1 (AXSA:2021-1325:02)

The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2021-1325:02 advisory. sudo: Heap buffer overflow in argument parsing CVE-2021-3156 Tenable has extracted the preceding description block directly from the MiracleLinux security...

CVE-2009-3156 vulnerabilities

Vulnerabilities for packages: drupal...

Security Bulletin: Vulnerability in Sudo package affects IBM Integrated Analytics System.

Summary The Sudo package is used by IBM Integrated Analytics System. IBM Integrated Analytics System has addresed the applicable CVE CVE-2021-3156, CVE-2019-19234, CVE-2019-19232. Vulnerability Details CVEID:CVE-2021-3156 DESCRIPTION: Sudo before 1.9.5p2 contains an off-by-one error that can resu...

QNAP QTS Heap-Based Buffer Overflow Vulnerability (QSA-21-02, Baron Samedit)

QNAP QTS is prone to a heap-based buffer overflow vulnerability in sudo dubbed SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

CVE-2025-3156

creationtimestamp| type| source ---|---|--- 2025-07-06 01:22:06+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3ltb4azsqfi2a...

Linux Distros Unpatched Vulnerability : CVE-2024-3156

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in V8 in Google Chrome prior to 123.0.6312.105 allowed a remote attacker to potentially perform out of bounds memory access via a...

Linux Distros Unpatched Vulnerability : CVE-2016-3156

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The IPv4 implementation in the Linux kernel before 4.5.2 mishandles destruction of device objects, which allows guest OS users to cause a denial of service host...

Linux Distros Unpatched Vulnerability : CVE-2015-3156

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The writeconfig function in trove/guestagent/datastore/experimental/mongodb/service.py, resetconfiguration function in...

Exploit for Off-by-one Error in Sudo_Project Sudo

Baron Samedit PoC Description This is a Proof-of-Concept...

SUSE: Security Advisory (SUSE-SU-2024:4389-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLES12 Security Update : sudo (SUSE-SU-2024:4389-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2024:4389-1 advisory. - CVE-2021-3156: Fixed regression in CVE bsc1234371 Tenable has extracted the preceding description block directly from the SUSE security advisory. Not...

Security update for sudo

This update for sudo fixes the following issues: CVE-2021-3156: Fixed regression in CVE bsc1234371 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed for your product:...

SUSE-SU-2024:4389-1 Security update for sudo

This update for sudo fixes the following issues: - CVE-2021-3156: Fixed regression in CVE bsc1234371...

Exploit for Off-by-one Error in Sudo_Project Sudo

CVE-2021-3156-without-ip-command fork of worawit/CVE-2021-315...

Synology DiskStation Manager Sudo Off-by-one Error (CVE-2021-3156)

Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege escalation to root via sudoedit -s and a command-line argument that ends with a single backslash character. This plugin only works with Tenable.ot. Please visit...

Fedora: Security Advisory (FEDORA-2024-39b249a59c)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE Security Advisory (SUSE-SU-2024:3156-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

RHEL 8 : Red Hat OpenStack Platform 16.1 (RHSA-2023:3156)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:3156 advisory. Security Fixes: EMBARGOED CVE-2023-2088 openstack-cinder: silently access other user's volumes CVE-2023-2088 For more details about the security...