Max CVSS 9.0 Min CVSS 4.6 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2019-14287 9.0
In Sudo before 1.8.28, an attacker with access to a Runas ALL sudoer account can bypass certain policy blacklists and session PAM modules, and can cause incorrect logging, by invoking sudo with a crafted user ID. For example, this allows bypass of !r
18-04-2022 - 15:45 17-10-2019 - 18:15
CVE-2019-18634 4.6
In Sudo before 1.8.26, if pwfeedback is enabled in /etc/sudoers, users can trigger a stack-based buffer overflow in the privileged sudo process. (pwfeedback is a default setting in Linux Mint and elementary OS; however, it is NOT the default for upst
07-02-2020 - 17:15 29-01-2020 - 18:15
CVE-2019-19232 5.0
** DISPUTED ** In Sudo through 1.8.29, an attacker with access to a Runas ALL sudoer account can impersonate a nonexistent user by invoking sudo with a numeric uid that is not associated with any user. NOTE: The software maintainer believes that this
30-01-2020 - 16:15 19-12-2019 - 21:15
Back to Top Mark selected
Back to Top