#ExploitObserverAlert
CVE-2022-27191
DESCRIPTION: Exploit Observer has 24 entries related to CVE-2022-27191. The golang.org/x/crypto/ssh package before 0.0.0-20220314234659-1baeb1ce4c0b for Go allows an attacker to crash a server in certain circumstances involving AddHostKey.
FIRST-EPSS: 0.002530000
NVD-IS: 3.6
NVD-ES: 3.9
CVE-2022-27191
DESCRIPTION: Exploit Observer has 24 entries related to CVE-2022-27191. The golang.org/x/crypto/ssh package before 0.0.0-20220314234659-1baeb1ce4c0b for Go allows an attacker to crash a server in certain circumstances involving AddHostKey.
FIRST-EPSS: 0.002530000
NVD-IS: 3.6
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2022-36760
DESCRIPTION: Exploit Observer has 9 entries related to CVE-2022-36760. Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') vulnerability in mod_proxy_ajp of Apache HTTP Server allows an attacker to smuggle requests to the AJP server it forwards requests to. This issue affects Apache HTTP Server Apache HTTP Server 2.4 version 2.4.54 and prior versions.
FIRST-EPSS: 0.013020000
NVD-IS: 6.0
NVD-ES: 2.2
CVE-2022-36760
DESCRIPTION: Exploit Observer has 9 entries related to CVE-2022-36760. Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') vulnerability in mod_proxy_ajp of Apache HTTP Server allows an attacker to smuggle requests to the AJP server it forwards requests to. This issue affects Apache HTTP Server Apache HTTP Server 2.4 version 2.4.54 and prior versions.
FIRST-EPSS: 0.013020000
NVD-IS: 6.0
NVD-ES: 2.2
#ExploitObserverAlert
CVE-2012-4360
DESCRIPTION: Exploit Observer has 4 entries related to CVE-2012-4360. Cross-site scripting (XSS) vulnerability in the mod_pagespeed module 0.10.19.1 through 0.10.22.4 for the Apache HTTP Server allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
FIRST-EPSS: 0.002000000
NVD-IS: 2.9
NVD-ES: 8.6
CVE-2012-4360
DESCRIPTION: Exploit Observer has 4 entries related to CVE-2012-4360. Cross-site scripting (XSS) vulnerability in the mod_pagespeed module 0.10.19.1 through 0.10.22.4 for the Apache HTTP Server allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
FIRST-EPSS: 0.002000000
NVD-IS: 2.9
NVD-ES: 8.6
#ExploitObserverAlert
CVE-2022-22978
DESCRIPTION: Exploit Observer has 34 entries related to CVE-2022-22978. In spring security versions prior to 5.4.11 , 5.5.7 , 5.6.4 and older unsupported versions, RegexRequestMatcher can easily be misconfigured to be bypassed on some servlet containers. Applications using RegexRequestMatcher with `.` in the regular expression are possibly vulnerable to an authorization bypass.
FIRST-EPSS: 0.011580000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2022-22978
DESCRIPTION: Exploit Observer has 34 entries related to CVE-2022-22978. In spring security versions prior to 5.4.11 , 5.5.7 , 5.6.4 and older unsupported versions, RegexRequestMatcher can easily be misconfigured to be bypassed on some servlet containers. Applications using RegexRequestMatcher with `.` in the regular expression are possibly vulnerable to an authorization bypass.
FIRST-EPSS: 0.011580000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2022-37436
DESCRIPTION: Exploit Observer has 9 entries related to CVE-2022-37436. Prior to Apache HTTP Server 2.4.55, a malicious backend can cause the response headers to be truncated early, resulting in some headers being incorporated into the response body. If the later headers have any security purpose, they will not be interpreted by the client.
FIRST-EPSS: 0.000440000
NVD-IS: 1.4
NVD-ES: 3.9
CVE-2022-37436
DESCRIPTION: Exploit Observer has 9 entries related to CVE-2022-37436. Prior to Apache HTTP Server 2.4.55, a malicious backend can cause the response headers to be truncated early, resulting in some headers being incorporated into the response body. If the later headers have any security purpose, they will not be interpreted by the client.
