4720 matches found
CVE-2025-45311
Insecure permissions in fail2ban-client v0.11.2 allows attackers with limited sudo privileges to perform arbitrary operations as root. NOTE: this is disputed by multiple parties because the action for a triggered rule can legitimately be an arbitrary operation as root. Thus, the software is...
CVE-2025-64761
OpenBao is an open source identity-based secrets management system. Prior to version 2.4.4, a privileged operator could use the identity group subsystem to add a root policy to a group identity group, escalating their or another user's permissions in the system. Specifically this is an issue when...
CVE-2025-64761
OpenBao is an open source identity-based secrets management system. Prior to version 2.4.4, a privileged operator could use the identity group subsystem to add a root policy to a group identity group, escalating their or another user's permissions in the system. Specifically this is an issue when...
CVE-2025-64761 OpenBao Privileged Operator Identity Group Root Escalation
OpenBao is an open source identity-based secrets management system. Prior to version 2.4.4, a privileged operator could use the identity group subsystem to add a root policy to a group identity group, escalating their or another user's permissions in the system. Specifically this is an issue when...
CVE-2025-64761
OpenBao Open Source Secrets Management (OpenBao) is affected by CVE-2025-64761 prior to version 2.4.4. A privileged operator in the root namespace could abuse the identity group subsystem to add a root policy to a group, escalating permissions. Alternatively, an operator with policy access could ...
CVE-2025-64761 OpenBao Privileged Operator Identity Group Root Escalation
OpenBao is an open source identity-based secrets management system. Prior to version 2.4.4, a privileged operator could use the identity group subsystem to add a root policy to a group identity group, escalating their or another user's permissions in the system. Specifically this is an issue when...
Fedora 43 : sudo-rs (2025-a9d9780cbb)
The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-a9d9780cbb advisory. Update to version 0.2.10. This release includes fixes for CVE-2025-64170 and CVE-2025-64517. Tenable has extracted the preceding description block...
OpenBao is Vulnerable to Privileged Operator Identity Group Root Escalation
Impact Similar to HCSEC-2025-13 / CVE-2025-5999, a privileged operator could use the identity group subsystem to add a root policy to a group identity group, escalating their or another user's permissions in the system. Specifically this is an issue when: 1. An operator in the root namespace has...
GHSA-7FF4-JW48-3436 OpenBao is Vulnerable to Privileged Operator Identity Group Root Escalation
Impact Similar to HCSEC-2025-13 / CVE-2025-5999, a privileged operator could use the identity group subsystem to add a root policy to a group identity group, escalating their or another user's permissions in the system. Specifically this is an issue when: 1. An operator in the root namespace has...
PT-2025-47976
Name of the Vulnerable Software and Affected Versions OpenBao versions prior to 2.4.4 Description OpenBao is an identity-based secrets management system. A privileged operator could leverage the identity group subsystem to add a root policy to a group identity group, potentially escalating their...
TencentOS Server 4: sudo (TSSA-2025:0078)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0078 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...
TencentOS Server 2: sudo (TSSA-2025:0656)
The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0656 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities:...
CVE-2025-34323
Nagios Log Server versions prior to 2026R1.0.1 are vulnerable to local privilege escalation due to a combination of sudo misconfiguration and group-writable application directories. The 'www-data' user is a member of the 'nagios' group, which has write access to...
CVE-2025-34323
Nagios Log Server versions prior to 2026R1.0.1 are vulnerable to local privilege escalation due to a combination of sudo misconfiguration and group-writable application directories. The 'www-data' user is a member of the 'nagios' group, which has write access to...
CVE-2025-34323
Nagios Log Server is vulnerable in versions prior to 2026R1.0.1 due to an unsafe interaction between passwordless sudo rules and group-writable script directories. The www-data user is in the nagios group, which has write access to /usr/local/nagioslogserver/scripts, while scripts in that directo...
EUVD-2025-197844
Nagios Log Server versions prior to 2026R1.0.1 are vulnerable to local privilege escalation due to unsafe interaction between sudo rules and file system permissions. The web server account is granted passwordless sudo access to certain maintenance scripts while also being a member of a group that...
CVE-2025-34323 Nagios Log Server < 2026R1.0.1 Local Privilege Escalation via Writable Scripts and Sudo Rules
Nagios Log Server versions prior to 2026R1.0.1 are vulnerable to local privilege escalation due to a combination of sudo misconfiguration and group-writable application directories. The 'www-data' user is a member of the 'nagios' group, which has write access to...
CVE-2025-34323 Nagios Log Server < 2026R1.0.1 Local Privilege Escalation via Writable Scripts and Sudo Rules
Nagios Log Server versions prior to 2026R1.0.1 are vulnerable to local privilege escalation due to a combination of sudo misconfiguration and group-writable application directories. The 'www-data' user is a member of the 'nagios' group, which has write access to...
Nagios Log Server 安全漏洞
Nagios Log Server is a suite of centralized log management, monitoring, and analysis software from Nagios, Inc. A security vulnerability exists in Nagios Log Server versions prior to 2026R1.0.1, which stems from an insecure interaction between sudo rules and filesystem permissions, which could le...
FreeBSD : sudo-rs -- Partial password reveal when password timeout occurs (c1ceaaea-c2e7-11f0-8372-98b78501ef2a)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the c1ceaaea-c2e7-11f0-8372-98b78501ef2a advisory. Trifecta Tech Foundation reports: When typing partial passwords but not pressing return for a long time...