CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Tenable Nessus•added 2024/06/03 12:0 a.m.•17 views

RHEL 5 : sudo (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - sudo: noexec bypass via wordexp CVE-2016-7076 - sudo before 1.8.12 does not ensure that the TZ environmen...

7.8CVSS6.9AI score0.0339EPSS

Exploits6References7

OpenVAS•added 2023/03/08 12:0 a.m.•16 views

Debian: Security Advisory (DLA-707-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.4AI score0.00497EPSS

Exploits0References3

OpenVAS•added 2022/01/28 12:0 a.m.•18 views

Mageia: Security Advisory (MGASA-2016-0389)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Tenable Nessus•added 2021/10/27 12:0 a.m.•27 views

Exploits0References6

NewStart CGSL MAIN 6.02 : sudo Multiple Vulnerabilities (NS-SA-2021-0120)

The remote NewStart CGSL host, running version MAIN 6.02, has sudo packages installed that are affected by multiple vulnerabilities: - A certain Fedora patch for parse.c in sudo before 1.7.4p5-1.fc14 on Fedora 14 does not properly interpret a system group aka %group in the sudoers file during...

7.8CVSS7.6AI score0.99305EPSS

Exploits108References25

OpenVAS•added 2021/04/19 12:0 a.m.•24 views

SUSE: Security Advisory (SUSE-SU-2016:2904-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS6.7AI score0.00497EPSS

Exploits1References8

Ubuntu•added 2020/09/28 12:54 p.m.•76 views

USN-3968-3: Sudo vulnerabilities

USN-3968-1 fixed several vulnerabilities in Sudo. This update provides the corresponding update for Ubuntu 14.04 ESM. Original advisory details: Florian Weimer discovered that Sudo incorrectly handled the noexec restriction when used with certain applications. A local attacker could possibly use...

OpenVAS•added 2020/01/23 12:0 a.m.•24 views

Huawei EulerOS: Security Advisory for sudo (EulerOS-SA-2017-1004)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.5AI score0.00497EPSS

OpenVAS•added 2020/01/23 12:0 a.m.•22 views

Huawei EulerOS: Security Advisory for sudo (EulerOS-SA-2018-1380)

7.8CVSS7.8AI score0.00497EPSS

Cloud Foundry•added 2019/05/20 12:0 a.m.•104 views

USN-3968-1: Sudo vulnerabilities | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 16.04 Description Florian Weimer discovered that Sudo incorrectly handled the noexec restriction when used with certain applications. A local attacker could possibly use this issue to bypass configured restrictions and...

8.2CVSS7.7AI score0.00573EPSS

OpenVAS•added 2019/05/07 12:0 a.m.•24 views

Ubuntu: Security Advisory (USN-3968-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.2CVSS8.3AI score0.00573EPSS

Tenable Nessus•added 2019/05/07 12:0 a.m.•29 views

Ubuntu 16.04 LTS : Sudo vulnerabilities (USN-3968-1)

The remote Ubuntu 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3968-1 advisory. Florian Weimer discovered that Sudo incorrectly handled the noexec restriction when used with certain applications. A local attacker could possibly use...

8.2CVSS7.5AI score0.00573EPSS

Exploits0References3

Ubuntu•added 2019/05/06 5:19 p.m.•116 views

USN-3968-1: Sudo vulnerabilities

Florian Weimer discovered that Sudo incorrectly handled the noexec restriction when used with certain applications. A local attacker could possibly use this issue to bypass configured restrictions and execute arbitrary commands. CVE-2016-7076 It was discovered that Sudo did not properly parse the...

8.2CVSS7AI score0.00573EPSS

IBM Security Bulletins•added 2019/01/31 2:25 a.m.•30 views

Security Bulletin: IBM Dynamic System Analysis (DSA) Preboot is affected by vulnerabilities in sudo.

Summary IBM Dynamic System Analysis DSA Preboot has addressed the following vulnerabilities in sudo. Vulnerability Details Summary IBM Dynamic System Analysis DSA Preboot has addressed the following vulnerabilities in sudo. Vulnerability Details CVEID: CVE-2016-7032 Description: Sudo could allow ...

7.8CVSS0.9AI score0.00497EPSS

Tenable Nessus•added 2018/11/21 12:0 a.m.•29 views

EulerOS Virtualization 2.5.1 : sudo (EulerOS-SA-2018-1380)

According to the version of the sudo package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - It was discovered that the sudo noexec restriction could have been bypassed if application run via sudo executed system, popen, or...

NVD•added 2018/05/29 1:29 p.m.•15 views

CVE-2016-7076

sudo before version 1.8.18p1 is vulnerable to a bypass in the sudo noexec restriction if application run via sudo executed wordexp C library function with a user supplied argument. A local user permitted to run such application via sudo with noexec restriction could possibly use this flaw to...