FIRST-EPSS: 0.000440000
NVD-IS: 1.4
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2012-3526
DESCRIPTION: Exploit Observer has 7 entries related to CVE-2012-3526. The reverse proxy add forward module (mod_rpaf) 0.5 and 0.6 for the Apache HTTP Server allows remote attackers to cause a denial of service (server or application crash) via multiple X-Forwarded-For headers in a request.
FIRST-EPSS: 0.037610000
NVD-IS: 2.9
NVD-ES: 10.0
CVE-2012-3526
DESCRIPTION: Exploit Observer has 7 entries related to CVE-2012-3526. The reverse proxy add forward module (mod_rpaf) 0.5 and 0.6 for the Apache HTTP Server allows remote attackers to cause a denial of service (server or application crash) via multiple X-Forwarded-For headers in a request.
FIRST-EPSS: 0.037610000
NVD-IS: 2.9
NVD-ES: 10.0
#ExploitObserverAlert
CVE-2023-38817
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-38817. An issue in Inspect Element Ltd Echo.ac v.5.2.1.0 allows a local attacker to gain privileges via a crafted command to the echo_driver.sys component. NOTE: the vendor's position is that the reported ability for user-mode applications to execute code as NT AUTHORITY\SYSTEM was "deactivated by Microsoft itself."
FIRST-EPSS: 0.000420000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2023-38817
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-38817. An issue in Inspect Element Ltd Echo.ac v.5.2.1.0 allows a local attacker to gain privileges via a crafted command to the echo_driver.sys component. NOTE: the vendor's position is that the reported ability for user-mode applications to execute code as NT AUTHORITY\SYSTEM was "deactivated by Microsoft itself."
FIRST-EPSS: 0.000420000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2008-5161
DESCRIPTION: Exploit Observer has 53 entries related to CVE-2008-5161. Error handling in the SSH protocol in (1) SSH Tectia Client and Server and Connector 4.0 through 4.4.11, 5.0 through 5.2.4, and 5.3 through 5.3.8; Client and Server and ConnectSecure 6.0 through 6.0.4; Server for Linux on IBM System z 6.0.4; Server for IBM z/OS 5.5.1 and earlier, 6.0.0, and 6.0.1; and Client 4.0-J through 4.3.3-J and 4.0-K through 4.3.10-K; and (2) OpenSSH 4.7p1 and possibly other versions, when using a block cipher algorithm in Cipher Block Chaining (CBC) mode, makes it easier for remote attackers to recover certain plaintext data from an arbitrary block of ciphertext in an SSH session via unknown vectors.
FIRST-EPSS: 0.010490000
NVD-IS: 2.9
NVD-ES: 4.9
CVE-2008-5161
DESCRIPTION: Exploit Observer has 53 entries related to CVE-2008-5161. Error handling in the SSH protocol in (1) SSH Tectia Client and Server and Connector 4.0 through 4.4.11, 5.0 through 5.2.4, and 5.3 through 5.3.8; Client and Server and ConnectSecure 6.0 through 6.0.4; Server for Linux on IBM System z 6.0.4; Server for IBM z/OS 5.5.1 and earlier, 6.0.0, and 6.0.1; and Client 4.0-J through 4.3.3-J and 4.0-K through 4.3.10-K; and (2) OpenSSH 4.7p1 and possibly other versions, when using a block cipher algorithm in Cipher Block Chaining (CBC) mode, makes it easier for remote attackers to recover certain plaintext data from an arbitrary block of ciphertext in an SSH session via unknown vectors.
FIRST-EPSS: 0.010490000
NVD-IS: 2.9
NVD-ES: 4.9
#ExploitObserverAlert
CVE-2023-43794
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2023-43794. Nocodb is an open source Airtable alternative. Affected versions of nocodb contain a SQL injection vulnerability, that allows an authenticated attacker with creator access to query the underlying database. By supplying a specially crafted payload to the given an attacker can inject arbitrary SQL queries to be executed. Since this is a blind SQL injection, an attacker may need to use time-based payloads which would include a function to delay execution for a given number of seconds. The response time indicates, whether the result of the query execution was true or false. Depending on the result, the HTTP response will be returned after a given number of seconds, indicating TRUE, or immediately, indicating FALSE. In that way, an attacker can reveal the data present in the database. This vulnerability has been addressed in version 0.111.0. Users are advised to upgrade. There are no known workarounds for this vulnerability. This issue is also tracked as `GHSL-2023-141`.
