CVE-2019-14287 is a vulnerability affecting versions of sudo < 1.8.28 which can allow users with sudo privileges to circumvent restrictions and become root.
This post is a worked example of exploiting this vulnerability.
HPCsec have identified a vulnerability in PBS Pro which allows for arbitrary code execution on any node running the pbs_mom service. This vulnerability can be exploited by anyone in a position to communicate with the pbs_mom service from an authorized node within the cluster. Exploitation of this issue allows for arbitrary code execution as any other user including as root, even in installations where root is not permitted to submit jobs.