#ExploitObserverAlert
CVE-2018-25031
DESCRIPTION: Exploit Observer has 12 entries related to CVE-2018-25031. Swagger UI before 4.1.3 could allow a remote attacker to conduct spoofing attacks. By persuading a victim to open a crafted URL, an attacker could exploit this vulnerability to display remote OpenAPI definitions.
FIRST-EPSS: 0.002650000
NVD-IS: 1.4
NVD-ES: 2.8
CVE-2018-25031
DESCRIPTION: Exploit Observer has 12 entries related to CVE-2018-25031. Swagger UI before 4.1.3 could allow a remote attacker to conduct spoofing attacks. By persuading a victim to open a crafted URL, an attacker could exploit this vulnerability to display remote OpenAPI definitions.
FIRST-EPSS: 0.002650000
NVD-IS: 1.4
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2020-5902
DESCRIPTION: Exploit Observer has 277 entries related to CVE-2020-5902. In BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.5, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, the Traffic Management User Interface (TMUI), also referred to as the Configuration utility, has a Remote Code Execution (RCE) vulnerability in undisclosed pages.
FIRST-EPSS: 0.975550000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2020-5902
DESCRIPTION: Exploit Observer has 277 entries related to CVE-2020-5902. In BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.5, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, the Traffic Management User Interface (TMUI), also referred to as the Configuration utility, has a Remote Code Execution (RCE) vulnerability in undisclosed pages.
FIRST-EPSS: 0.975550000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2021-4034
DESCRIPTION: Exploit Observer has 535 entries related to CVE-2021-4034. A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is a setuid tool designed to allow unprivileged users to run commands as privileged users according predefined policies. The current version of pkexec doesn't handle the calling parameters count correctly and ends trying to execute environment variables as commands. An attacker can leverage this by crafting environment variables in such a way it'll induce pkexec to execute arbitrary code. When successfully executed the attack can cause a local privilege escalation given unprivileged users administrative rights on the target machine.
FIRST-EPSS: 0.000460000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2021-4034
DESCRIPTION: Exploit Observer has 535 entries related to CVE-2021-4034. A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is a setuid tool designed to allow unprivileged users to run commands as privileged users according predefined policies. The current version of pkexec doesn't handle the calling parameters count correctly and ends trying to execute environment variables as commands. An attacker can leverage this by crafting environment variables in such a way it'll induce pkexec to execute arbitrary code. When successfully executed the attack can cause a local privilege escalation given unprivileged users administrative rights on the target machine.
FIRST-EPSS: 0.000460000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2020-16846
DESCRIPTION: Exploit Observer has 47 entries related to CVE-2020-16846. An issue was discovered in SaltStack Salt through 3002. Sending crafted web requests to the Salt API, with the SSH client enabled, can result in shell injection.
FIRST-EPSS: 0.975160000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2020-16846
DESCRIPTION: Exploit Observer has 47 entries related to CVE-2020-16846. An issue was discovered in SaltStack Salt through 3002. Sending crafted web requests to the Salt API, with the SSH client enabled, can result in shell injection.
FIRST-EPSS: 0.975160000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2022-38784
DESCRIPTION: Exploit Observer has 15 entries related to CVE-2022-38784. Poppler prior to and including 22.08.0 contains an integer overflow in the JBIG2 decoder (JBIG2Stream::readTextRegionSeg() in JBIGStream.cc). Processing a specially crafted PDF file or JBIG2 image could lead to a crash or the execution of arbitrary code. This is similar to the vulnerability described by CVE-2022-38171 in Xpdf.
FIRST-EPSS: 0.001060000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2022-38784
DESCRIPTION: Exploit Observer has 15 entries related to CVE-2022-38784. Poppler prior to and including 22.08.0 contains an integer overflow in the JBIG2 decoder (JBIG2Stream::readTextRegionSeg() in JBIGStream.cc). Processing a specially crafted PDF file or JBIG2 image could lead to a crash or the execution of arbitrary code. This is similar to the vulnerability described by CVE-2022-38171 in Xpdf.
FIRST-EPSS: 0.001060000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2021-20038
DESCRIPTION: Exploit Observer has 19 entries related to CVE-2021-20038. A Stack-based buffer overflow vulnerability in SMA100 Apache httpd server's mod_cgi module environment variables allows a remote unauthenticated attacker to potentially execute code as a 'nobody' user in the appliance. This vulnerability affected SMA 200, 210, 400, 410 and 500v appliances firmware 10.2.0.8-37sv, 10.2.1.1-19sv, 10.2.1.2-24sv and earlier versions.
