#ExploitObserverAlert
GHSA-w4pv-p6xf-qc53
DESCRIPTION: Exploit Observer has 119 entries related to GHSA-W4PV-P6XF-QC53.
GHSS: 9.8
GHSA-w4pv-p6xf-qc53
DESCRIPTION: Exploit Observer has 119 entries related to GHSA-W4PV-P6XF-QC53.
GHSS: 9.8
#ExploitObserverAlert
CVE-2017-1000028
DESCRIPTION: Exploit Observer has 10 entries related to CVE-2017-1000028. Oracle, GlassFish Server Open Source Edition 4.1 is vulnerable to both authenticated and unauthenticated Directory Traversal vulnerability, that can be exploited by issuing a specially crafted HTTP GET request.
FIRST-EPSS: 0.975160000
NVD-IS: 3.6
NVD-ES: 3.9
CVE-2017-1000028
DESCRIPTION: Exploit Observer has 10 entries related to CVE-2017-1000028. Oracle, GlassFish Server Open Source Edition 4.1 is vulnerable to both authenticated and unauthenticated Directory Traversal vulnerability, that can be exploited by issuing a specially crafted HTTP GET request.
FIRST-EPSS: 0.975160000
NVD-IS: 3.6
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2023-28432
DESCRIPTION: Exploit Observer has 42 entries related to CVE-2023-28432. Minio is a Multi-Cloud Object Storage framework. In a cluster deployment starting with RELEASE.2019-12-17T23-16-33Z and prior to RELEASE.2023-03-20T20-16-18Z, MinIO returns all environment variables, including `MINIO_SECRET_KEY` and `MINIO_ROOT_PASSWORD`, resulting in information disclosure. All users of distributed deployment are impacted. All users are advised to upgrade to RELEASE.2023-03-20T20-16-18Z.
FIRST-EPSS: 0.156100000
NVD-IS: 3.6
NVD-ES: 3.9
CVE-2023-28432
DESCRIPTION: Exploit Observer has 42 entries related to CVE-2023-28432. Minio is a Multi-Cloud Object Storage framework. In a cluster deployment starting with RELEASE.2019-12-17T23-16-33Z and prior to RELEASE.2023-03-20T20-16-18Z, MinIO returns all environment variables, including `MINIO_SECRET_KEY` and `MINIO_ROOT_PASSWORD`, resulting in information disclosure. All users of distributed deployment are impacted. All users are advised to upgrade to RELEASE.2023-03-20T20-16-18Z.
FIRST-EPSS: 0.156100000
NVD-IS: 3.6
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2023-28017
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-28017.
CVE-2023-28017
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-28017.
#ExploitObserverAlert
CVE-2023-24078
DESCRIPTION: Exploit Observer has 7 entries related to CVE-2023-24078. Real Time Logic FuguHub v8.1 and earlier was discovered to contain a remote code execution (RCE) vulnerability via the component /FuguHub/cmsdocs/.
FIRST-EPSS: 0.003400000
NVD-IS: 5.9
NVD-ES: 2.8
CVE-2023-24078
DESCRIPTION: Exploit Observer has 7 entries related to CVE-2023-24078. Real Time Logic FuguHub v8.1 and earlier was discovered to contain a remote code execution (RCE) vulnerability via the component /FuguHub/cmsdocs/.
FIRST-EPSS: 0.003400000
NVD-IS: 5.9
NVD-ES: 2.8
#ExploitObserverAlert
GHSA-rqpg-32gg-fvxh
DESCRIPTION: Exploit Observer has 2 entries related to GHSA-RQPG-32GG-FVXH.
GHSS: 7.3
GHSA-rqpg-32gg-fvxh
DESCRIPTION: Exploit Observer has 2 entries related to GHSA-RQPG-32GG-FVXH.
GHSS: 7.3
#ExploitObserverAlert
CVE-2022-45362
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2022-45362.
CVE-2022-45362
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2022-45362.
#ExploitObserverAlert
CVE-2010-0738
DESCRIPTION: Exploit Observer has 30 entries related to CVE-2010-0738. The JMX-Console web application in JBossAs in Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.2 before 4.2.0.CP09 and 4.3 before 4.3.0.CP08 performs access control only for the GET and POST methods, which allows remote attackers to send requests to this application's GET handler by using a different method.
