Lucene search
+L

225 matches found

Rockylinux
Rockylinux
added 2026/04/28 12:6 p.m.15 views

sudo security update

An update is available for sudo. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The sudo packages contain the sudo utility which allows system administrators t...

7.8CVSS5.6AI score0.00173EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2026/04/27 10:58 a.m.11 views

sudo: Sudo: Privilege escalation due to failure in privilege drop calls

A flaw was found in Sudo. A local user could exploit a failure in the setuid, setgid, or setgroups calls, which are used to drop privileges before running the mailer. This oversight allows for privilege escalation, enabling the user to gain elevated access on the system...

7.8CVSS5.2AI score0.00173EPSS
Exploits0References8
Oracle linux
Oracle linux
added 2026/04/27 12:0 a.m.9 views

sudo security update

1.9.15-10.p5 - Resolves: RHEL-164619 - CVE-2026-35535 sudo: Sudo: Privilege escalation due to failure in privilege drop calls...

7.4CVSS5.2AI score0.00173EPSS
Exploits0
OSV
OSV
added 2026/04/27 12:0 a.m.6 views

ALSA-2026:10758 Important: sudo security update

The sudo packages contain the sudo utility which allows system administrators to provide certain users with the permission to execute privileged commands, which are used for system management purposes, without having to log in as root. Security Fixes: sudo: Sudo: Privilege escalation due to failu...

7.8CVSS5.5AI score0.00173EPSS
Exploits0References4
OSV
OSV
added 2026/04/25 5:47 a.m.7 views

OESA-2026-1998 sudo security update

Sudo is a program designed to allow a sysadmin to give limited root privileges to users and log root activity. The basic philosophy is to give as few privileges as possible but still allow people to get their work done. Security Fixes: In Sudo through 1.9.17p2 before 3e474c2, a failure of a setui...

7.8CVSS5.3AI score0.00173EPSS
Exploits0References2
OSV
OSV
added 2026/04/25 5:47 a.m.4 views

OESA-2026-1996 sudo security update

Sudo is a program designed to allow a sysadmin to give limited root privileges to users and log root activity. The basic philosophy is to give as few privileges as possible but still allow people to get their work done. Security Fixes: In Sudo through 1.9.17p2 before 3e474c2, a failure of a setui...

7.8CVSS5.4AI score0.00173EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/04/25 12:0 a.m.6 views

CBL Mariner 2.0 Security Update: CBL-Mariner Releases (CVE-2026-35535)

The version of CBL-Mariner Releases installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2026-35535 advisory. - In Sudo through 1.9.17p2 before 3e474c2, a failure of a setuid, setgid, or setgroups call,...

7.8CVSS5.4AI score0.00173EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/04/24 12:0 a.m.5 views

openSUSE 16 Security Update : sudo (openSUSE-SU-2026:20604-1)

The remote openSUSE 16 host has packages installed that are affected by a vulnerability as referenced in the openSUSE- SU-2026:20604-1 advisory. - CVE-2026-35535: unhandled failure of setuid, setgid or setgroups calls during a mailer privilege drop allows for local privilege escalation bsc1261420...

7.8CVSS5.5AI score0.00173EPSS
Exploits0References3
OSV
OSV
added 2026/04/22 9:56 a.m.6 views

OPENSUSE-SU-2026:20604-1 Security update for sudo

This update for sudo fixes the following issues: - CVE-2026-35535: unhandled failure of setuid, setgid or setgroups calls during a mailer privilege drop allows for local privilege escalation bsc1261420...

7.8CVSS5.3AI score0.00173EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/04/17 8:42 p.m.8 views

CVE-2026-32107

A flaw was found in xrdp, an open source Remote Desktop Protocol RDP server. The session execution component did not properly handle an error during the privilege drop process. This improper privilege management could allow an authenticated local attacker to escalate privileges to root and execut...

