MiracleLinux 4 : sssd-1.12.4-47.AXS4.4 (AXSA:2015-557:03)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2015-557:03 advisory. Provides a set of daemons to manage access to remote directories and authentication mechanisms. It provides an NSS and PAM interface toward the system and a...

CVE-2025-34323 Nagios Log Server < 2026R1.0.1 Local Privilege Escalation via Writable Scripts and Sudo Rules

Nagios Log Server versions prior to 2026R1.0.1 are vulnerable to local privilege escalation due to a combination of sudo misconfiguration and group-writable application directories. The 'www-data' user is a member of the 'nagios' group, which has write access to...

Nagios Log Server 安全漏洞

Nagios Log Server is a suite of centralized log management, monitoring, and analysis software from Nagios, Inc. A security vulnerability exists in Nagios Log Server versions prior to 2026R1.0.1, which stems from an insecure interaction between sudo rules and filesystem permissions, which could le...

EUVD-2024-54661

Malicious code in bioql PyPI...

mtr through 0.95, in certain privileged contexts, mishandles execution of a program specified by the MTR_PACKET environment variable. NOTE: mtr on macOS may often have Sudo rules, as an indirect consequence of Homebrew not installing setuid binaries.

...

SUSE CVE-2025-49809

mtr through 0.95, in certain privileged contexts, mishandles execution of a program specified by the MTRPACKET environment variable. NOTE: mtr on macOS may often have Sudo rules, as an indirect consequence of Homebrew not installing setuid binaries...

DEBIAN-CVE-2025-49809

mtr through 0.95, in certain privileged contexts, mishandles execution of a program specified by the MTRPACKET environment variable. NOTE: mtr on macOS may often have Sudo rules, as an indirect consequence of Homebrew not installing setuid binaries...

CVE-2025-49809

mtr through 0.95, in certain privileged contexts, mishandles execution of a program specified by the MTRPACKET environment variable. NOTE: mtr on macOS may often have Sudo rules, as an indirect consequence of Homebrew not installing setuid binaries...

CVE-2025-49809

mtr through 0.95, in certain privileged contexts, mishandles execution of a program specified by the MTRPACKET environment variable. NOTE: mtr on macOS may often have Sudo rules, as an indirect consequence of Homebrew not installing setuid binaries...

CVE-2024-13090

A privilege escalation vulnerability may enable a service account to elevate its privileges. The sudo rules configured for a local service account were excessively permissive, potentially allowing administrative access if a malicious actor could execute arbitrary commands as that account. It is...

CVE-2024-13090

CVE-2024-13090 describes a privilege escalation risk in Nozomi Guardian/CMC prior to version 24.6.0, caused by overly permissive sudo rules for a local service account. This could allow a user with service-account privileges to run commands with elevated rights if an attacker could exploit the su...

CVE-2024-13090 Privilege escalation in Guardian/CMC before 24.6.0

A privilege escalation vulnerability may enable a service account to elevate its privileges. The sudo rules configured for a local service account were excessively permissive, potentially allowing administrative access if a malicious actor could execute arbitrary commands as that account. It is...

Privilege escalation in Guardian/CMC before 24.6.0

Summary A privilege escalation vulnerability may enable a service account to elevate its privileges. Impact The sudo rules configured for a local service account were excessively permissive, potentially allowing administrative access if a malicious actor could execute arbitrary commands as that...

PT-2025-24648 · Nozomi Networks · Cmc +1

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: A privilege escalation issue may allow a service account to elevate its privileges. The sudo rules configured for a local service account were excessively permissive, potentially allowing...

Nozomi Guardian 安全漏洞

Nozomi Guardian is a US-based protection software. A security vulnerability exists in Nozomi Guardian that stems from an overly loose configuration of sudo rules, which could result in a service account elevating privileges to the administrator level...

RHEL 7 : cifs-utils (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - cifs-utils: stack-based buffer overflow mount.cifs may lead to local privilege escalation to root...

RHEL 6 : sssd (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - sssd: shell command injection in sssctl CVE-2021-3621 - The UNIX pipe which sudo uses to contact SSSD and...

SUSE CVE-2018-10852

The UNIX pipe which sudo uses to contact SSSD and read the available sudo rules from SSSD has too wide permissions, which means that anyone who can send a message using the same raw protocol that sudo and SSSD use can read the sudo rules available for any user. This affects versions of SSSD befor...

Ubuntu: Security Advisory (USN-5067-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2018:2144-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...