OPENSUSE-SU-2026:10510-1 sudo-1.9.17p2-2.1 on GA media

These are all security issues fixed in the sudo-1.9.17p2-2.1 package on the GA media of openSUSE Tumbleweed...

MiracleLinux 3 : sudo-1.7.2p1-14.AXS3.3 (AXSA:2012-777:03)

The remote MiracleLinux 3 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2012-777:03 advisory. Sudo superuser do allows a system administrator to give certain users or groups of users the ability to run some or all commands as root while logging all...

MiracleLinux 3 : sudo-1.6.9p17-3AXS3.1 (AXSA:2009-35:01)

The remote MiracleLinux 3 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2009-35:01 advisory. Sudo superuser do allows a system administrator to give certain users or groups of users the ability to run some or all commands as root while logging all...

EulerOS 2.0 SP13 : sudo (EulerOS-SA-2025-2311)

According to the versions of the sudo package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Sudo before 1.9.17p1, when used with a sudoers file that specifies a host that is neither the current host nor ALL, allows listed users to execute...

EUVD-2013-2715

Malware in sbrugna...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: sudo (UTSA-2025-345443)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-345443 advisory. Sudo before 1.9.17p1, when used with a sudoers file that specifies a host that is neither the current host nor ALL, allows listed users to execute commands on...

Advisory ROSA-SA-2025-2973

software: sudo 1.9.17p1 WASP: ROSA-CHROME unaffected versions = sudo-1.9.17p1-1 affected versions sudo-1.9.17p1-1 CVE-ID: CVE-2025-32462 BDU-ID: 2025-08356 CVE-Crit: LOW CVE-DESC.: A vulnerability in the Sudo system administration program is related to a flaw in the authorization mechanism...

EulerOS 2.0 SP11 : sudo (EulerOS-SA-2025-1944)

According to the versions of the sudo package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Sudo before 1.9.17p1, when used with a sudoers file that specifies a host that is neither the current host nor ALL, allows listed users to execute...

📄 Sudo 1.9.17 Privilege Escalation

Sudo versions 1.9.17 and below suffers from a local privilege escalation vulnerability via the Host option. Exploit Title: Sudo 1.9.17 Host Option - Elevation of Privilege Date: 2025-06-30 Exploit Author: Rich Mirch Vendor Homepage: https://www.sudo.ws Software Link:...

DEBIAN-CVE-2025-32462

Sudo before 1.9.17p1, when used with a sudoers file that specifies a host that is neither the current host nor ALL, allows listed users to execute commands on unintended machines...

Linux Distros Unpatched Vulnerability : CVE-2016-7076

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - sudo before version 1.8.18p1 is vulnerable to a bypass in the sudo noexec restriction if application run via sudo executed wordexp C library function with a use...

Exploit for Improper Privilege Management in Sudo_Project Sudo

CVE-2023-22809 Exploiter Scripts Disclaimer This script is pr...

SUSE CVE-2023-42465

Sudo before 1.9.15 might allow row hammer attacks for authentication bypass or privilege escalation because application logic sometimes is based on not equaling an error value instead of equaling a success value, and because the values do not resist flips of a single bit...

sudo 1.9.12p1 Privilege Escalation

!/usr/bin/env bash Exploit Title: sudo 1.8.0 to 1.9.12p1 - Privilege Escalation Exploit Author: n3m1.sys CVE: CVE-2023-22809 Date: 2023/01/21 Vendor Homepage: https://www.sudo.ws/ Software Link: https://www.sudo.ws/dist/sudo-1.9.12p1.tar.gz Version: 1.8.0 to 1.9.12p1 Tested on: Ubuntu Server 22.0...

sudo 1.8.0 to 1.9.12p1 - Privilege Escalation Exploit

!/usr/bin/env bash Exploit Title: sudo 1.8.0 to 1.9.12p1 - Privilege Escalation Exploit Author: n3m1.sys CVE: CVE-2023-22809 Date: 2023/01/21 Vendor Homepage: https://www.sudo.ws/ Software Link: https://www.sudo.ws/dist/sudo-1.9.12p1.tar.gz Version: 1.8.0 to 1.9.12p1 Tested on: Ubuntu Server 22.0...

SUSE CVE-2023-28487

Sudo before 1.9.13 does not escape control characters in sudoreplay output...

SUSE CVE-2005-4158

Sudo before 1.6.8 p12, when the Perl taint flag is off, does not clear the 1 PERLLIB, 2 PERL5LIB, and 3 PERL5OPT environment variables, which allows limited local users to cause a Perl script to include and execute arbitrary library files that have the same name as library files that are included...

CVE-2023-22809

In Sudo before 1.9.12p2, the sudoedit aka -e feature mishandles extra arguments passed in the user-provided environment variables SUDOEDITOR, VISUAL, and EDITOR, allowing a local attacker to append arbitrary entries to the list of files to process. This can lead to privilege escalation. Affected...

Exploit for Off-by-one Error in Sudo_Project Sudo

CVE-2021-3156: Heap-Based Buffer Overflow in Sudo Baron Samed...

Exploit for Off-by-one Error in Sudo_Project Sudo

CVE-2021-3156 Introduction This repository was created f...