| CVE-2021-23240 |
AVG-1432 |
High |
No |
Arbitrary filesystem access |
A security issue was found in sudo before version 1.9.5. On a system with SELinux in permissive mode, an attacker could use sudoedit to change the ownership... |
| CVE-2021-23239 |
AVG-1431 |
Low |
No |
Information disclosure |
A security issue was found in sudo before version 1.9.5. A race condition in sudoedit could have allowed an attacker to test for the existence of... |
| CVE-2021-3156 |
AVG-1431 |
Critical |
No |
Privilege escalation |
A serious heap-based buffer overflow has been discovered in sudo before version 1.9.5p2 that is exploitable by any local user. It has been given the name... |
| CVE-2019-18634 |
AVG-1093 |
High |
No |
Privilege escalation |
A flaw was found in the Sudo before version 1.8.31 application when the ’pwfeedback' option is set to true on the sudoers file. An authenticated user can... |
| CVE-2019-14287 |
AVG-1047 |
High |
No |
Privilege escalation |
A flaw was found in the way sudo prior to 1.8.28 implemented running commands with arbitrary user ID. If a sudoers entry is written to allow the attacker to... |
| CVE-2017-1000367 |
AVG-282 |
Medium |
No |
Access restriction bypass |
On Linux systems, sudo parses the /proc/[pid]/stat file to determine the device number of the process's tty (field 7). The fields in the file are... |