Lucene search
K

4730 matches found

OpenVAS
OpenVAS
added 2021/03/05 12:0 a.m.21 views

Huawei EulerOS: Security Advisory for sudo (EulerOS-SA-2021-1424)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.3AI score0.99295EPSS
Exploits83References4
OpenVAS
OpenVAS
added 2021/03/05 12:0 a.m.24 views

Huawei EulerOS: Security Advisory for sudo (EulerOS-SA-2021-1575)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.3AI score0.99295EPSS
Exploits83References4
Tenable Nessus
Tenable Nessus
added 2021/03/04 12:0 a.m.39 views

EulerOS Virtualization for ARM 64 3.0.6.0 : sudo (EulerOS-SA-2021-1575)

According to the versions of the sudo package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - The sudoedit personality of Sudo before 1.9.5 may allow a local unprivileged user to perform arbitrary directory-existenc...

7.8CVSS7.2AI score0.99295EPSS
Exploits83References4
Tenable Nessus
Tenable Nessus
added 2021/03/04 12:0 a.m.34 views

EulerOS Virtualization 3.0.6.6 : sudo (EulerOS-SA-2021-1520)

According to the versions of the sudo package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - selinuxeditcopytfiles in sudoedit in Sudo before 1.9.5 allows a local unprivileged user to gain file ownership and escalate privileg...

7.8CVSS7.3AI score0.99295EPSS
Exploits83References4
Tenable Nessus
Tenable Nessus
added 2021/03/04 12:0 a.m.30 views

EulerOS Virtualization for ARM 64 3.0.6.0 : cifs-utils (EulerOS-SA-2021-1546)

According to the version of the cifs-utils package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerability : - It was found that cifs-utils' mount.cifs was invoking a shell when requesting the Samba password, which could be used ...

7CVSS6.3AI score0.00652EPSS
Exploits1References2
CBLMariner
CBLMariner
added 2021/03/03 3:44 a.m.13 views

CVE-2021-23240 affecting package sudo 1.8.31p1-4

CVE-2021-23240 affecting package sudo 1.8.31p1-4. An upgraded version of the package is available that resolves this issue...

7.8CVSS7.4AI score0.01066EPSS
Exploits1
CBLMariner
CBLMariner
added 2021/03/03 3:44 a.m.22 views

CVE-2021-23239 affecting package sudo 1.8.31p1-4

CVE-2021-23239 affecting package sudo 1.8.31p1-4. An upgraded version of the package is available that resolves this issue...

2.5CVSS7.4AI score0.01029EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2021/02/24 12:0 a.m.30 views

SUSE SLED15 / SLES15 Security Update : avahi (SUSE-SU-2021:0551-1)

This update for avahi fixes the following issues : CVE-2021-26720: drop privileges when invoking avahi-daemon-check-dns.sh bsc1180827 Update avahi-daemon-check-dns.sh from Debian. Our previous version relied on ifconfig, route, and init.d. Add sudo to requires: used to drop privileges. Note that...

7.8CVSS7.9AI score0.00395EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2021/02/24 12:0 a.m.597 views

Linux Sudo Privilege Escalation (Out-of-bounds Write)

Binary data linuxcve-2021-3156.nbin...

7.8CVSS8.6AI score0.99295EPSS
Exploits81References2
OSV
OSV
added 2021/02/23 8:32 a.m.5 views

SUSE-SU-2021:0551-1 Security update for avahi

This update for avahi fixes the following issues: - CVE-2021-26720: drop privileges when invoking avahi-daemon-check-dns.sh bsc1180827 - Update avahi-daemon-check-dns.sh from Debian. Our previous version relied on ifconfig, route, and init.d. - Add sudo to requires: used to drop privileges...

7.8CVSS7.6AI score0.00395EPSS
Exploits0References3
GithubExploit
GithubExploit
added 2021/02/23 3:14 a.m.79 views

Exploit for Off-by-one Error in Sudo_Project Sudo

CVE-2021-3156 PoC Introduction This is an exploit for the...

