Max CVSS 9.0 Min CVSS 7.2 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2019-14287 9.0
In Sudo before 1.8.28, an attacker with access to a Runas ALL sudoer account can bypass certain policy blacklists and session PAM modules, and can cause incorrect logging, by invoking sudo with a crafted user ID. For example, this allows bypass of !r
18-04-2022 - 15:45 17-10-2019 - 18:15
CVE-2017-1000368 7.2
Todd Miller's sudo version 1.8.20p1 and earlier is vulnerable to an input validation (embedded newlines) in the get_process_ttyname() function resulting in information disclosure and command execution.
29-05-2019 - 19:29 05-06-2017 - 16:29
Back to Top Mark selected
Back to Top