FIRST-EPSS: 0.000540000
NVD-IS: 3.6
NVD-ES: 1.2
CVE-2023-43794
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2023-43794. Nocodb is an open source Airtable alternative. Affected versions of nocodb contain a SQL injection vulnerability, that allows an authenticated attacker with creator access to query the underlying database. By supplying a specially crafted payload to the given an attacker can inject arbitrary SQL queries to be executed. Since this is a blind SQL injection, an attacker may need to use time-based payloads which would include a function to delay execution for a given number of seconds. The response time indicates, whether the result of the query execution was true or false. Depending on the result, the HTTP response will be returned after a given number of seconds, indicating TRUE, or immediately, indicating FALSE. In that way, an attacker can reveal the data present in the database. This vulnerability has been addressed in version 0.111.0. Users are advised to upgrade. There are no known workarounds for this vulnerability. This issue is also tracked as `GHSL-2023-141`.
FIRST-EPSS: 0.000540000
NVD-IS: 3.6
NVD-ES: 1.2
#ExploitObserverAlert
CVE-2018-18535
DESCRIPTION: Exploit Observer has 6 entries related to CVE-2018-18535. The Asusgio low-level driver in ASUS Aura Sync v1.07.22 and earlier exposes functionality to read and write Machine Specific Registers (MSRs). This could be leveraged to execute arbitrary ring-0 code.
FIRST-EPSS: 0.000640000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2018-18535
DESCRIPTION: Exploit Observer has 6 entries related to CVE-2018-18535. The Asusgio low-level driver in ASUS Aura Sync v1.07.22 and earlier exposes functionality to read and write Machine Specific Registers (MSRs). This could be leveraged to execute arbitrary ring-0 code.
FIRST-EPSS: 0.000640000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2013-0941
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2013-0941. EMC RSA Authentication API before 8.1 SP1, RSA Web Agent before 5.3.5 for Apache Web Server, RSA Web Agent before 5.3.5 for IIS, RSA PAM Agent before 7.0, and RSA Agent before 6.1.4 for Microsoft Windows use an improper encryption algorithm and a weak key for maintaining the stored data of the node secret for the SecurID Authentication API, which allows local users to obtain sensitive information via cryptographic attacks on this data.
FIRST-EPSS: 0.000420000
NVD-IS: 2.9
NVD-ES: 3.9
CVE-2013-0941
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2013-0941. EMC RSA Authentication API before 8.1 SP1, RSA Web Agent before 5.3.5 for Apache Web Server, RSA Web Agent before 5.3.5 for IIS, RSA PAM Agent before 7.0, and RSA Agent before 6.1.4 for Microsoft Windows use an improper encryption algorithm and a weak key for maintaining the stored data of the node secret for the SecurID Authentication API, which allows local users to obtain sensitive information via cryptographic attacks on this data.
FIRST-EPSS: 0.000420000
NVD-IS: 2.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2021-43565
DESCRIPTION: Exploit Observer has 7 entries related to CVE-2021-43565. The x/crypto/ssh package before 0.0.0-20211202192323-5770296d904e of golang.org/x/crypto allows an attacker to panic an SSH server.
FIRST-EPSS: 0.000740000
NVD-IS: 3.6
NVD-ES: 3.9
CVE-2021-43565
DESCRIPTION: Exploit Observer has 7 entries related to CVE-2021-43565. The x/crypto/ssh package before 0.0.0-20211202192323-5770296d904e of golang.org/x/crypto allows an attacker to panic an SSH server.
FIRST-EPSS: 0.000740000
NVD-IS: 3.6
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2023-46747
DESCRIPTION: Exploit Observer has 12 entries related to CVE-2023-46747.
Undisclosed requests may bypass configuration utility authentication, allowing an attacker with network access to the BIG-IP system through the management port and/or self IP addresses to execute arbitrary system commands. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated
FIRST-EPSS: 0.969840000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2023-46747
DESCRIPTION: Exploit Observer has 12 entries related to CVE-2023-46747.