FIRST-EPSS: 0.974330000
NVD-IS: 2.9
NVD-ES: 10.0
CVE-2010-0738
DESCRIPTION: Exploit Observer has 30 entries related to CVE-2010-0738. The JMX-Console web application in JBossAs in Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.2 before 4.2.0.CP09 and 4.3 before 4.3.0.CP08 performs access control only for the GET and POST methods, which allows remote attackers to send requests to this application's GET handler by using a different method.
FIRST-EPSS: 0.974330000
NVD-IS: 2.9
NVD-ES: 10.0
#ExploitObserverAlert
CVE-2022-26133
DESCRIPTION: Exploit Observer has 17 entries related to CVE-2022-26133. SharedSecretClusterAuthenticator in Atlassian Bitbucket Data Center versions 5.14.0 and later before 7.6.14, 7.7.0 and later prior to 7.17.6, 7.18.0 and later prior to 7.18.4, 7.19.0 and later prior to 7.19.4, and 7.20.0 allow a remote, unauthenticated attacker to execute arbitrary code via Java deserialization.
FIRST-EPSS: 0.009980000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2022-26133
DESCRIPTION: Exploit Observer has 17 entries related to CVE-2022-26133. SharedSecretClusterAuthenticator in Atlassian Bitbucket Data Center versions 5.14.0 and later before 7.6.14, 7.7.0 and later prior to 7.17.6, 7.18.0 and later prior to 7.18.4, 7.19.0 and later prior to 7.19.4, and 7.20.0 allow a remote, unauthenticated attacker to execute arbitrary code via Java deserialization.
FIRST-EPSS: 0.009980000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2022-41678
DESCRIPTION: Exploit Observer has 4 entries related to CVE-2022-41678. Once an user is authenticated on Jolokia, he can potentially trigger arbitrary code execution. In details, in ActiveMQ configurations, jetty allows org.jolokia.http.AgentServlet to handler request to /api/jolokia org.jolokia.http.HttpRequestHandler
CVE-2022-41678
DESCRIPTION: Exploit Observer has 4 entries related to CVE-2022-41678. Once an user is authenticated on Jolokia, he can potentially trigger arbitrary code execution. In details, in ActiveMQ configurations, jetty allows org.jolokia.http.AgentServlet to handler request to /api/jolokia org.jolokia.http.HttpRequestHandler
#ExploitObserverAlert
CVE-2019-12409
DESCRIPTION: Exploit Observer has 27 entries related to CVE-2019-12409. The 8.1.1 and 8.2.0 releases of Apache Solr contain an insecure setting for the ENABLE_REMOTE_JMX_OPTS configuration option in the default solr.in.sh configuration file shipping with Solr. If you use the default solr.in.sh file from the affected releases, then JMX monitoring will be enabled and exposed on RMI_PORT (default=18983), without any authentication. If this port is opened for inbound traffic in your firewall, then anyone with network access to your Solr nodes will be able to access JMX, which may in turn allow them to upload malicious code for execution on the Solr server.
FIRST-EPSS: 0.055400000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2019-12409
DESCRIPTION: Exploit Observer has 27 entries related to CVE-2019-12409. The 8.1.1 and 8.2.0 releases of Apache Solr contain an insecure setting for the ENABLE_REMOTE_JMX_OPTS configuration option in the default solr.in.sh configuration file shipping with Solr. If you use the default solr.in.sh file from the affected releases, then JMX monitoring will be enabled and exposed on RMI_PORT (default=18983), without any authentication. If this port is opened for inbound traffic in your firewall, then anyone with network access to your Solr nodes will be able to access JMX, which may in turn allow them to upload malicious code for execution on the Solr server.
FIRST-EPSS: 0.055400000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2019-11358
DESCRIPTION: Exploit Observer has 3667 entries related to CVE-2019-11358. jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.
FIRST-EPSS: 0.029520000
NVD-IS: 2.7
NVD-ES: 2.8
CVE-2019-11358
DESCRIPTION: Exploit Observer has 3667 entries related to CVE-2019-11358. jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.