7.8CVSS7.7AI score0.99295EPSS
Exploits81
Tenable Nessus
Tenable Nessus
added 2021/02/22 12:0 a.m.39 views

EulerOS 2.0 SP2 : sudo (EulerOS-SA-2021-1366)

According to the version of the sudo package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - Sudo before 1.9.5p2 has a Heap-based Buffer Overflow, allowing privilege escalation to root via 'sudoedit -s' and a command-line argument that ends wi...

7.8CVSS7.4AI score0.99295EPSS
Exploits81References2
Tenable Nessus
Tenable Nessus
added 2021/02/22 12:0 a.m.35 views

EulerOS 2.0 SP3 : sudo (EulerOS-SA-2021-1375)

According to the versions of the sudo package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Sudo superuser do allows a system administrator to give certain users or groups of users the ability to run some or all commands as root while...

7.8CVSS7.6AI score0.99295EPSS
Exploits82References3
OpenVAS
OpenVAS
added 2021/02/22 12:0 a.m.18 views

Huawei EulerOS: Security Advisory for sudo (EulerOS-SA-2021-1366)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS8.5AI score0.99295EPSS
Exploits81References4
OpenVAS
OpenVAS
added 2021/02/22 12:0 a.m.15 views

Huawei EulerOS: Security Advisory for sudo (EulerOS-SA-2021-1375)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS8.5AI score0.99295EPSS
Exploits82References4
Packet Storm
Packet Storm
added 2021/02/15 12:0 a.m.183 views

Klog Server 2.4.1 Command Injection

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Klog Server authenticate.php user Unauthenticated Command Injection', 'Description' = %q This module exploits an unauthenticated command injectio...

10CVSS0.1AI score0.87987EPSS
Exploits8
Metasploit
Metasploit
added 2021/02/13 5:42 p.m.87 views

Klog Server authenticate.php user Unauthenticated Command Injection

This module exploits an unauthenticated command injection vulnerability in Klog Server versions 2.4.1 and prior. The authenticate.php file uses the user HTTP POST parameter in a call to the shellexec PHP function without appropriate input validation, allowing arbitrary command execution as the...

10CVSS9.9AI score0.87987EPSS
Exploits8
Tenable Nessus
Tenable Nessus
added 2021/02/11 12:0 a.m.61 views

macOS 10.14.x < 10.14.6 Security Update 2021-002 / 10.15.x < 10.15.7 Supplemental Update / macOS 11.x < 11.2.1 (HT212177)

The remote host is running a version of macOS / Mac OS X that is 10.14.x prior to 10.14.6 Security Update 2021-002 Mojave, 10.15.x prior to 10.15.7 Supplemental Update Catalina, or 11.x prior to 11.2.1 Big Sur. It is, therefore, affected by multiple vulnerabilities, including the following: - An...

9.3CVSS8.2AI score0.99295EPSS
Exploits81References4
Palo Alto Networks
Palo Alto Networks
added 2021/02/10 5:0 p.m.153 views

Informational: Impact of Sudo Vulnerability CVE-2021-3156

Palo Alto Networks Product Security Assurance team has evaluated the Sudo software vulnerability CVE-2021-3156. PAN-OS software, Prisma Cloud compute, and Prisma SD-WAN CloudGenix devices do not include the Sudo program and, therefore, no scenarios required for successful exploitation exist in...

7.8CVSS8AI score0.99295EPSS
Exploits81References2
The Hacker News
The Hacker News
added 2021/02/10 10:23 a.m.4 views

Apple Patches 10-Year-Old macOS SUDO Root Privilege Escalation Bug

Apple has rolled out a fix for a critical sudo vulnerability in macOS Big Sur, Catalina, and Mojave that could allow unauthenticated local users to gain root-level privileges on the system. "A local attacker may be able to elevate their privileges," Apple said in a security advisory. "This issue...

7.8CVSS7.7AI score0.99295EPSS
Exploits81
Rows per page
Query Builder