UBUNTU-CVE-2025-32462

Sudo before 1.9.17p1, when used with a sudoers file that specifies a host that is neither the current host nor ALL, allows listed users to execute commands on unintended machines...

UBUNTU-CVE-2014-5209

An Information Disclosure vulnerability exists in NTP 4.2.7p25 private mode 6/7 messages via a GETRESTRICT control message, which could let a malicious user obtain sensitive information...

CVE-2019-6445

An issue was discovered in NTPsec before 1.1.3. An authenticated attacker can cause a NULL pointer dereference and ntpd crash in ntpcontrol.c, related to ctlgetitem...

Linux (Ubuntu) - Other Users coredumps Can Be Read via setgid Directory and killpriv Bypass

Linux Ubuntu - Other Users coredumps Can Be Read via setgid Directory and killpriv Bypass / Note: I am both sending this bug report to [email protected] and filing it in the Ubuntu bugtracker because I can't tell whether this counts as a kernel bug or as a Ubuntu bug. You may wish to talk to ea...

CVE-2017-11421

gnome-exe-thumbnailer before 0.9.5 is prone to a VBScript Injection when generating thumbnails for MSI files, aka the "Bad Taste" issue. There is a local attack if the victim uses the GNOME Files file manager, and navigates to a directory containing a .msi file with VBScript code in its filename...

CVE-2012-2395

Incomplete blacklist vulnerability in actionpower.py in Cobbler 2.2.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the 1 username or 2 password fields to the powersystem method in the xmlrpc API...

CVE-2012-1166

The default keybindings for wwm in LTSP Display Manager ldm 2.2.x before 2.2.7 allow remote attackers to execute arbitrary commands via the KPRETURN keybinding, which launches a terminal window...

CVE-2011-0495

Stack-based buffer overflow in the asturiencode function in main/utils.c in Asterisk Open Source before 1.4.38.1, 1.4.39.1, 1.6.1.21, 1.6.2.15.1, 1.6.2.16.1, 1.8.1.2, 1.8.2.; and Business Edition before C.3.6.2; when running in pedantic mode allows remote authenticated users to execute arbitrary...

CVE-2010-3387

vdrleaktest in Video Disk Recorder VDR 1.6.0 places a zero-length directory name in the LDLIBRARYPATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory. NOTE: a third party disputes this issue because the script erroneously uses a...

CVE-2010-0009

Apache CouchDB 0.8.0 through 0.10.1 allows remote attackers to obtain sensitive information by measuring the completion time of operations that verify 1 hashes or 2 passwords...

Geany .18 - Local File Overwrite

Geany .18 - Local File Overwrite !/bin/sh redbull.sh AKA Geany 0.18 Local File Overwrite Exploit Jeremy Brown [email protected]//jbrownsec.blogspot.com//krakowlabs.com 10.06.2009 I was checking out some IDEs and decided on Geany. Nice interface, good features, but it doesn't defend against...

Geany .18 - Local File Overwrite

!/bin/sh redbull.sh AKA Geany 0.18 Local File Overwrite Exploit Jeremy Brown [email protected]//jbrownsec.blogspot.com//krakowlabs.com 10.06.2009 I was checking out some IDEs and decided on Geany. Nice interface, good features, but it doesn't defend against symbolic links when writing the run...

CVE-2008-1801

Integer underflow in the isorecvmsg function iso.c in rdesktop 1.5.0 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a Remote Desktop Protocol RDP request with a small length field...