FIRST-EPSS: 0.029520000
NVD-IS: 2.7
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2014-6271
DESCRIPTION: Exploit Observer has 751 entries related to CVE-2014-6271. GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution, aka "ShellShock." NOTE: the original fix for this issue was incorrect; CVE-2014-7169 has been assigned to cover the vulnerability that is still present after the incorrect fix.
FIRST-EPSS: 0.975680000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2014-6271
DESCRIPTION: Exploit Observer has 751 entries related to CVE-2014-6271. GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution, aka "ShellShock." NOTE: the original fix for this issue was incorrect; CVE-2014-7169 has been assigned to cover the vulnerability that is still present after the incorrect fix.
FIRST-EPSS: 0.975680000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2010-1871
DESCRIPTION: Exploit Observer has 22 entries related to CVE-2010-1871. JBoss Seam 2 (jboss-seam2), as used in JBoss Enterprise Application Platform 4.3.0 for Red Hat Linux, does not properly sanitize inputs for JBoss Expression Language (EL) expressions, which allows remote attackers to execute arbitrary code via a crafted URL. NOTE: this is only a vulnerability when the Java Security Manager is not properly configured.
FIRST-EPSS: 0.967740000
NVD-IS: 6.4
NVD-ES: 8.6
CVE-2010-1871
DESCRIPTION: Exploit Observer has 22 entries related to CVE-2010-1871. JBoss Seam 2 (jboss-seam2), as used in JBoss Enterprise Application Platform 4.3.0 for Red Hat Linux, does not properly sanitize inputs for JBoss Expression Language (EL) expressions, which allows remote attackers to execute arbitrary code via a crafted URL. NOTE: this is only a vulnerability when the Java Security Manager is not properly configured.
FIRST-EPSS: 0.967740000
NVD-IS: 6.4
NVD-ES: 8.6
#ExploitObserverAlert
CVE-2020-17519
DESCRIPTION: Exploit Observer has 98 entries related to CVE-2020-17519. A change introduced in Apache Flink 1.11.0 (and released in 1.11.1 and 1.11.2 as well) allows attackers to read any file on the local filesystem of the JobManager through the REST interface of the JobManager process. Access is restricted to files accessible by the JobManager process. All users should upgrade to Flink 1.11.3 or 1.12.0 if their Flink instance(s) are exposed. The issue was fixed in commit b561010b0ee741543c3953306037f00d7a9f0801 from apache/flink:master.
FIRST-EPSS: 0.971700000
NVD-IS: 3.6
NVD-ES: 3.9
CVE-2020-17519
DESCRIPTION: Exploit Observer has 98 entries related to CVE-2020-17519. A change introduced in Apache Flink 1.11.0 (and released in 1.11.1 and 1.11.2 as well) allows attackers to read any file on the local filesystem of the JobManager through the REST interface of the JobManager process. Access is restricted to files accessible by the JobManager process. All users should upgrade to Flink 1.11.3 or 1.12.0 if their Flink instance(s) are exposed. The issue was fixed in commit b561010b0ee741543c3953306037f00d7a9f0801 from apache/flink:master.
FIRST-EPSS: 0.971700000
NVD-IS: 3.6
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2020-8913
DESCRIPTION: Exploit Observer has 19 entries related to CVE-2020-8913. A local, arbitrary code execution vulnerability exists in the SplitCompat.install endpoint in Android's Play Core Library versions prior to 1.7.2. A malicious attacker could create an apk which targets a specific application, and if a victim were to install this apk, the attacker could perform a directory traversal, execute code as the targeted application and access the targeted application's data on the Android device. We recommend all users update Play Core to version 1.7.2 or later.
FIRST-EPSS: 0.001500000
NVD-IS: 5.9
NVD-ES: 2.8
CVE-2020-8913
DESCRIPTION: Exploit Observer has 19 entries related to CVE-2020-8913. A local, arbitrary code execution vulnerability exists in the SplitCompat.install endpoint in Android's Play Core Library versions prior to 1.7.2. A malicious attacker could create an apk which targets a specific application, and if a victim were to install this apk, the attacker could perform a directory traversal, execute code as the targeted application and access the targeted application's data on the Android device. We recommend all users update Play Core to version 1.7.2 or later.
