EulerOS Virtualization 2.10.0 : systemd (EulerOS-SA-2023-2495)

According to the versions of the systemd packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - systemd before 247 does not adequately block local privilege escalation for some Sudo configurations, e.g., plausible sudoers...

EulerOS Virtualization 2.10.0 : sudo (EulerOS-SA-2023-2494)

According to the versions of the sudo package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Sudo before 1.9.13 does not escape control characters in log messages. CVE-2023-28486 - Sudo before 1.9.13 does not escape control...

EulerOS Virtualization 3.0.6.6 : sudo (EulerOS-SA-2023-2439)

According to the versions of the sudo package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Sudo 1.8.0 through 1.9.12, with the crypt password backend, contains a plugins/sudoers/auth/passwd.c array-out-of-bounds error that...

Huawei EulerOS: Security Advisory for sudo (EulerOS-SA-2023-2439)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

The vulnerability of the system administration program Sudo, related to the lack of mechanisms for encoding or shielding output data, allows attackers to gain access to confidential information.

The vulnerability of the system administration program Sudo is related to the lack of mechanisms for encoding or shielding output data. Exploiting this vulnerability allows a remote attacker to gain access to confidential data...

The vulnerability of the system administration program Sudo, related to the lack of mechanisms for encoding or shielding output data, allows attackers to gain access to confidential information.

The vulnerability of the system administration program Sudo is related to the lack of mechanisms for encoding or shielding output data. Exploiting this vulnerability allows a remote attacker to gain access to confidential data...

Oracle Linux 8 : systemd (ELSA-2023-3837)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-3837 advisory. - Fix CVE-2023-26604 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has not tested for...

Exploit for Improper Privilege Management in Sudo_Project Sudo

Linux Privilege Escalation Exploit for CVE-2021-3560 Sudoedit a...

EulerOS 2.0 SP9 : dmidecode (EulerOS-SA-2023-2329)

According to the versions of the dmidecode package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Dmidecode before 3.5 allows -dump-bin to overwrite a local file. This has security relevance because, for example, execution of Dmidecode via...

CLSA-2023-1688678794 Fix CVE(s): CVE-2023-26604

SECURITY UPDATE: local privilege escalation for some Sudo configurations - debian/patches/CVE-2023-26604.patch: set LESSSECURE to 1 - CVE-2023-26604 test issue: udev-test.pl is stopped by a timeout in a virtual environment - debian/patches/fix-udev-test.patch: skip this test in some cases...

ROS-2-1165

2.1165 Vulnerability in sudo CVE-2021-3156 1. Vulnerability Description: The vulnerability allows root access without authentication and without having the necessary credentials. The issue can be exploited by any user, regardless of their presence in system groups or the presence of an entry in...

CVE-2023-36624

Loxone Miniserver Go Gen.2 through 14.0.3.28 allows an authenticated operating system user to escalate privileges via the Sudo configuration. This allows the elevated execution of binaries without a password requirement...

CVE-2023-36624

Loxone Miniserver Go Gen.2 through 14.0.3.28 allows an authenticated operating system user to escalate privileges via the Sudo configuration. This allows the elevated execution of binaries without a password requirement...

CVE-2023-36624

Loxone Miniserver Go Gen.2 through 14.0.3.28 allows an authenticated operating system user to escalate privileges via the Sudo configuration. This allows the elevated execution of binaries without a password requirement...

Design/Logic Flaw

Loxone Miniserver Go Gen.2 through 14.0.3.28 allows an authenticated operating system user to escalate privileges via the Sudo configuration. This allows the elevated execution of binaries without a password requirement...

CVE-2023-36624

Loxone Miniserver Go Gen.2 through 14.0.3.28 allows an authenticated operating system user to escalate privileges via the Sudo configuration. This allows the elevated execution of binaries without a password requirement...

CVE-2023-36624

Loxone Miniserver Go Gen.2 through 14.0.3.28 allows an authenticated operating system user to escalate privileges via the Sudo configuration. This allows the elevated execution of binaries without a password requirement...

PT-2023-25640 · Loxone · Loxone Miniserver Go Gen.2

Name of the Vulnerable Software and Affected Versions: Loxone Miniserver Go Gen.2 through 14.0.3.28 Description: The issue allows an authenticated operating system user to escalate privileges via the Sudo configuration, enabling the elevated execution of binaries without a password requirement...

CVE-2023-36624

Summary: CVE-2023-36624 affects Loxone Miniserver Go Gen.2 up to 14.0.3.28. An authenticated operating system user can escalate privileges via the Sudo configuration, allowing elevated execution of binaries without a password. What’s known from documents: Multiple sources (NVD/Red Hat/CVE listing...

Critical Photon OS Security Update - PHSA-2023-5.0-0043

Updates of 'kubernetes-dashboard', 'sudo' packages of Photon OS have been released...