Slackware Linux 15.0 / current sudo Multiple Vulnerabilities (SSA:2025-181-01)

The version of sudo installed on the remote host is prior to 1.9.17p1. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2025-181-01 advisory. New sudo packages are available for Slackware 15.0 and -current to fix security issues. Tenable has extracted the preceding...

EUVD-2025-19673

Sudo before 1.9.17p1 allows local users to obtain root access because /etc/nsswitch.conf from a user-controlled directory is used with the --chroot option...

CVE-2025-32463

Sudo before 1.9.17p1 allows local users to obtain root access because /etc/nsswitch.conf from a user-controlled directory is used with the --chroot option...

TencentOS Server 3: sudo (TSSA-2023:0015)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2023:0015 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

TencentOS Server 4: sudo (TSSA-2024:0278)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0278 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

TencentOS Server 2: sudo (TSSA-2023:0133)

The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2023:0133 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities:...

TencentOS Server 3: sudo (TSSA-2024:0063)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0063 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

Fedora 42 : sudo-rs (2025-c62d1a4879)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-c62d1a4879 advisory. Update to version 0.2.6. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...

CVE-2024-13090

A privilege escalation vulnerability may enable a service account to elevate its privileges. The sudo rules configured for a local service account were excessively permissive, potentially allowing administrative access if a malicious actor could execute arbitrary commands as that account. It is...

CVE-2024-13090

CVE-2024-13090 describes a privilege escalation risk in Nozomi Guardian/CMC prior to version 24.6.0, caused by overly permissive sudo rules for a local service account. This could allow a user with service-account privileges to run commands with elevated rights if an attacker could exploit the su...

CVE-2024-13090 Privilege escalation in Guardian/CMC before 24.6.0

A privilege escalation vulnerability may enable a service account to elevate its privileges. The sudo rules configured for a local service account were excessively permissive, potentially allowing administrative access if a malicious actor could execute arbitrary commands as that account. It is...

Privilege escalation in Guardian/CMC before 24.6.0

Summary A privilege escalation vulnerability may enable a service account to elevate its privileges. Impact The sudo rules configured for a local service account were excessively permissive, potentially allowing administrative access if a malicious actor could execute arbitrary commands as that...

PT-2025-24648 · Nozomi Networks · Cmc +1

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: A privilege escalation issue may allow a service account to elevate its privileges. The sudo rules configured for a local service account were excessively permissive, potentially allowing...

Nozomi Guardian 安全漏洞

Nozomi Guardian is a US-based protection software. A security vulnerability exists in Nozomi Guardian that stems from an overly loose configuration of sudo rules, which could result in a service account elevating privileges to the administrator level...

OS Command Exec, Add user with useradd

Execute an OS command from PHP. Creates a new user. By default the new user is set with sudo but other options exist to make the new user automatically root but this is not automatically set since the new user will be treated as root and login may be difficult. The new user can also be set as jus...

CLSA-2025-1748365696 sudo: Fix of CVE-2023-42465

CVE-2023-42465: Make sudo less vulnerable to ROWHAMMER attacks...

Security Bulletin: Vulnerability in SUDO affects IBM Integrated Analytics System (Sailfish)[CVE-2023-22809, CVE-2023-28486, CVE-2023-28487, CVE-2023-42465]

Summary The SUDO package is used by IBM Integrated Analytics System . IBM Integrated Analytics System has addressed the applicable CVECVE-2023-22809, CVE-2023-28486, CVE-2023-28487, CVE-2023-42465 Vulnerability Details CVEID:CVE-2023-22809 DESCRIPTION: In Sudo before 1.9.12p2, the sudoedit aka -e...

ABB M2M Gateway Improper Privilege Management in embedded Sudo (CVE-2023-22809)

In Sudo before 1.9.12p2, the sudoedit aka -e feature mishandles extra arguments passed in the user-provided environment variables SUDOEDITOR, VISUAL, and EDITOR, allowing a local attacker to append arbitrary entries to the list of files to process. This can lead to privilege escalation. Affected...

Fedora: Security Advisory (FEDORA-2025-c62d1a4879)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory (FEDORA-2025-6a67917349)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...