29 matches found
SUSE CVE-2026-25499
Terraform / OpenTofu Provider adds support for Proxmox Virtual Environment. Prior to version 0.93.1, in the SSH configuration documentation, the sudoer line suggested is insecure and can result in escaping the folder using ../, allowing any files on the system to be edited. This issue has been...
CVE-2026-25499
Terraform / OpenTofu Provider adds support for Proxmox Virtual Environment. Prior to version 0.93.1, in the SSH configuration documentation, the sudoer line suggested is insecure and can result in escaping the folder using ../, allowing any files on the system to be edited. This issue has been...
EUVD-2026-5351
Terraform / OpenTofu Provider adds support for Proxmox Virtual Environment. Prior to version 0.93.1, in the SSH configuration documentation, the sudoer line suggested is insecure and can result in escaping the folder using ../, allowing any files on the system to be edited. This issue has been...
CVE-2026-25499
Terraform / OpenTofu Provider adds support for Proxmox Virtual Environment. Prior to version 0.93.1, in the SSH configuration documentation, the sudoer line suggested is insecure and can result in escaping the folder using ../, allowing any files on the system to be edited. This issue has been...
CVE-2026-25499 terraform-provider-proxmox has insecure sudo recommendation in the documentation
Terraform / OpenTofu Provider adds support for Proxmox Virtual Environment. Prior to version 0.93.1, in the SSH configuration documentation, the sudoer line suggested is insecure and can result in escaping the folder using ../, allowing any files on the system to be edited. This issue has been...
K000148482: Sudo vulnerability CVE-2019-19234
Security Advisory Description In Sudo through 1.8.29, the fact that a user has been blocked e.g., by using the ! character in the shadow file instead of a password hash is not considered, allowing an attacker who has access to a Runas ALL sudoer account to impersonate any blocked user. NOTE: The...
Granular sudo Permissions for Management of Hardened Repository
Purpose This article documents the granular sudo permissions required to allow Veeam Backup & Replication to deploy and manage a Hardened Repository. Solution Account Requirements The Linux user account used by Veeam Backup & Replication to deploy and manage the Hardened Repository must use the...
CVE-2023-30621
Gipsy is a multi-purpose discord bot which aim to be as modular and user-friendly as possible. In versions prior to 1.3 users can run command on the host machine with sudoer permission. The !ping command when provided with an IP or hostname used to run a bash ping without verification that the IP...
Command injection
Gipsy is a multi-purpose discord bot which aim to be as modular and user-friendly as possible. In versions prior to 1.3 users can run command on the host machine with sudoer permission. The !ping command when provided with an IP or hostname used to run a bash ping without verification that the IP...
CVE-2023-30621 OS command injection in Gipsy
Gipsy is a multi-purpose discord bot which aim to be as modular and user-friendly as possible. In versions prior to 1.3 users can run command on the host machine with sudoer permission. The !ping command when provided with an IP or hostname used to run a bash ping without verification that the IP...
CVE-2023-30621 OS command injection in Gipsy
Gipsy is a multi-purpose discord bot which aim to be as modular and user-friendly as possible. In versions prior to 1.3 users can run command on the host machine with sudoer permission. The !ping command when provided with an IP or hostname used to run a bash ping without verification that the IP...
CVE-2020-10728
A flaw was found in automationbroker/apb container in versions up to and including 2.0.4-1. This container grants all users sudoer permissions allowing an unauthorized user with access to the running container the ability to escalate their own privileges. The highest threat from this vulnerabilit...
Design/Logic Flaw
A flaw was found in automationbroker/apb container in versions up to and including 2.0.4-1. This container grants all users sudoer permissions allowing an unauthorized user with access to the running container the ability to escalate their own privileges. The highest threat from this vulnerabilit...
PT-2022-8320 · Unknown · Automationbroker/Apb
Name of the Vulnerable Software and Affected Versions: automationbroker/apb container versions up to and including 2.0.4-1 Description: A flaw in the automationbroker/apb container allows unauthorized users with access to the running container to escalate their privileges due to all users being...
NewStart CGSL MAIN 4.06 : sudo Multiple Vulnerabilities (NS-SA-2021-0001)
The remote NewStart CGSL host, running version MAIN 4.06, has sudo packages installed that are affected by multiple vulnerabilities: - In Sudo before 1.8.26, if pwfeedback is enabled in /etc/sudoers, users can trigger a stack-based buffer overflow in the privileged sudo process. pwfeedback is a...
EulerOS Virtualization for ARM 64 3.0.2.0 : sudo (EulerOS-SA-2020-1564)
According to the versions of the sudo package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - In PHP before 5.6.28 and 7.x before 7.0.13, incorrect handling of various URI components in the URL parser could be used ...
The vulnerability of the sudoer account in the Runas ALL system administration software allows a hacker to disable user authentication using a local password.
The vulnerability of the sudoer account in the Runas ALL system administration program is related to improper access control. Exploiting this vulnerability could allow a malicious actor to disable user authentication using the local password...
The vulnerability of the sudoer account in the Runas ALL system administration software allows a hacker to impersonate an existing user.
The vulnerability of the sudoer account in the Runas ALL system administration program is related to improper access control. Exploiting this vulnerability allows a malicious actor to impersonate an existing user...
DEBIAN-CVE-2019-19234
In Sudo through 1.8.29, the fact that a user has been blocked e.g., by using the ! character in the shadow file instead of a password hash is not considered, allowing an attacker who has access to a Runas ALL sudoer account to impersonate any blocked user. NOTE: The software maintainer believes...
UBUNTU-CVE-2019-19234
In Sudo through 1.8.29, the fact that a user has been blocked e.g., by using the ! character in the shadow file instead of a password hash is not considered, allowing an attacker who has access to a Runas ALL sudoer account to impersonate any blocked user. NOTE: The software maintainer believes...