CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

4723 matches found

Exploit DB•added 2013/06/10 12:0 a.m.•50 views

MobileIron Virtual Smartphone Platform - Privilege Escalation

MobileIron Virtual Smartphone Platform Privilege Escalation Exploit 0day ======================================================================== The MobileIron Virtual Smartphone Platform is the first solution to combine data-driven smartphone and tablet management with real-time wireless cost...

7.4AI score

Exploits0

Tenable Nessus•added 2013/05/31 12:0 a.m.•30 views

VMSA-2013-0007 : VMware ESX third-party update for Service Console package sudo

a. Service Console update for sudo The service console package sudo is updated to version 1.7.2p1-14.el58.3 The Common Vulnerabilities and Exposures project cve.mitre.org has assigned the name CVE-2012-2337 and CVE-2012-3440 to the issues addressed in this update. %NASLMINLEVEL 70300 C Tenable...

7.2CVSS7.4AI score0.00435EPSS

Exploits1References3

VMware•added 2013/05/30 12:0 a.m.•32 views

VMware ESX patch address security issues

a. Service Console update for sudoThe service console package sudo is updated to version 1.7.2p1-14.el58.3The Common Vulnerabilities and Exposures project cve.mitre.org has assigned the name CVE-2012-2337 and CVE-2012-3440 to the issue addressed in this update. Column 4 of the following table lis...

7.2CVSS4.4AI score0.00435EPSS

Exploits1References2Affected Software1

VMware•added 2013/05/28 12:0 a.m.•38 views

VMSA-2013-0007:VMware ESX patch address security issues

VMSA-2013-0007.1 VMware ESX third party update for Service Console package sudo VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2013-0007.1 VMware Security Advisory Synopsis: VMware ESX third party update for Service Console package sudo VMware Security Advisory Issue date:...

7.5CVSS7.7AI score0.5564EPSS

Exploits5References1Affected Software1

Tenable Nessus•added 2013/05/16 12:0 a.m.•38 views

SuSE 11.2 Security Update : sudo (SAT Patch Number 7705)

This update fixes the following security issues which allowed to bypass the sudo authentication: CVE-2013-1775 / CVE-2013-1776 / CVE-2013-2776 / CVE-2013-2777. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from SuSE 11...

6.9CVSS7.8AI score0.03202EPSS

Exploits8References12

Tenable Nessus•added 2013/05/16 12:0 a.m.•35 views

SuSE 10 Security Update : sudo (ZYPP Patch Number 8562)

This update fixes the following security issues which allowed to bypass the sudo authentication: CVE-2013-1775 / CVE-2013-1776 / CVE-2013-2776 / CVE-2013-2777. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc...

6.9CVSS7.8AI score0.03202EPSS

Exploits8References8

0day.today•added 2013/05/01 12:0 a.m.•241 views

Sudo v1.8.0-1.8.3p1 (sudo_debug) - Root Exploit

sudo versions 1.8.0 through 1.8.3p1 sudodebug root exploit with glibc FORTIFYSOURCE bypass. include include include include include include include include include include define OFFSET 65000 define NUMTHREADS 0 / files that we create on disk / define BACKDOOR "e.c" define BDCOMPILED "e" define...

7.2CVSS0.4AI score0.02968EPSS

Exploits6

Exploit DB•added 2013/05/01 12:0 a.m.•79 views

sudo 1.8.0 < 1.8.3p1 - 'sudo_debug' glibc FORTIFY_SOURCE Bypass + Privilege Escalation

/ death-star.c sudo v1.8.0-1.8.3p1 sudodebug format string root exploit + glibc FORTIFYSOURCE bypass by aeon - http://infosecabsurdity.wordpress.com/ This PoC exploits: - CVE-2012-0864 - FORTIFYSOURCE format string protection bypass via "nargs" integer overflow - CVE-2012-0809 - sudo v1.8.0-1.8.3...

7.2CVSS7.9AI score0.02968EPSS

Exploits6

Tenable Nessus•added 2013/04/20 12:0 a.m.•34 views

Mandriva Linux Security Advisory : sudo (MDVSA-2013:054)

Multiple vulnerabilities has been found and corrected in sudo : A flaw exists in the IP network matching code in sudo versions 1.6.9p3 through 1.8.4p4 that may result in the local host being matched even though it is not actually part of the network described by the IP address and associated...

7.2CVSS8AI score0.03202EPSS

Exploits8References6

OSV•added 2013/04/08 5:55 p.m.•9 views

CVE-2013-1776

sudo 1.3.5 through 1.7.10 and 1.8.0 through 1.8.5, when the ttytickets option is enabled, does not properly validate the controlling terminal device, which allows local users with sudo permissions to hijack the authorization of another terminal via vectors related to connecting to the standard...

6.3AI score

Exploits0References16

OSV•added 2013/04/08 5:55 p.m.•5 views

CVE-2013-2777

sudo before 1.7.10p5 and 1.8.x before 1.8.6p6, when the ttytickets option is enabled, does not properly validate the controlling terminal device, which allows local users with sudo permissions to hijack the authorization of another terminal via vectors related to a session without a controlling...

6.2AI score

Exploits0References14

NVD•added 2013/04/08 5:55 p.m.•17 views

CVE-2013-2777

4.4CVSS6.3AI score0.00367EPSS

Exploits0References14

NVD•added 2013/04/08 5:55 p.m.•17 views

CVE-2013-1776

4.4CVSS6.2AI score0.00378EPSS

Exploits0References16

NVD•added 2013/04/08 5:55 p.m.•19 views

CVE-2013-2776

sudo 1.3.5 through 1.7.10p5 and 1.8.0 through 1.8.6p6, when running on systems without /proc or the sysctl function with the ttytickets option enabled, does not properly validate the controlling terminal device, which allows local users with sudo permissions to hijack the authorization of another...

4.4CVSS6.3AI score0.00373EPSS

Exploits0References17

OSV•added 2013/04/08 5:55 p.m.•1 views

DEBIAN-CVE-2013-1776

4.4CVSS6.8AI score0.00378EPSS

Exploits0References1

OSV•added 2013/04/08 5:55 p.m.•1 views

DEBIAN-CVE-2013-2776

4.4CVSS6.8AI score0.00373EPSS

Exploits0References1

OSV•added 2013/04/08 5:55 p.m.•1 views

DEBIAN-CVE-2013-2777