Undisclosed requests may bypass configuration utility authentication, allowing an attacker with network access to the BIG-IP system through the management port and/or self IP addresses to execute arbitrary system commands. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated
FIRST-EPSS: 0.969840000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2013-0942
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2013-0942. Cross-site scripting (XSS) vulnerability in EMC RSA Authentication Agent 7.1 before 7.1.1 for Web for Internet Information Services, and 7.1 before 7.1.1 for Web for Apache, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
FIRST-EPSS: 0.001460000
NVD-IS: 2.9
NVD-ES: 8.6
CVE-2013-0942
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2013-0942. Cross-site scripting (XSS) vulnerability in EMC RSA Authentication Agent 7.1 before 7.1.1 for Web for Internet Information Services, and 7.1 before 7.1.1 for Web for Apache, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
FIRST-EPSS: 0.001460000
NVD-IS: 2.9
NVD-ES: 8.6
#ExploitObserverAlert
CVE-2023-36802
DESCRIPTION: Exploit Observer has 13 entries related to CVE-2023-36802. Microsoft Streaming Service Proxy Elevation of Privilege Vulnerability
FIRST-EPSS: 0.000540000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2023-36802
DESCRIPTION: Exploit Observer has 13 entries related to CVE-2023-36802. Microsoft Streaming Service Proxy Elevation of Privilege Vulnerability
FIRST-EPSS: 0.000540000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2023-27522
DESCRIPTION: Exploit Observer has 14 entries related to CVE-2023-27522. HTTP Response Smuggling vulnerability in Apache HTTP Server via mod_proxy_uwsgi. This issue affects Apache HTTP Server: from 2.4.30 through 2.4.55.
Special characters in the origin response header can truncate/split the response forwarded to the client.
FIRST-EPSS: 0.005500000
NVD-IS: 3.6
NVD-ES: 3.9
CVE-2023-27522
DESCRIPTION: Exploit Observer has 14 entries related to CVE-2023-27522. HTTP Response Smuggling vulnerability in Apache HTTP Server via mod_proxy_uwsgi. This issue affects Apache HTTP Server: from 2.4.30 through 2.4.55.
Special characters in the origin response header can truncate/split the response forwarded to the client.
FIRST-EPSS: 0.005500000
NVD-IS: 3.6
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2023-25690
DESCRIPTION: Exploit Observer has 65 entries related to CVE-2023-25690. Some mod_proxy configurations on Apache HTTP Server versions 2.4.0 through 2.4.55 allow a HTTP Request Smuggling attack.
Configurations are affected when mod_proxy is enabled along with some form of RewriteRule
or ProxyPassMatch in which a non-specific pattern matches
some portion of the user-supplied request-target (URL) data and is then
re-inserted into the proxied request-target using variable
substitution. For example, something like:
RewriteEngine on
RewriteRule "^/here/(.*)" "http://example.com:8080/elsewhere?$1"; [P]
ProxyPassReverse /here/ http://example.com:8080/
Request splitting/smuggling could result in bypass of access controls in the proxy server, proxying unintended URLs to existing origin servers, and cache poisoning. Users are recommended to update to at least version 2.4.56 of Apache HTTP Server.
FIRST-EPSS: 0.032570000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2023-25690
DESCRIPTION: Exploit Observer has 65 entries related to CVE-2023-25690. Some mod_proxy configurations on Apache HTTP Server versions 2.4.0 through 2.4.55 allow a HTTP Request Smuggling attack.
Configurations are affected when mod_proxy is enabled along with some form of RewriteRule
or ProxyPassMatch in which a non-specific pattern matches
some portion of the user-supplied request-target (URL) data and is then
re-inserted into the proxied request-target using variable
substitution. For example, something like:
RewriteEngine on
RewriteRule "^/here/(.*)" "http://example.com:8080/elsewhere?$1"; [P]
ProxyPassReverse /here/ http://example.com:8080/
Request splitting/smuggling could result in bypass of access controls in the proxy server, proxying unintended URLs to existing origin servers, and cache poisoning. Users are recommended to update to at least version 2.4.56 of Apache HTTP Server.
FIRST-EPSS: 0.032570000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2012-4001
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2012-4001. The mod_pagespeed module before 0.10.22.6 for the Apache HTTP Server does not properly verify its host name, which allows remote attackers to trigger HTTP requests to arbitrary hosts via unspecified vectors, as demonstrated by requests to intranet servers.