8.8CVSS6.3AI score0.00159EPSS
Exploits0References5
NVD
NVD
added 2026/04/17 8:16 p.m.7 views

CVE-2026-32107

xrdp is an open source RDP server. In versions through 0.10.5, the session execution component did not properly handle an error during the privilege drop process. This improper privilege management could allow an authenticated local attacker to escalate privileges to root and execute arbitrary co...

8.8CVSS0.00159EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/04/17 7:25 p.m.5 views

CVE-2026-32107 xrdp: Fail-open privilege drop in sesexec — child processes may execute as root if setuid fails

xrdp is an open source RDP server. In versions through 0.10.5, the session execution component did not properly handle an error during the privilege drop process. This improper privilege management could allow an authenticated local attacker to escalate privileges to root and execute arbitrary co...

8.8CVSS6.2AI score0.00159EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/04/17 7:25 p.m.25 views

CVE-2026-32107 xrdp: Fail-open privilege drop in sesexec — child processes may execute as root if setuid fails

xrdp is an open source RDP server. In versions through 0.10.5, the session execution component did not properly handle an error during the privilege drop process. This improper privilege management could allow an authenticated local attacker to escalate privileges to root and execute arbitrary co...

8.8CVSS0.00159EPSS
Exploits0References2
OSV
OSV
added 2026/04/17 7:25 p.m.2 views

CVE-2026-32107 xrdp: Fail-open privilege drop in sesexec — child processes may execute as root if setuid fails

xrdp is an open source RDP server. In versions through 0.10.5, the session execution component did not properly handle an error during the privilege drop process. This improper privilege management could allow an authenticated local attacker to escalate privileges to root and execute arbitrary co...

8.8CVSS7.6AI score0.00159EPSS
Exploits0References4
AlpineLinux
AlpineLinux
added 2026/04/17 7:25 p.m.4 views

CVE-2026-32107

xrdp is an open source RDP server. In versions through 0.10.5, the session execution component did not properly handle an error during the privilege drop process. This improper privilege management could allow an authenticated local attacker to escalate privileges to root and execute arbitrary co...

8.8CVSS6.2AI score0.00159EPSS
Exploits0
OSV
OSV
added 2026/04/17 12:59 p.m.13 views

OESA-2026-1908 sudo security update

Sudo is a program designed to allow a sysadmin to give limited root privileges to users and log root activity. The basic philosophy is to give as few privileges as possible but still allow people to get their work done. Security Fixes: In Sudo through 1.9.17p2 before 3e474c2, a failure of a setui...

7.8CVSS5.8AI score0.00173EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/04/17 12:0 a.m.5 views

PT-2026-33488

Name of the Vulnerable Software and Affected Versions xrdp versions prior to 0.10.6 Description The session execution component of this open source RDP server fails to properly handle errors during the privilege drop process. This improper privilege management allows an authenticated local attack...

8.8CVSS6.3AI score0.00607EPSS
Exploits0References18
OSV
OSV
added 2026/04/16 12:52 p.m.3 views

SUSE-SU-2026:21252-1 Security update for sudo

This update for sudo fixes the following issues: - CVE-2026-35535: unhandled failure of setuid, setgid or setgroups calls during a mailer privilege drop allows for local privilege escalation bsc1261420...

7.8CVSS5.2AI score0.00173EPSS
Exploits0References3
EUVD
EUVD
added 2026/04/03 3:31 a.m.9 views

EUVD-2026-18571

In Sudo through 1.9.17p2 before 3e474c2, a failure of a setuid, setgid, or setgroups call, during a privilege drop before running the mailer, is not a fatal error and can lead to privilege escalation...

7.4CVSS5.9AI score0.00173EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2026/04/03 3:16 a.m.7 views

CVE-2026-35535

In Sudo through 1.9.17p2 before 3e474c2, a failure of a setuid, setgid, or setgroups call, during a privilege drop before running the mailer, is not a fatal error and can lead to privilege escalation...

7.8CVSS5.9AI score0.00173EPSS
Exploits0References6
Rows per page
Query Builder