Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

18 matches found

OSV
OSVadded 2025/10/27 6:23 p.m.1 views

JLSEC-2025-191 A flaw was found in the util-linux chfn and chsh utilities when compiled with Readline support

A flaw was found in the util-linux chfn and chsh utilities when compiled with Readline support. The Readline library uses an "INPUTRC" environment variable to get a path to the library config file. When the library cannot parse the specified file, it prints an error message containing data from t...

5.5CVSS6.5AI score0.00025EPSS
Exploits0References6
SUSE CVE
SUSE CVEadded 2023/02/15 4:58 a.m.1 views

SUSE CVE-2016-7091

sudo: It was discovered that the default sudo configuration on Red Hat Enterprise Linux and possibly other Linux implementations preserves the value of INPUTRC which could lead to information disclosure. A local user with sudo access to a restricted program that uses readline could use this flaw ...

4.4CVSS6.4AI score0.00069EPSS
Exploits0References3
SUSE CVE
SUSE CVEadded 2023/02/15 3:35 a.m.1 views

SUSE CVE-2022-0563

A flaw was found in the util-linux chfn and chsh utilities when compiled with Readline support. The Readline library uses an "INPUTRC" environment variable to get a path to the library config file. When the library cannot parse the specified file, it prints an error message containing data from t...

5.5CVSS9.1AI score0.00025EPSS
Exploits0References3
Microsoft CVE
Microsoft CVEadded 2022/03/08 8:0 a.m.2 views

A flaw was found in the util-linux chfn and chsh utilities when compiled with Readline support. The Readline library uses an "INPUTRC" environment variable to get a path to the library config file. When the library cannot parse the specified file it prints an error message containing data from the file. This flaw allows an unprivileged user to read root-owned files potentially leading to privilege escalation. This flaw affects util-linux versions prior to 2.37.4.

...

5.5CVSS5.6AI score0.00025EPSS
Exploits0
OSV
OSVadded 2022/02/21 7:15 p.m.0 views

DEBIAN-CVE-2022-0563

A flaw was found in the util-linux chfn and chsh utilities when compiled with Readline support. The Readline library uses an "INPUTRC" environment variable to get a path to the library config file. When the library cannot parse the specified file, it prints an error message containing data from t...

5.5CVSS5.8AI score0.00025EPSS
Exploits0References1
OSV
OSVadded 2022/02/21 7:15 p.m.1 views

ALPINE-CVE-2022-0563

A flaw was found in the util-linux chfn and chsh utilities when compiled with Readline support. The Readline library uses an "INPUTRC" environment variable to get a path to the library config file. When the library cannot parse the specified file, it prints an error message containing data from t...

5.5CVSS6.5AI score0.00025EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2022/02/21 12:0 a.m.4 views

PT-2022-13263 · Unknown +2 · Util-Linux +2

Name of the Vulnerable Software and Affected Versions: util-linux versions prior to 2.37.4 Description: A flaw was found in the util-linux chfn and chsh utilities when compiled with Readline support. The Readline library uses an INPUTRC environment variable to get a path to the library config fil...

5.5CVSS5.8AI score0.327EPSS
Exploits6References39
Debian CVE
Debian CVEadded 2022/02/21 12:0 a.m.377 views

CVE-2022-0563

A flaw was found in the util-linux chfn and chsh utilities when compiled with Readline support. The Readline library uses an "INPUTRC" environment variable to get a path to the library config file. When the library cannot parse the specified file, it prints an error message containing data from t...

5.5CVSS5.5AI score0.00025EPSS
Exploits0
OpenVAS
OpenVASadded 2020/02/06 12:0 a.m.9 views

Linux: 'readonly TMOUT' in /etc/profile

When invoked interactively with the --login option or when invoked as sh, Bash reads the /etc/profile instructions. These usually set the shell variables PATH, USER, MAIL, HOSTNAME and HISTSIZE. On some systems, the umask value is configured in /etc/profile, on other systems this file holds...

7.2AI score
Exploits0References1
OSV
OSVadded 2016/12/22 9:59 p.m.1 views

CVE-2016-7091

sudo: It was discovered that the default sudo configuration on Red Hat Enterprise Linux and possibly other Linux implementations preserves the value of INPUTRC which could lead to information disclosure. A local user with sudo access to a restricted program that uses readline could use this flaw ...

4.4CVSS5.8AI score
Exploits0References3
NVD
NVDadded 2016/12/22 9:59 p.m.13 views

CVE-2016-7091

sudo: It was discovered that the default sudo configuration on Red Hat Enterprise Linux and possibly other Linux implementations preserves the value of INPUTRC which could lead to information disclosure. A local user with sudo access to a restricted program that uses readline could use this flaw ...

4.9CVSS5.6AI score0.00069EPSS
Exploits0References3
Tenable Nessus
Tenable Nessusadded 2016/12/15 12:0 a.m.28 views

Scientific Linux Security Update : sudo on SL7.x x86_64 (20161103)

Security Fixes : - It was discovered that the default sudo configuration preserved the value of INPUTRC from the user's environment, which could lead to information disclosure. A local user with sudo access to a restricted program that uses readline could use this flaw to read content from...

4.9CVSS5.5AI score0.00069EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2016/11/28 12:0 a.m.48 views

CentOS 7 : sudo (CESA-2016:2593)

An update for sudo is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE li...

4.9CVSS5.6AI score0.00069EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2016/11/11 12:0 a.m.56 views

Oracle Linux 7 : sudo (ELSA-2016-2593)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2016-2593 advisory. 1.8.6p7-20 - RHEL 7.3 erratum - fixed visudo's -q flag Resolves: rhbz1350828 1.8.6p7-19 - RHEL 7.3 erratum - removed INPUTRC from envkeep to prevent a potential...

4.9CVSS5.7AI score0.00069EPSS
Exploits0References2
Oracle linux
Oracle linuxadded 2016/11/09 12:0 a.m.27 views

sudo security, bug fix, and enhancement update

1.8.6p7-20 - RHEL 7.3 erratum - fixed visudo's -q flag Resolves: rhbz1350828 1.8.6p7-19 - RHEL 7.3 erratum - removed INPUTRC from envkeep to prevent a potential info leak Resolves: rhbz1340700 1.8.6p7-18 - RHEL 7.3 erratum - removed requiretty flag from the default sudoers policy - backported...

4.9CVSS5.2AI score0.00069EPSS
Exploits0
RedHat Linux
RedHat Linuxadded 2016/11/03 8:10 a.m.2 views

sudo: Possible info leak via INPUTRC

It was discovered that the default sudo configuration preserved the value of INPUTRC from the user's environment, which could lead to information disclosure. A local user with sudo access to a restricted program that uses readline could use this flaw to read content from specially formatted files...

4.9CVSS7.1AI score0.00069EPSS
Exploits0References4
RedHat Linux
RedHat Linuxadded 2016/11/03 8:10 a.m.26 views

Low: Red Hat Security Advisory: sudo security, bug fix, and enhancement update

An update for sudo is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...

4.9CVSS6.2AI score0.00069EPSS
Exploits0References8
RedhatCVE
RedhatCVEadded 2016/08/26 12:48 a.m.25 views

CVE-2016-7091

It was discovered that the default sudo configuration preserved the value of INPUTRC from the user's environment, which could lead to information disclosure. A local user with sudo access to a restricted program that uses readline could use this flaw to read content from specially formatted files...

4.9CVSS3.2AI score0.00069EPSS
Exploits0References1
Rows per page
Query Builder