RLSA-2026:19067 Important: sudo security update

The sudo packages contain the sudo utility which allows system administrators to provide certain users with the permission to execute privileged commands, which are used for system management purposes, without having to log in as root. Security Fixes: sudo: Sudo: Privilege escalation due to failu...

TencentOS Server 2: sudo (TSSA-2026:0298)

The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2026:0298 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities:...

Azure Linux 3.0 Security Update: CBL-Mariner Releases (CVE-2026-35535)

The version of CBL-Mariner Releases installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2026-35535 advisory. - In Sudo through 1.9.17p2 before 3e474c2, a failure of a setuid, setgid, or setgroups call,...

Exploit for Inclusion of Functionality from Untrusted Control Sphere in Sudo_Project Sudo

CVE-2025-32463chwoot English documenthttps://github.com/Yu...

Nutanix AHV : Multiple Vulnerabilities (NXSA-AHV-20230302.103068)

The version of AHV installed on the remote host is prior to 20230302.103068. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AHV-20230302.103068 advisory. - The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.6, tvOS 17,...

Exploit for Inclusion of Functionality from Untrusted Control Sphere in Sudo_Project Sudo

CVE-2025-32463 Exploit Tool This repository contains a Go-bas...

Important: Red Hat Security Advisory: OpenShift Container Platform 4.12.79 bug fix and security update

Red Hat OpenShift Container Platform release 4.12.79 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.12. Red Hat Product Security has rated this update as having a...

sudo: LPE via host option

A privilege escalation vulnerability was found in Sudo. In certain configurations, unauthorized users can gain elevated system privileges via the Sudo host option -h or --host. When using the default sudo security policy plugin sudoers, the host option is intended to be used in conjunction with t...

sudo: LPE via host option

A privilege escalation vulnerability was found in Sudo. In certain configurations, unauthorized users can gain elevated system privileges via the Sudo host option -h or --host. When using the default sudo security policy plugin sudoers, the host option is intended to be used in conjunction with t...

DEBIAN-CVE-2025-32463

Sudo before 1.9.17p1 allows local users to obtain root access because /etc/nsswitch.conf from a user-controlled directory is used with the --chroot option...

Progress Flowmon Local sudo privilege escalation

This module abuses a feature of the sudo command on Progress Flowmon. Certain binary files are allowed to automatically elevate with the sudo command. This is based off of the file name. This includes executing a PHP command with a specific file name. If the file is overwritten with PHP code it c...

RHEL 5 : sudo (RHSA-2019:4191)

The remote Redhat Enterprise Linux 5 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2019:4191 advisory. The sudo packages contain the sudo utility which allows system administrators to provide certain users with the permission to execute privileged...

Moderate: Red Hat Security Advisory: Red Hat OpenStack Platform 17.1 (openstack-tripleo-common) security update

An update for openstack-tripleo-common is now available for Red Hat OpenStack Platform 17.1 Wallaby. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...

Moderate: Red Hat Security Advisory: Red Hat OpenStack Platform 17.1 (openstack-tripleo-common) security update

An update for openstack-tripleo-common is now available for Red Hat OpenStack Platform 17.1 Wallaby. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...

Nutanix AHV : Multiple Vulnerabilities (NXSA-AHV-20220304.10055)

The version of AHV installed on the remote host is prior to 20220304.10055. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AHV-20220304.10055 advisory. - BIND 9.11.0 - 9.11.36 9.12.0 - 9.16.26 9.17.0 - 9.18.0 BIND Supported Preview Editions: 9.11.4-S1 - 9.11.36-S...

Nutanix AHV : Multiple Vulnerabilities (NXSA-AHV-20220304.385)

The version of AHV installed on the remote host is prior to 20220304.385. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AHV-20220304.385 advisory. - BIND 9.11.0 - 9.11.36 9.12.0 - 9.16.26 9.17.0 - 9.18.0 BIND Supported Preview Editions: 9.11.4-S1 - 9.11.36-S1...

Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-6.5.2.6)

The version of AOS installed on the remote host is prior to 6.5.2.6. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-6.5.2.6 advisory. - BIND 9.11.0 - 9.11.36 9.12.0 - 9.16.26 9.17.0 - 9.18.0 BIND Supported Preview Editions: 9.11.4-S1 - 9.11.36-S1 9.16.8-S1 -...

SUSE CVE-2006-0151

sudo 1.6.8 and other versions does not clear the PYTHONINSPECT environment variable, which allows limited local users to gain privileges via a Python script, a variant of CVE-2005-4158...

SUSE CVE-2007-3149

sudo, when linked with MIT Kerberos 5 krb5, does not properly check whether a user can currently authenticate to Kerberos, which allows local users to gain privileges, in a manner unintended by the sudo security model, via certain KRB5 environment variable settings. NOTE: another researcher...

SUSE CVE-2010-2956

Sudo 1.7.0 through 1.7.4p3, when a Runas group is configured, does not properly handle use of the -u option in conjunction with the -g option, which allows local users to gain privileges via a command line containing a "-u root" sequence...