4721 matches found
CVE-2025-34288
Nagios XI versions prior to 2026R1.1 are vulnerable to local privilege escalation due to an unsafe interaction between sudo permissions and application file permissions. A user‑accessible maintenance script may be executed as root via sudo and includes an application file that is writable by a...
CVE-2025-34288
Nagios XI versions prior to 2026R1.1 are vulnerable to local privilege escalation due to an unsafe interaction between sudo permissions and application file permissions. A user‑accessible maintenance script may be executed as root via sudo and includes an application file that is writable by a...
CVE-2025-34288 Nagios XI Privilege Escalation via Writable PHP Include Executed with Sudo
Nagios XI versions prior to 2026R1.1 are vulnerable to local privilege escalation due to an unsafe interaction between sudo permissions and application file permissions. A user‑accessible maintenance script may be executed as root via sudo and includes an application file that is writable by a...
PT-2025-51789
Name of the Vulnerable Software and Affected Versions Nagios XI versions prior to 2026R1.1 Description The software contains a flaw that allows for local privilege escalation. This is due to an unsafe interaction between sudo permissions and application file permissions. A maintenance script...
Advisory ROSA-SA-2025-3093
Software: sudo 1.8.23 OS: rosa-server79 unaffected versions = sudo-1.8.23-11.0.2.res7.3 affected versions sudo-1.8.23-11.0.2.2.res7.3 CVE-ID: CVE-2025-32462 BDU-ID: 2025-08356 CVE-Crit: LOW CVE-DESC.: A vulnerability in the Sudo system administration program is related to a flaw in the...
SUSE CVE-2025-45311
Insecure permissions in fail2ban-client v0.11.2 allows attackers with limited sudo privileges to perform arbitrary operations as root. NOTE: this is disputed by multiple parties because the action for a triggered rule can legitimately be an arbitrary operation as root. Thus, the software is...
Fedora: Security Advisory (FEDORA-2025-a9d9780cbb)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory (FEDORA-2025-ada7909175)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory (FEDORA-2025-4388808bbf)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
📄 sudo 1.9.17 Local Privilege Escalation
sudo version 1.9.17 local privilege escalation proof of concept exploit that leverages NSS module loading. ============================================================================================================================================= | Title : sudo 1.9.17 local Privilege Escalation...
EUVD-2025-199734
Insecure permissions in fail2ban-client v0.11.2 allows attackers with limited sudo privileges to perform arbitrary operations as root...
DEBIAN-CVE-2025-45311
Insecure permissions in fail2ban-client v0.11.2 allows attackers with limited sudo privileges to perform arbitrary operations as root. NOTE: this is disputed by multiple parties because the action for a triggered rule can legitimately be an arbitrary operation as root. Thus, the software is...
CVE-2025-45311
Insecure permissions in fail2ban-client v0.11.2 allows attackers with limited sudo privileges to perform arbitrary operations as root. NOTE: this is disputed by multiple parties because the action for a triggered rule can legitimately be an arbitrary operation as root. Thus, the software is...
[SECURITY] Fedora 41 Update: sudo-rs-0.2.10-1.fc41
A memory safe implementation of sudo and su...
[SECURITY] Fedora 42 Update: sudo-rs-0.2.10-1.fc42
A memory safe implementation of sudo and su...
[SECURITY] Fedora 43 Update: sudo-rs-0.2.10-1.fc43
A memory safe implementation of sudo and su...
SUSE CVE-2025-64761
OpenBao is an open source identity-based secrets management system. Prior to version 2.4.4, a privileged operator could use the identity group subsystem to add a root policy to a group identity group, escalating their or another user's permissions in the system. Specifically this is an issue when...
Fedora 41 : sudo-rs (2025-ada7909175)
The remote Fedora 41 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-ada7909175 advisory. Update to version 0.2.10. This release includes fixes for CVE-2025-64170 and CVE-2025-64517. Tenable has extracted the preceding description block...
CVE-2025-45311
Insecure permissions in fail2ban-client v0.11.2 allows attackers with limited sudo privileges to perform arbitrary operations as root. NOTE: this is disputed by multiple parties because the action for a triggered rule can legitimately be an arbitrary operation as root. Thus, the software is...
Fedora 42 : sudo-rs (2025-4388808bbf)
The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-4388808bbf advisory. Update to version 0.2.10. This release includes fixes for CVE-2025-64170 and CVE-2025-64517. Tenable has extracted the preceding description block...