rick-ridgley

Original report

Affected Vendor: OpenPrinting
Affected Product: Several components of the CUPS printing system: cups-browsed, libppd, libcupsfilters and cups-filters.
Affected Version: All versions <= 2.0.1 (latest release) and master.
Significant ICS/OT impact? no
Reporter: Simone Margaritelli [evilsocket@gmail.com]
Vendor contacted? yes The vendor has been notified trough Github Advisories and all bugs have been confirmed:

Developing Kids - a Retrospective

This is a link aggregation for things discussed at Bill's 2024 Developing Kids CodeMash talk

app_name	repo	electron_version	vulnerable
1Clipboard	https://github.com/wiziple/1clipboard
1Password	None	25.8.1	FALSE
3CX Desktop App		19.0.8	TRUE
5EClient	None
Abstract	None
Account Surfer	None
Advanced REST Client	https://github.com/advanced-rest-client/arc-electron	^17.0.0	TRUE
Aedron Shrine	None
Aeon	https://github.com/leinelissen/aeon	23.2.0	TRUE

Security Advisories / Bulletins / vendors Responses linked to Log4Shell (CVE-2021-44228)

If you want to add a link, comment or send it to me
Feel free to report any mistake directly below in the comment or in DM on Twitter @SwitHak

Royce Williams list sorted by vendors responses Royce List
Very detailed list NCSC-NL
The list maintained by U.S. Cybersecurity and Infrastructure Security Agency: CISA List

	{
	"Tables": [
	{
	"Schema": [
	{
	"Description": "Date and time when the record was generated",
	"Type": "DateTime",
	"Entity": null,
	"Name": "Timestamp"
	},

	### This assumes you have a credential file called BreachData.txt in the format of email:password, one per line
	# Setup and start Clickhouse
	mkdir clickhouse && cd clickhouse
	curl https://clickhouse.com/ \| sh
	./clickhouse server

	# IN A NEW TERMINAL
	# Create and populate the database (assumes the cred file is one level up)
	./clickhouse client 'CREATE DATABASE creds'
	./clickhouse client 'CREATE TABLE creds.logins(`email` String,`password` String) ENGINE = MergeTree ORDER BY email'

	// 3D Dom viewer, copy-paste this into your console to visualise the DOM as a stack of solid blocks.
	// You can also minify and save it as a bookmarklet (https://www.freecodecamp.org/news/what-are-bookmarklets/)
	(() => {
	const SHOW_SIDES = false; // color sides of DOM nodes?
	const COLOR_SURFACE = true; // color tops of DOM nodes?
	const COLOR_RANDOM = false; // randomise color?
	const COLOR_HUE = 190; // hue in HSL (https://hslpicker.com)
	const MAX_ROTATION = 180; // set to 360 to rotate all the way round
	const THICKNESS = 20; // thickness of layers
	const DISTANCE = 10000; // ¯\\_(ツ)_/¯

	@echo off
	:: https://privacy.sexy — v0.11.4 — Sun, 15 Jan 2023 10:23:12 GMT
	:: Ensure admin privileges
	fltmc >nul 2>&1 \|\| (
	echo Administrator privileges are required.
	PowerShell Start -Verb RunAs '%0' 2> nul \|\| (
	echo Right-click on the script and select "Run as administrator".
	pause & exit 1
	)
	exit 0



	echo ""
	echo "********** Github Dork Links (must be logged in) *****************"
	echo ""
	echo " password"
	echo "https://github.com/search?q="hackertarget.site"+password&type=Code"
	echo "https://github.com/search?q=""hackertarget""+password&type=Code"
	echo ""
	echo " npmrc _auth"

	- name: awss3
	type: regex
	regex:
	- '[a-zA-Z0-9.-]+\.s3\.amazonaws\.com'
	- 's3://([^/]+)'
	- '[a-zA-Z0-9.-]+.s3\.[a-zA-Z0-9.-]+\.amazonaws\.com'
	- '[a-zA-Z0-9.-]+\.s3-website-[a-z0-9-]+\.amazonaws\.com'
	- '[a-zA-Z0-9.-]+\.s3\.amazonaws\.com'

	- name: awsapps