CVE-2019-14287 — CVSS 8.8 (high): In Sudo before 1.8.28, an attacker with access to a Runas ALL sudoer account can bypass certain policy blacklists and session PAM modules…
CVE-2017-1000368 — CVSS 8.2 (high): Todd Miller's sudo version 1.8.20p1 and earlier is vulnerable to an input validation (embedded newlines) in the get_process_ttyname()…
CVE-2002-0184 — CVSS 7.8 (high): Sudo before 1.6.6 contains an off-by-one error that can result in a heap-based buffer overflow that may allow local users to gain root…
CVE-2005-4890 — CVSS 7.8 (high): There is a possible tty hijacking in shadow 4.x before 4.1.5 and sudo 1.x before 1.7.4 via "su - user -c program". The user session can be…
CVE-2019-18634 — CVSS 7.8 (high): In Sudo before 1.8.26, if pwfeedback is enabled in /etc/sudoers, users can trigger a stack-based buffer overflow in the privileged sudo…
CVE-2021-23240 — CVSS 7.8 (high): selinux_edit_copy_tfiles in sudoedit in Sudo before 1.9.5 allows a local unprivileged user to gain file ownership and escalate privileges…
CVE-2023-22809 — CVSS 7.8 (high): In Sudo before 1.9.12p2, the sudoedit (aka -e) feature mishandles extra arguments passed in the user-provided environment variables…
CVE-2026-35535 — CVSS 7.4 (high): In Sudo through 1.9.17p2 before 3e474c2, a failure of a setuid, setgid, or setgroups call, during a privilege drop before running the…
CVE-2015-5602 — CVSS 7.2 (high): sudoedit in Sudo before 1.8.15 allows local users to gain privileges via a symlink attack on a file whose full path is defined using…
CVE-2022-43995 — CVSS 7.1 (high): Sudo 1.8.0 through 1.9.12, with the crypt() password backend, contains a plugins/sudoers/auth/passwd.c array-out-of-bounds error that can…
CVE-2023-42465 — CVSS 7.0 (high): Sudo before 1.9.15 might allow row hammer attacks (for authentication bypass or privilege escalation) because application logic sometimes…
CVE-2015-8239 — CVSS 7.0 (high): The SHA-2 digest support in the sudoers plugin in sudo after 1.8.7 allows local users with write permissions to parts of the called command…
CVE-2019-18684 — CVSS 7.0 (high): Sudo through 1.8.29 allows local users to escalate to root if they have write access to file descriptor 3 of the sudo process. This occurs…
CVE-2023-7090 — CVSS 6.6 (medium): A flaw was found in sudo in the handling of ipa_hostname, where ipa_hostname from /etc/sssd/sssd.conf was not propagated in sudo…
CVE-2017-1000367 — CVSS 6.4 (medium): Todd Miller's sudo version 1.8.20 and earlier is vulnerable to an input validation (embedded spaces) in the get_process_ttyname() function…
CVE-2016-7076 — CVSS 6.4 (medium): sudo before version 1.8.18p1 is vulnerable to a bypass in the sudo noexec restriction if application run via sudo executed wordexp() C…
CVE-2014-9680 — CVSS 3.3 (low): sudo before 1.8.12 does not ensure that the TZ environment variable is associated with a zoneinfo file, which allows local users to open…
CVE-2025-32462 — CVSS 2.8 (low): Sudo before 1.9.17p1, when used with a sudoers file that specifies a host that is neither the current host nor ALL, allows listed users to…
CVE-2021-23239 — CVSS 2.5 (low): The sudoedit personality of Sudo before 1.9.5 may allow a local unprivileged user to perform arbitrary directory-existence tests by winning…