High

DATE	CVE	VULNERABILITY TITLE	RISK
2023-12-23	CVE-2023-7090	Improper Privilege Management vulnerability in Sudo Project Sudo A flaw was found in sudo in the handling of ipa_hostname, where ipa_hostname from /etc/sssd/sssd.conf was not propagated in sudo. network low complexity sudo-project CWE-269	8.8
2023-12-22	CVE-2023-42465	Unspecified vulnerability in Sudo Project Sudo Sudo before 1.9.15 might allow row hammer attacks (for authentication bypass or privilege escalation) because application logic sometimes is based on not equaling an error value (instead of equaling a success value), and because the values do not resist flips of a single bit. local high complexity sudo-project	7.0
2023-02-28	CVE-2023-27320	Double Free vulnerability in multiple products Sudo before 1.9.13p2 has a double free in the per-command chroot feature. network low complexity sudo-project fedoraproject CWE-415	7.2
2023-01-18	CVE-2023-22809	Improper Privilege Management vulnerability in multiple products In Sudo before 1.9.12p2, the sudoedit (aka -e) feature mishandles extra arguments passed in the user-provided environment variables (SUDO_EDITOR, VISUAL, and EDITOR), allowing a local attacker to append arbitrary entries to the list of files to process. local low complexity sudo-project debian fedoraproject apple CWE-269	7.8
2022-11-02	CVE-2022-43995	Out-of-bounds Read vulnerability in Sudo Project Sudo Sudo 1.8.0 through 1.9.12, with the crypt() password backend, contains a plugins/sudoers/auth/passwd.c array-out-of-bounds error that can result in a heap-based buffer over-read. local low complexity sudo-project CWE-125	7.1
2021-01-26	CVE-2021-3156	Off-by-one Error vulnerability in multiple products Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege escalation to root via "sudoedit -s" and a command-line argument that ends with a single backslash character. local low complexity sudo-project fedoraproject debian netapp mcafee synology beyondtrust oracle CWE-193	7.8
2021-01-12	CVE-2021-23240	Link Following vulnerability in multiple products selinux_edit_copy_tfiles in sudoedit in Sudo before 1.9.5 allows a local unprivileged user to gain file ownership and escalate privileges by replacing a temporary file with a symlink to an arbitrary file target. local low complexity sudo-project netapp fedoraproject CWE-59	7.8
2020-01-29	CVE-2019-18634	Out-of-bounds Write vulnerability in multiple products In Sudo before 1.8.26, if pwfeedback is enabled in /etc/sudoers, users can trigger a stack-based buffer overflow in the privileged sudo process. local low complexity sudo-project debian CWE-787	7.8
2019-11-04	CVE-2005-4890	Improper Input Validation vulnerability in multiple products There is a possible tty hijacking in shadow 4.x before 4.1.5 and sudo 1.x before 1.7.4 via "su - user -c program". local low complexity debian sudo-project redhat CWE-20	7.2
2019-11-04	CVE-2019-18684	Race Condition vulnerability in Sudo Project Sudo Sudo through 1.8.29 allows local users to escalate to root if they have write access to file descriptor 3 of the sudo process. local high complexity sudo-project CWE-362	7.0