Ubuntu Security Notice 4340-1 - It was discovered that CUPS incorrectly handled certain language values. A local attacker could possibly use this issue to cause CUPS to crash, leading to a denial of service, or possibly obtain sensitive information. This issue only applied to Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 19.10. Stephan Zeisberg discovered that CUPS incorrectly handled certain malformed ppd files. A local attacker could possibly use this issue to execute arbitrary code. Various other issues were also addressed.
ccfd27d16a20c2accb7df3037e5f1940fecb8a018bc426b2324a65ea0a940d99
Ubuntu Security Notice 4332-2 - USN-4332-1 fixed vulnerabilities in File Roller. This update provides the corresponding update for Ubuntu 20.04 LTS. It was discovered that File Roller incorrectly handled symlinks. An attacker could possibly use this issue to expose sensitive information.
4788ccc8c468f49f1ab170252efde183c81d0510664b3538867867134fb4f7dc
Source Engine CS:GO BuildID: 4937372 arbitrary code execution exploit.
ffd749992e5cb493cb63add16c6e88efcfea4c67c1c4ca5e4e2fc218d45b13ac
CloudMe version 1.11.2 buffer overflow proof of concept exploit. Original vulnerability discovered by hyp3rlinx.
ed65bed8b662b7e2d11fe184fc29b26b92fddd08fc3a706685a4125ca60acc16
This tool enumerates hostnames from Bing.com for an IP address. Bing.com is Microsoft's search engine which has an IP: search parameter. Written in Bash for Linux. Requires wget.
1edf0c378bb51329cb87cf581499ceb5bf11db8419e73a8fb388b9e4cee169fc
This Metasploit module exploit leverages a vulnerability in Docker Desktop Community Edition versions prior to 2.1.0.1 where an attacker can write a payload to a lower-privileged area to be executed automatically by the docker user at login.
eaa66458a1be58495d72ac8518ba2b5c7ce4adda66caa2a735da2834489bbc19
Ubuntu Security Notice 4339-1 - Brandon Perry discovered that OpenEXR incorrectly handled certain malformed EXR image files. If a user were tricked into opening a crafted EXR image file, a remote attacker could cause a denial of service, or possibly execute arbitrary code. This issue only applied to Ubuntu 20.04 LTS. Tan Jie discovered that OpenEXR incorrectly handled certain malformed EXR image files. If a user were tricked into opening a crafted EXR image file, a remote attacker could cause a denial of service, or possibly execute arbitrary code. This issue only applied to Ubuntu 20.04 LTS. Various other issues were also addressed.
e426962a70c8b7a825343e78d2aa05c9659d4fa3b96aadd08d37b33f414c786e
Geeklog version 2.2.1 suffers from a remote SQL injection vulnerability.
3987cd81d2356bb96e526b3ae6284b3627084e01a5b51be5398a58f8623f4271
Maian Support Helpdesk version 4.3 suffers from a cross site request forgery vulnerability.
f732247ccd77724c59068dc011d5274b4885e3e2c6c70dc88526101f88b9bf95
Online Course Registration 2.0 suffers from authentication bypass and remote SQL injection vulnerabilities.
26afb62846a4c92f004b9a7cac3b03d936d7e88b0188192473b7c8520d10e860
Online Shopping System Advanced version 1.0 suffers from a remote SQL injection vulnerability.
efd5a9f3f1e40344af3a00a4925ab9ad0d45b69728c9be5f76f013c50f4795fb
Geeklog version 2.2.1 suffers from a cross site scripting vulnerability.
f09b4321392d46cac96cfb38a413370b837f5d321c2ff8238902c285c9a2ac84
Netis E1+ version 1.2.32533 suffers from an unauthenticated wifi password disclosure vulnerability.
22c6eed82cd184d674f9e862a3b0574408ff7a45a255bcccda54e918885ea94b
PHP-Fusion version 9.03.50 suffers from an arbitrary file upload vulnerability.
69aa4aacb58fc312485978e341d93b5ea3b1cb194a17714065b2bf439c337cd5
Netis E1+ version 1.2.32533 suffers from having a hardcoded backdoor root account.
101f5f9d63572b971009ec923cb7dab35a4b35023571d98fe8be367bfe672fe6