FIRST-EPSS: 0.956350000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2021-20038
DESCRIPTION: Exploit Observer has 19 entries related to CVE-2021-20038. A Stack-based buffer overflow vulnerability in SMA100 Apache httpd server's mod_cgi module environment variables allows a remote unauthenticated attacker to potentially execute code as a 'nobody' user in the appliance. This vulnerability affected SMA 200, 210, 400, 410 and 500v appliances firmware 10.2.0.8-37sv, 10.2.1.1-19sv, 10.2.1.2-24sv and earlier versions.
FIRST-EPSS: 0.956350000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2020-10215
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2020-10215. An issue was discovered on D-Link DIR-825 Rev.B 2.10 devices. They allow remote attackers to execute arbitrary commands via the dns_query_name parameter in a dns_query.cgi POST request. TRENDnet TEW-632BRP 1.010B32 is also affected.
FIRST-EPSS: 0.003270000
NVD-IS: 5.9
NVD-ES: 2.8
CVE-2020-10215
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2020-10215. An issue was discovered on D-Link DIR-825 Rev.B 2.10 devices. They allow remote attackers to execute arbitrary commands via the dns_query_name parameter in a dns_query.cgi POST request. TRENDnet TEW-632BRP 1.010B32 is also affected.
FIRST-EPSS: 0.003270000
NVD-IS: 5.9
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2022-48303
DESCRIPTION: Exploit Observer has 8 entries related to CVE-2022-48303. GNU Tar through 1.34 has a one-byte out-of-bounds read that results in use of uninitialized memory for a conditional jump. Exploitation to change the flow of control has not been demonstrated. The issue occurs in from_header in list.c via a V7 archive in which mtime has approximately 11 whitespace characters.
FIRST-EPSS: 0.000440000
NVD-IS: 3.6
NVD-ES: 1.8
CVE-2022-48303
DESCRIPTION: Exploit Observer has 8 entries related to CVE-2022-48303. GNU Tar through 1.34 has a one-byte out-of-bounds read that results in use of uninitialized memory for a conditional jump. Exploitation to change the flow of control has not been demonstrated. The issue occurs in from_header in list.c via a V7 archive in which mtime has approximately 11 whitespace characters.
FIRST-EPSS: 0.000440000
NVD-IS: 3.6
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2020-9493
DESCRIPTION: Exploit Observer has 11 entries related to CVE-2020-9493. A deserialization flaw was found in Apache Chainsaw versions prior to 2.1.0 which could lead to malicious code execution.
FIRST-EPSS: 0.010600000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2020-9493
DESCRIPTION: Exploit Observer has 11 entries related to CVE-2020-9493. A deserialization flaw was found in Apache Chainsaw versions prior to 2.1.0 which could lead to malicious code execution.
FIRST-EPSS: 0.010600000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2017-13086
DESCRIPTION: Exploit Observer has 26 entries related to CVE-2017-13086. Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Tunneled Direct-Link Setup (TDLS) Peer Key (TPK) during the TDLS handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.
FIRST-EPSS: 0.001660000
NVD-IS: 5.2
NVD-ES: 1.6
CVE-2017-13086
DESCRIPTION: Exploit Observer has 26 entries related to CVE-2017-13086. Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Tunneled Direct-Link Setup (TDLS) Peer Key (TPK) during the TDLS handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.
FIRST-EPSS: 0.001660000
NVD-IS: 5.2
NVD-ES: 1.6
#ExploitObserverAlert
CVE-2020-9964
DESCRIPTION: Exploit Observer has 7 entries related to CVE-2020-9964. A memory initialization issue was addressed with improved memory handling. This issue is fixed in iOS 14.0 and iPadOS 14.0. A local user may be able to read kernel memory.
FIRST-EPSS: 0.000420000
NVD-IS: 3.6
NVD-ES: 1.8
CVE-2020-9964
DESCRIPTION: Exploit Observer has 7 entries related to CVE-2020-9964. A memory initialization issue was addressed with improved memory handling. This issue is fixed in iOS 14.0 and iPadOS 14.0. A local user may be able to read kernel memory.
FIRST-EPSS: 0.000420000
NVD-IS: 3.6
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2023-3628
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-3628. A flaw was found in Infinispan's REST. Bulk read endpoints do not properly evaluate user permissions for the operation. This issue could allow an authenticated user to access information outside of their intended permissions.
CVE-2023-3628
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-3628. A flaw was found in Infinispan's REST. Bulk read endpoints do not properly evaluate user permissions for the operation. This issue could allow an authenticated user to access information outside of their intended permissions.
#ExploitObserverAlert
CVE-2023-5115
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-5115.
CVE-2023-5115
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-5115.
#ExploitObserverAlert
GHSA-p8vh-85vc-66x9
DESCRIPTION: Exploit Observer has 8 entries related to GHSA-P8VH-85VC-66X9.