FIRST-EPSS: 0.001140000
NVD-IS: 2.9
NVD-ES: 10.0
CVE-2012-4001
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2012-4001. The mod_pagespeed module before 0.10.22.6 for the Apache HTTP Server does not properly verify its host name, which allows remote attackers to trigger HTTP requests to arbitrary hosts via unspecified vectors, as demonstrated by requests to intranet servers.
FIRST-EPSS: 0.001140000
NVD-IS: 2.9
NVD-ES: 10.0
#ExploitObserverAlert
CVE-2022-29464
DESCRIPTION: Exploit Observer has 92 entries related to CVE-2022-29464. Certain WSO2 products allow unrestricted file upload with resultant remote code execution. The attacker must use a /fileupload endpoint with a Content-Disposition directory traversal sequence to reach a directory under the web root, such as a ../../../../repository/deployment/server/webapps directory. This affects WSO2 API Manager 2.2.0 up to 4.0.0, WSO2 Identity Server 5.2.0 up to 5.11.0, WSO2 Identity Server Analytics 5.4.0, 5.4.1, 5.5.0 and 5.6.0, WSO2 Identity Server as Key Manager 5.3.0 up to 5.11.0, WSO2 Enterprise Integrator 6.2.0 up to 6.6.0, WSO2 Open Banking AM 1.4.0 up to 2.0.0 and WSO2 Open Banking KM 1.4.0, up to 2.0.0.
FIRST-EPSS: 0.973460000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2022-29464
DESCRIPTION: Exploit Observer has 92 entries related to CVE-2022-29464. Certain WSO2 products allow unrestricted file upload with resultant remote code execution. The attacker must use a /fileupload endpoint with a Content-Disposition directory traversal sequence to reach a directory under the web root, such as a ../../../../repository/deployment/server/webapps directory. This affects WSO2 API Manager 2.2.0 up to 4.0.0, WSO2 Identity Server 5.2.0 up to 5.11.0, WSO2 Identity Server Analytics 5.4.0, 5.4.1, 5.5.0 and 5.6.0, WSO2 Identity Server as Key Manager 5.3.0 up to 5.11.0, WSO2 Enterprise Integrator 6.2.0 up to 6.6.0, WSO2 Open Banking AM 1.4.0 up to 2.0.0 and WSO2 Open Banking KM 1.4.0, up to 2.0.0.
FIRST-EPSS: 0.973460000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2022-22965
DESCRIPTION: Exploit Observer has 359 entries related to CVE-2022-22965. A Spring MVC or Spring WebFlux application running on JDK 9 may be vulnerable to remote code execution (RCE) via data binding. The specific exploit requires the application to run on Tomcat as a WAR deployment. If the application is deployed as a Spring Boot executable jar, i.e. the default, it is not vulnerable to the exploit. However, the nature of the vulnerability is more general, and there may be other ways to exploit it.
FIRST-EPSS: 0.975020000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2022-22965
DESCRIPTION: Exploit Observer has 359 entries related to CVE-2022-22965. A Spring MVC or Spring WebFlux application running on JDK 9 may be vulnerable to remote code execution (RCE) via data binding. The specific exploit requires the application to run on Tomcat as a WAR deployment. If the application is deployed as a Spring Boot executable jar, i.e. the default, it is not vulnerable to the exploit. However, the nature of the vulnerability is more general, and there may be other ways to exploit it.
FIRST-EPSS: 0.975020000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2022-37454
DESCRIPTION: Exploit Observer has 21 entries related to CVE-2022-37454. The Keccak XKCP SHA-3 reference implementation before fdc6fef has an integer overflow and resultant buffer overflow that allows attackers to execute arbitrary code or eliminate expected cryptographic properties. This occurs in the sponge function interface.
FIRST-EPSS: 0.010430000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2022-37454
DESCRIPTION: Exploit Observer has 21 entries related to CVE-2022-37454. The Keccak XKCP SHA-3 reference implementation before fdc6fef has an integer overflow and resultant buffer overflow that allows attackers to execute arbitrary code or eliminate expected cryptographic properties. This occurs in the sponge function interface.
FIRST-EPSS: 0.010430000
NVD-IS: 5.9
NVD-ES: 3.9