{"vulnerability": "CVE-2020-1570", "sightings": [{"uuid": "8d615156-6344-4297-ac22-65ef57741870", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1570", "type": "seen", "source": "MISP/f5030aca-7d5a-43a4-ae03-8f4ac8e85422", "content": "", "creation_timestamp": "2021-11-08T08:58:19.000000Z"}, {"uuid": "235948c3-88a7-42a1-b242-96317bc6b369", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-15705", "type": "seen", "source": "MISP/fde9c681-95fa-4561-81cb-2ed3099c8263", "content": "", "creation_timestamp": "2023-03-02T13:33:13.000000Z"}, {"uuid": "ba758fee-9768-4abc-808e-753220783213", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-15706", "type": "seen", "source": "MISP/fde9c681-95fa-4561-81cb-2ed3099c8263", "content": "", "creation_timestamp": "2023-03-02T13:33:13.000000Z"}, {"uuid": "c8d7eb21-57f7-41e7-aa19-2867df5e4485", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-15707", "type": "seen", "source": "MISP/fde9c681-95fa-4561-81cb-2ed3099c8263", "content": "", "creation_timestamp": "2023-03-02T13:33:13.000000Z"}, {"uuid": "1126769a-783b-409b-bb6f-f721a06304a7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-15702", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/1849", "content": "#exploit\nCVE-2020-15702:\nRace Condition vulnerability in handling of PID by apport in Ubuntu (PoC)\nhttps://flattsecurity.hatenablog.com/entry/2020/09/30/130844", "creation_timestamp": "2021-09-28T00:56:48.000000Z"}, {"uuid": "8671578b-6d92-4c17-95c2-0b37d911df86", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-15704", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/1704", "content": "CVE-2020-15704:\nUbuntu Desktop 20.04 - A local non-root attacker could exploit the MODPROBE_OPTIONS environment variable to read arbitrary root files\nhttps://www.synacktiv.com/en/publications/ubuntu-ppps-cve-2020-15704-wrap-up.html", "creation_timestamp": "2020-11-23T02:44:40.000000Z"}, {"uuid": "d9cd1c8f-29f2-435b-af4c-282eefebf153", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-15705", "type": "seen", "source": "https://t.me/cibsecurity/24938", "content": "\u203c CVE-2021-3418 \u203c\n\nIf certificates that signed grub are installed into db, grub can be booted directly. It will then boot any kernel without signature validation. The booted kernel will think it was booted in secureboot mode and will implement lockdown, yet it could have been tampered. This flaw is a reintroduction of CVE-2020-15705 and only affects grbu2 versions prior to 2.06 and upstream and distributions using the shim_lock mechanism.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-03-16T01:29:35.000000Z"}, {"uuid": "9dc80e6e-4aa7-497e-8dc7-332edf4f404e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-15704", "type": "published-proof-of-concept", "source": "https://t.me/canyoupwnme/6617", "content": "UBUNTU PPP'S CVE-2020-15704 WRAP-UP\nhttps://www.synacktiv.com/publications/ubuntu-ppps-cve-2020-15704-wrap-up", "creation_timestamp": "2020-09-05T09:00:00.000000Z"}, {"uuid": "bdc355a4-535d-40d8-986e-b5154cd8a860", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-15708", "type": "seen", "source": "https://t.me/cibsecurity/15962", "content": "\u203c CVE-2020-15708 \u203c\n\nUbuntu's packaging of libvirt in 20.04 LTS created a control socket with world read and write permissions. An attacker could use this to overwrite arbitrary files or execute arbitrary code.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-11-06T07:50:26.000000Z"}, {"uuid": "07ebca79-7e6c-4d35-a4f8-94b692182aa7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-15703", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/1997", "content": "CVE's in Ubuntu Desktop:\n- Aptdaemon Information Disclosure (CVE-2020-15703)\n- PackageKit Information Disclosure (CVE-2020-16121)\n- Blueman Local Privilege Escalation/DoS (CVE-2020-15238)\nhttps://www.eyecontrol.nl/blog/the-story-of-3-cves-in-ubuntu-desktop.html", "creation_timestamp": "2020-10-28T13:20:10.000000Z"}, {"uuid": "b9062e20-9eda-4424-9af0-3dd3d822fc8b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-15703", "type": "seen", "source": "https://t.me/cibsecurity/15756", "content": "\u203c CVE-2020-15703 \u203c\n\nThere is no input validation on the Locale property in an apt transaction. An unprivileged user can supply a full path to a writable directory, which lets aptd read a file as root. Having a symlink in place results in an error message if the file exists, and no error otherwise. This way an unprivileged user can check for the existence of any files on the system as root.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-11-01T13:43:38.000000Z"}]}