GHSS: 4.3
GHSA-p8vh-85vc-66x9
DESCRIPTION: Exploit Observer has 8 entries related to GHSA-P8VH-85VC-66X9.
GHSS: 4.3
#ExploitObserverAlert
CVE-2018-5767
DESCRIPTION: Exploit Observer has 4 entries related to CVE-2018-5767. An issue was discovered on Tenda AC15 V15.03.1.16_multi devices. A remote, unauthenticated attacker can gain remote code execution on the device with a crafted password parameter for the COOKIE header.
FIRST-EPSS: 0.070380000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2018-5767
DESCRIPTION: Exploit Observer has 4 entries related to CVE-2018-5767. An issue was discovered on Tenda AC15 V15.03.1.16_multi devices. A remote, unauthenticated attacker can gain remote code execution on the device with a crafted password parameter for the COOKIE header.
FIRST-EPSS: 0.070380000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
GHSA-vmc2-j3gf-mvpp
DESCRIPTION: Exploit Observer has 2 entries related to GHSA-VMC2-J3GF-MVPP. In telephony service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges.
GHSS: 5.5
GHSA-vmc2-j3gf-mvpp
DESCRIPTION: Exploit Observer has 2 entries related to GHSA-VMC2-J3GF-MVPP. In telephony service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges.
GHSS: 5.5
#ExploitObserverAlert
CVE-2022-25813
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2022-25813. In Apache OFBiz, versions 18.12.05 and earlier, an attacker acting as an anonymous user of the ecommerce plugin, can insert a malicious content in a message “Subject” field from the "Contact us" page. Then a party manager needs to list the communications in the party component to activate the SSTI. A RCE is then possible.
FIRST-EPSS: 0.004820000
NVD-IS: 3.6
NVD-ES: 3.9
CVE-2022-25813
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2022-25813. In Apache OFBiz, versions 18.12.05 and earlier, an attacker acting as an anonymous user of the ecommerce plugin, can insert a malicious content in a message “Subject” field from the "Contact us" page. Then a party manager needs to list the communications in the party component to activate the SSTI. A RCE is then possible.
FIRST-EPSS: 0.004820000
NVD-IS: 3.6
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2020-12124
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2020-12124. A remote command-line injection vulnerability in the /cgi-bin/live_api.cgi endpoint of the WAVLINK WN530H4 M30H4.V5030.190403 allows an attacker to execute arbitrary Linux commands as root without authentication.
FIRST-EPSS: 0.002690000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2020-12124
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2020-12124. A remote command-line injection vulnerability in the /cgi-bin/live_api.cgi endpoint of the WAVLINK WN530H4 M30H4.V5030.190403 allows an attacker to execute arbitrary Linux commands as root without authentication.
FIRST-EPSS: 0.002690000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2021-3693
DESCRIPTION: Exploit Observer has 4 entries related to CVE-2021-3693. LedgerSMB does not check the origin of HTML fragments merged into the browser's DOM. By sending a specially crafted URL to an authenticated user, this flaw can be abused for remote code execution and information disclosure.
FIRST-EPSS: 0.018710000
NVD-IS: 6.0
NVD-ES: 2.8
CVE-2021-3693
DESCRIPTION: Exploit Observer has 4 entries related to CVE-2021-3693. LedgerSMB does not check the origin of HTML fragments merged into the browser's DOM. By sending a specially crafted URL to an authenticated user, this flaw can be abused for remote code execution and information disclosure.
FIRST-EPSS: 0.018710000
NVD-IS: 6.0
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2023-5236
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-5236. A flaw was found in Infinispan, which does not detect circular object references when unmarshalling. An authenticated attacker with sufficient permissions could insert a maliciously constructed object into the cache and use it to cause out of memory errors and achieve a denial of service.
CVE-2023-5236
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-5236. A flaw was found in Infinispan, which does not detect circular object references when unmarshalling. An authenticated attacker with sufficient permissions could insert a maliciously constructed object into the cache and use it to cause out of memory errors and achieve a denial of service.
#ExploitObserverAlert
CVE-2023-5808
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-5808. SMU versions prior to 14.8.7825.01 are susceptible to unintended information disclosure, through URL manipulation. Authenticated users in a Storage administrative role are able to access HNAS configuration backup and diagnostic data, that would normally be barred to that specific administrative role.
FIRST-EPSS: 0.000490000
NVD-IS: 3.6
NVD-ES: 2.8
CVE-2023-5808
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-5808. SMU versions prior to 14.8.7825.01 are susceptible to unintended information disclosure, through URL manipulation. Authenticated users in a Storage administrative role are able to access HNAS configuration backup and diagnostic data, that would normally be barred to that specific administrative role.
FIRST-EPSS: 0.000490000
NVD-IS: 3.6
NVD-ES: 2.8