4723 matches found
Command injection
PhoneSystem Terminal in 3CX Phone System Debian based installation 16.0.0.1570 allows an attacker to gain root privileges by using sudo with the tcpdump command, without a password. This occurs because the -z aka postrotate-command option to tcpdump can be unsafe when used in conjunction with sud...
CVE-2019-9971
The CVE-2019-9971 entry concerns PhoneSystem Terminal in 3CX Phone System (Debian-based installation) 16.0.0.1570. The issue is a privilege-escalation vulnerability where an attacker can gain root privileges by using sudo with the tcpdump command due to the -z (postrotate-command) option being un...
CVE-2019-9971
PhoneSystem Terminal in 3CX Phone System Debian based installation 16.0.0.1570 allows an attacker to gain root privileges by using sudo with the tcpdump command, without a password. This occurs because the -z aka postrotate-command option to tcpdump can be unsafe when used in conjunction with sud...
3CX Phone 安全漏洞
The 3CX Phone is a software-based private branch exchange. It can be used with SIP standard based IP phones, SIP trunks and VoIP gateways to provide a complete communication solution. A security vulnerability exists in 3CX Phone System version 16.0.0.1570, which stems from the -z aka...
Exploit for Off-by-one Error in Sudo_Project Sudo
CVE-2021-3156 Root shell PoC for CVE-2021-3156 no brutef...
VulnCheck KEV: CVE-2021-35064
KramerAV VIAWare, all tested versions, allow privilege escalation through misconfiguration of sudo. Sudoers permits running of multiple dangerous commands, including unzip, systemctl and dpkg...
CVE-2022-1356
cnMaestro is vulnerable to a local privilege escalation. By default, a user does not have root privileges. However, a user can run scripts as sudo, which could allow an attacker to gain root privileges when running user scripts outside allowed commands...
Privilege escalation
cnMaestro is vulnerable to a local privilege escalation. By default, a user does not have root privileges. However, a user can run scripts as sudo, which could allow an attacker to gain root privileges when running user scripts outside allowed commands...
CVE-2022-1356 Cambium Networks cnMaestro use of Potentially Dangerous Function
cnMaestro is vulnerable to a local privilege escalation. By default, a user does not have root privileges. However, a user can run scripts as sudo, which could allow an attacker to gain root privileges when running user scripts outside allowed commands...
new packages: sudo
An update is available for sudo. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Enterprise...
ALBA-2022:2080 sudo bug fix and enhancement update
For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...
sudo bug fix and enhancement update
An update is available for sudo. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Linux 8.6...
NewStart CGSL CORE 5.05 / MAIN 5.05 : sudo Multiple Vulnerabilities (NS-SA-2022-0028)
The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has sudo packages installed that are affected by multiple vulnerabilities: - A certain Fedora patch for parse.c in sudo before 1.7.4p5-1.fc14 on Fedora 14 does not properly interpret a system group aka %group in the sudoers fil...
Security Bulletin: Vulnerabilities in the Linux Kernel, Samba, Sudo, Python, and tcmu-runner affect IBM Spectrum Protect Plus
Summary Vulnerabilities in the Linux Kernel, Samba, Sudo, Python, and tcmu-runner such as denial of service, elevation of privileges, buffer overflow, directory traversal, information disclosure, and bypassing of security restrictions , may affect IBM Spectrum Protect Plus. UPDATE 28 January 2022...
Exploit for Incorrect Authorization in Polkit_Project Polkit
Exploit for CVE-2021-3560 Polkit - Local Privilege Escalatio...
Slackware: Security Advisory (SSA:2014-064-01)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Slackware: Security Advisory (SSA:2020-031-01)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Slackware: Security Advisory (SSA:2015-047-03)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Slackware: Security Advisory (SSA:2021-026-01)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Slackware: Security Advisory (SSA:2021-011-01)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...