Exploit for Inclusion of Functionality from Untrusted Control Sphere in Sudo_Project Sudo

Sudo CVE-2025-32463 — PoC !GitHub last commithttps://img.s...

Exploit for Inclusion of Functionality from Untrusted Control Sphere in Sudo_Project Sudo

CVE-2025-32463 Exploit Tool This repository contains a Go-bas...

Important: Red Hat Security Advisory: OpenShift Container Platform 4.12.79 bug fix and security update

Red Hat OpenShift Container Platform release 4.12.79 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.12. Red Hat Product Security has rated this update as having a...

Local Privilege Escalation

github.com/linuxdeepin/lastore-daemon is vulnerable to Local Privilege Escalation. The vulnerability is due to insecure D-Bus configuration due to allowing users in the sudo group to invoke the InstallPackage method without authentication, enabling arbitrary code execution as root via crafted .de...

[Important] [Security] CVE Fixes (CVE-2025-32462, CVE-2024-12085, and CVE-2024-45332) for Virtuozzo Hybrid Server 7.5 and VzLinux 7.9

This update fixes the vulnerabilities in sudo, rsync, and microcodectl registered as CVE-2025-32462, CVE-2024-12085, and CVE-2024-45332. Additionally, this update includes fixes applied to Virtuozzo guest tools for Windows. The new packages are available for Virtuozzo Hybrid Server 7.5 and VzLinu...

[Important] [Security] Fixes for vulnerabilities in sudo, rsync, and microcode_ctl (CVE-2025-32462, CVE-2024-12085, and CVE-2024-45332) for Virtuozzo Hybrid Server 7.5

This update fixes the vulnerabilities in sudo, rsync, and microcodectl registered as CVE-2025-32462, CVE-2024-12085, and CVE-2024-45332. Additionally, this update includes a fix for NetKVM drivers that caused some Windows virtual machines to crash. Vulnerability id: CVE-2025-32462 A privilege...

[Important] [Security] Fixes for vulnerabilities in sudo, rsync, and microcode_ctl (CVE-2025-32462, CVE-2024-12085, and CVE-2024-45332) for Virtuozzo Hybrid Server 7.5

This update resolves the vulnerabilities in sudo, rsync, and microcodectl registered as CVE-2025-32462, CVE-2024-12085, and CVE-2024-45332. Additionally, this update includes a fix for NetKVM drivers that caused some Windows virtual machines to crash. Vulnerability id: CVE-2025-32462 A privilege...

Exploit for Improper Privilege Management in Sudo_Project Sudo

CVE-2023-22809-automated-python-exploits automatically exploit...

Exploit for Inclusion of Functionality from Untrusted Control Sphere in Sudo_Project Sudo

CVE-2025-32463 Vulnerability Experiment Environment !Docker...

RLSA-2025:10110 Important: sudo security update

The sudo packages contain the sudo utility which allows system administrators to provide certain users with the permission to execute privileged commands, which are used for system management purposes, without having to log in as root. Security Fixes: sudo: LPE via host option CVE-2025-32462 For...

sudo security update

An update is available for sudo. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The sudo packages contain the sudo utility which allows system administrators to...

Exploit for Inclusion of Functionality from Untrusted Control Sphere in Sudo_Project Sudo

CVE-2025-32463 - Sudo Chroot Privilege Escalation Exploit...

Exploit for Incorrect Authorization in Sudo_Project Sudo

CVE-2025-32462 - Sudo Host Bypass Exploit Original Discove...

Mageia: Security Advisory (MGASA-2025-0213)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

sudo_inject

Linux Privilege Escalation by injecting process possessing sudo tokens Inject process that have valid sudo token and activate our own sudo token Introduction We all noticed that sometimes sudo doesn't ask us for a password because he remembers us. How does he remember us and how does he identifie...

MGASA-2025-0213 Updated sudo packages fix security vulnerabilities

CVE-2025-32462 - Sudo before 1.9.17p1, when used with a sudoers file that specifies a host that is neither the current host nor ALL, allows listed users to execute commands on unintended machines CVE-2025-32463 - Sudo before 1.9.17p1 allows local users to obtain root access because...

Updated sudo packages fix security vulnerabilities

CVE-2025-32462 - Sudo before 1.9.17p1, when used with a sudoers file that specifies a host that is neither the current host nor ALL, allows listed users to execute commands on unintended machines CVE-2025-32463 - Sudo before 1.9.17p1 allows local users to obtain root access because...

PT-2025-30917

Name of the Vulnerable Software and Affected Versions GitLab EE versions 16.6 through 18.2.7 GitLab EE versions 18.3 through 18.3.3 GitLab EE versions 18.4 through 18.4.1 sudo affected versions not specified Description A security issue exists in GitLab EE where Project Maintainers can assign...

CVE-2025-43487

A potential privilege escalation through Sudo vulnerability has been identified in the Poly Clariti Manager for versions prior to 10.12.2. The firmware flaw does not properly implement access controls. HP has addressed the issue in the latest software update...

CVE-2016-15045

A local privilege escalation vulnerability exists in lastore-daemon, the system package manager daemon used in Deepin Linux developed by Wuhan Deepin Technology Co., Ltd.. In versions 0.9.53-1 Deepin 15.5 and 0.9.66-1 Deepin 15.7, the D-Bus configuration permits any user in the sudo group to invo...