Lucene search
K

4734 matches found

EUVD
EUVD
added 2025/11/13 3:23 a.m.2 views

EUVD-2025-179849

Malicious code in cat-sudo-node-decrypt-analyze npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/13 3:23 a.m.3 views

EUVD-2025-175985

Malicious code in test-sudo-notify-meta-orchestrate npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/13 3:23 a.m.4 views

EUVD-2025-178443

Malicious code in import-scale-deserialize-sudo-visualize npm...

6.6AI score
Exploits0
OSV
OSV
added 2025/11/13 3:23 a.m.1 views

MAL-2025-187468 Malicious code in info-byte-simulate-cat-sudo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0027d2338d6014bc490d64b292626df8d2de44402c81596a7920b4d4fc8d485b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
NVD
NVD
added 2025/11/12 10:15 p.m.5 views

CVE-2025-64517

sudo-rs is a memory safe implementation of sudo and su written in Rust. With Defaults targetpw or Defaults rootpw enabled, the password of the target account or root account instead of the invoking user is used for authentication. sudo-rs starting in version 0.2.5 and prior to version 0.2.10...

4.4CVSS0.00154EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2025/11/12 10:15 p.m.2 views

CVE-2025-64517

sudo-rs is a memory safe implementation of sudo and su written in Rust. With Defaults targetpw or Defaults rootpw enabled, the password of the target account or root account instead of the invoking user is used for authentication. sudo-rs starting in version 0.2.5 and prior to version 0.2.10...

4.4CVSS5.9AI score0.00154EPSS
Exploits0References3
OSV
OSV
added 2025/11/12 10:15 p.m.3 views

UBUNTU-CVE-2025-64517

sudo-rs is a memory safe implementation of sudo and su written in Rust. With Defaults targetpw or Defaults rootpw enabled, the password of the target account or root account instead of the invoking user is used for authentication. sudo-rs starting in version 0.2.5 and prior to version 0.2.10...

4.4CVSS5.9AI score0.00154EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/11/12 10:8 p.m.1 views

CVE-2025-64517 sudo-rs doesn't record authenticating user properly in timestamp

sudo-rs is a memory safe implementation of sudo and su written in Rust. With Defaults targetpw or Defaults rootpw enabled, the password of the target account or root account instead of the invoking user is used for authentication. sudo-rs starting in version 0.2.5 and prior to version 0.2.10...

4.4CVSS7AI score0.00154EPSS
Exploits0References3
CVE
CVE
added 2025/11/12 10:8 p.m.11 views

CVE-2025-64517

sudo-rs (Rust implementation of sudo) is affected by CVE-2025-64517. Versions prior to 0.2.10 incorrectly recorded the invoking user’s UID in the authentication timestamp when Defaults targetpw/rootpw are enabled, which could allow a highly-privileged user to run commands as other accounts using ...

4.4CVSS6.6AI score0.00154EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/11/12 10:8 p.m.10 views

CVE-2025-64517 sudo-rs doesn't record authenticating user properly in timestamp

sudo-rs is a memory safe implementation of sudo and su written in Rust. With Defaults targetpw or Defaults rootpw enabled, the password of the target account or root account instead of the invoking user is used for authentication. sudo-rs starting in version 0.2.5 and prior to version 0.2.10...

4.4CVSS0.00154EPSS
Exploits0References3
OSV
OSV
added 2025/11/12 10:8 p.m.4 views

CVE-2025-64517 sudo-rs doesn't record authenticating user properly in timestamp

sudo-rs is a memory safe implementation of sudo and su written in Rust. With Defaults targetpw or Defaults rootpw enabled, the password of the target account or root account instead of the invoking user is used for authentication. sudo-rs starting in version 0.2.5 and prior to version 0.2.10...

4.4CVSS7AI score0.00154EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2025/11/12 9:30 p.m.11 views

sudo-rs: Partial password reveal is possible after timeout

Summary If a user begins entering a password but does not press return for an extended period, a password timeout may occur. When this happens, the keystrokes that were entered are echoed back to the console. Example Using sudo-rs: geiger@cerberus:$ sudo -s sudo: authenticate Password: sudo-rs:...

3.8CVSS6.6AI score0.00122EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2025/11/12 9:30 p.m.3 views

GHSA-C978-WQ47-PVVW sudo-rs: Partial password reveal is possible after timeout

Summary If a user begins entering a password but does not press return for an extended period, a password timeout may occur. When this happens, the keystrokes that were entered are echoed back to the console. Example Using sudo-rs: geiger@cerberus:$ sudo -s sudo: authenticate Password: sudo-rs:...

3.8CVSS6.5AI score0.00122EPSS
Exploits0References5
NVD
NVD
added 2025/11/12 9:15 p.m.4 views

CVE-2025-64170

sudo-rs is a memory safe implementation of sudo and su written in Rust. Starting in version 0.2.7 and prior to version 0.2.10, if a user begins entering a password but does not press return for an extended period, a password timeout may occur. When this happens, the keystrokes that were entered a...

3.8CVSS0.00122EPSS
Exploits0References2
OSV
OSV
added 2025/11/12 9:15 p.m.5 views

UBUNTU-CVE-2025-64170

sudo-rs is a memory safe implementation of sudo and su written in Rust. Starting in version 0.2.7 and prior to version 0.2.10, if a user begins entering a password but does not press return for an extended period, a password timeout may occur. When this happens, the keystrokes that were entered a...

3.8CVSS5.8AI score0.00122EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/11/12 8:30 p.m.14 views

CVE-2025-64170 sudo-rs: Partial password reveal is possible after timeout

sudo-rs is a memory safe implementation of sudo and su written in Rust. Starting in version 0.2.7 and prior to version 0.2.10, if a user begins entering a password but does not press return for an extended period, a password timeout may occur. When this happens, the keystrokes that were entered a...

3.8CVSS0.00122EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/11/12 8:30 p.m.2 views

CVE-2025-64170 sudo-rs: Partial password reveal is possible after timeout

sudo-rs is a memory safe implementation of sudo and su written in Rust. Starting in version 0.2.7 and prior to version 0.2.10, if a user begins entering a password but does not press return for an extended period, a password timeout may occur. When this happens, the keystrokes that were entered a...

3.8CVSS6.3AI score0.00122EPSS
Exploits0References2
CVE
CVE
added 2025/11/12 8:30 p.m.22 views

CVE-2025-64170

CVE-2025-64170 affects sudo-rs, a memory-safe Rust implementation of sudo/su. Concrete details from connected documents show a vulnerability that, when a password timeout occurs due to the user typing a password and not pressing return for an extended period, causes the entered keystrokes to be e...

3.8CVSS6AI score0.00122EPSS
Exploits0References2
OSV
OSV
added 2025/11/12 8:30 p.m.4 views

CVE-2025-64170 sudo-rs: Partial password reveal is possible after timeout

sudo-rs is a memory safe implementation of sudo and su written in Rust. Starting in version 0.2.7 and prior to version 0.2.10, if a user begins entering a password but does not press return for an extended period, a password timeout may occur. When this happens, the keystrokes that were entered a...

3.8CVSS6.4AI score0.00122EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/11/12 12:0 a.m.2 views

PT-2025-46704

Ubuntu's Rust Transition Hits Another Bump as sudo-rs Security Vulnerabilities Show Up https://t.co/J0uiXr4DC3 - Ubuntu addresses a critical sudo vulnerability CVE-2023-34996, ur...

7AI score
Exploits0References1
Rows per page
Query Builder