| Max CVSS | 5.0 | Min CVSS | 4.6 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2019-19232 | 5.0 |
In Sudo through 1.8.29, an attacker with access to a Runas ALL sudoer account can impersonate a nonexistent user by invoking sudo with a numeric uid that is not associated with any user. NOTE: The software maintainer believes that this is not a vulne
|
05-08-2024 - 02:16 | 19-12-2019 - 21:15 | |
| CVE-2019-19234 | 5.0 |
In Sudo through 1.8.29, the fact that a user has been blocked (e.g., by using the ! character in the shadow file instead of a password hash) is not considered, allowing an attacker (who has access to a Runas ALL sudoer account) to impersonate any blo
|
05-08-2024 - 02:16 | 19-12-2019 - 21:15 | |
| CVE-2019-18634 | 4.6 |
In Sudo before 1.8.26, if pwfeedback is enabled in /etc/sudoers, users can trigger a stack-based buffer overflow in the privileged sudo process. (pwfeedback is a default setting in Linux Mint and elementary OS; however, it is NOT the default for upst
|
07-02-2020 - 17:15 | 29-01-2020 - 18:15 |