FIRST-EPSS: 0.001500000
NVD-IS: 5.9
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2021-25646
DESCRIPTION: Exploit Observer has 74 entries related to CVE-2021-25646. Apache Druid includes the ability to execute user-provided JavaScript code embedded in various types of requests. This functionality is intended for use in high-trust environments, and is disabled by default. However, in Druid 0.20.0 and earlier, it is possible for an authenticated user to send a specially-crafted request that forces Druid to run user-provided JavaScript code for that request, regardless of server configuration. This can be leveraged to execute code on the target machine with the privileges of the Druid server process.
FIRST-EPSS: 0.972840000
NVD-IS: 5.9
NVD-ES: 2.8
CVE-2021-25646
DESCRIPTION: Exploit Observer has 74 entries related to CVE-2021-25646. Apache Druid includes the ability to execute user-provided JavaScript code embedded in various types of requests. This functionality is intended for use in high-trust environments, and is disabled by default. However, in Druid 0.20.0 and earlier, it is possible for an authenticated user to send a specially-crafted request that forces Druid to run user-provided JavaScript code for that request, regardless of server configuration. This can be leveraged to execute code on the target machine with the privileges of the Druid server process.
FIRST-EPSS: 0.972840000
NVD-IS: 5.9
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2021-42287
DESCRIPTION: Exploit Observer has 107 entries related to CVE-2021-42287. Active Directory Domain Services Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-42278, CVE-2021-42282, CVE-2021-42291.
FIRST-EPSS: 0.924660000
NVD-IS: 5.9
NVD-ES: 2.8
CVE-2021-42287
DESCRIPTION: Exploit Observer has 107 entries related to CVE-2021-42287. Active Directory Domain Services Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-42278, CVE-2021-42282, CVE-2021-42291.
FIRST-EPSS: 0.924660000
NVD-IS: 5.9
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2017-7615
DESCRIPTION: Exploit Observer has 14 entries related to CVE-2017-7615. MantisBT through 2.3.0 allows arbitrary password reset and unauthenticated admin access via an empty confirm_hash value to verify.php.
FIRST-EPSS: 0.974040000
NVD-IS: 5.9
NVD-ES: 2.8
CVE-2017-7615
DESCRIPTION: Exploit Observer has 14 entries related to CVE-2017-7615. MantisBT through 2.3.0 allows arbitrary password reset and unauthenticated admin access via an empty confirm_hash value to verify.php.
FIRST-EPSS: 0.974040000
NVD-IS: 5.9
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2023-38646
DESCRIPTION: Exploit Observer has 78 entries related to CVE-2023-38646. Metabase open source before 0.46.6.1 and Metabase Enterprise before 1.46.6.1 allow attackers to execute arbitrary commands on the server, at the server's privilege level. Authentication is not required for exploitation. The other fixed versions are 0.45.4.1, 1.45.4.1, 0.44.7.1, 1.44.7.1, 0.43.7.2, and 1.43.7.2.
FIRST-EPSS: 0.604450000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2023-38646
DESCRIPTION: Exploit Observer has 78 entries related to CVE-2023-38646. Metabase open source before 0.46.6.1 and Metabase Enterprise before 1.46.6.1 allow attackers to execute arbitrary commands on the server, at the server's privilege level. Authentication is not required for exploitation. The other fixed versions are 0.45.4.1, 1.45.4.1, 0.44.7.1, 1.44.7.1, 0.43.7.2, and 1.43.7.2.
FIRST-EPSS: 0.604450000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2019-20933
DESCRIPTION: Exploit Observer has 23 entries related to CVE-2019-20933. InfluxDB before 1.7.6 has an authentication bypass vulnerability in the authenticate function in services/httpd/handler.go because a JWT token may have an empty SharedSecret (aka shared secret).
FIRST-EPSS: 0.049130000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2019-20933
DESCRIPTION: Exploit Observer has 23 entries related to CVE-2019-20933. InfluxDB before 1.7.6 has an authentication bypass vulnerability in the authenticate function in services/httpd/handler.go because a JWT token may have an empty SharedSecret (aka shared secret).
FIRST-EPSS: 0.049130000
NVD-IS: 5.9
NVD-ES: 3.9