Exploits PDF + JavaScript = MFT Corruption? By embedding specially crafted JS into a PDF, we can trigger a recently discovered vulnerability in the NTFS driver and potentially corrupt the MFT.
CVE CVE-2020-27985 - Security Onion - Local Privilege Escalation Security Onion V2 (prior to v2.3.10) has an incorrect sudo configuration, which allows local users to obtain root access by editing and executing /home/USERNAME/SecurityOnion/setup/so-setup without supplying a password.
CVE CVE-2020-13448 - QuickBox - Authenticated RCE/Privilege Escalation QuickBox CE <= v2.5.5 and QuickBox Pro <= 2.1.8 are both affected by an authenticated remote code execution (RCE) and privilege escalation vulnerability. A low-privileged user can execute arbitary commands on the server with the privileges of the user running the web server...