#ExploitObserverAlert
GHSA-f5vv-hcgf-xvxq
DESCRIPTION: Exploit Observer has 5 entries related to GHSA-F5VV-HCGF-XVXQ. Orthanc before 1.12.0 allows authenticated users with access to the Orthanc API to overwrite arbitrary files on the file system, and in specific deployment scenarios allows the attacker to overwrite the configuration, which can be exploited to trigger Remote Code Execution (RCE).
GHSA-f5vv-hcgf-xvxq
DESCRIPTION: Exploit Observer has 5 entries related to GHSA-F5VV-HCGF-XVXQ. Orthanc before 1.12.0 allows authenticated users with access to the Orthanc API to overwrite arbitrary files on the file system, and in specific deployment scenarios allows the attacker to overwrite the configuration, which can be exploited to trigger Remote Code Execution (RCE).
#ExploitObserverAlert
CVE-2023-40038
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-40038. Arris DG860A and DG1670A devices have predictable default WPA2 PSKs that could lead to unauthorized remote access. (They use the first 6 characters of the SSID and the last 6 characters of the BSSID, decrementing the last digit.)
CVE-2023-40038
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-40038. Arris DG860A and DG1670A devices have predictable default WPA2 PSKs that could lead to unauthorized remote access. (They use the first 6 characters of the SSID and the last 6 characters of the BSSID, decrementing the last digit.)
#ExploitObserverAlert
GHSA-fjc9-jw7g-7732
DESCRIPTION: Exploit Observer has 1 entries related to GHSA-FJC9-JW7G-7732. In International Color Consortium DemoIccMAX 79ecb74, there is an out-of-bounds read in the CIccPRMG::GetChroma function in IccProfLib/IccPrmg.cpp in libSampleICC.a.
GHSS: 7.8
GHSA-fjc9-jw7g-7732
DESCRIPTION: Exploit Observer has 1 entries related to GHSA-FJC9-JW7G-7732. In International Color Consortium DemoIccMAX 79ecb74, there is an out-of-bounds read in the CIccPRMG::GetChroma function in IccProfLib/IccPrmg.cpp in libSampleICC.a.
GHSS: 7.8
#ExploitObserverAlert
GHSA-gcq4-64v6-p5pv
DESCRIPTION: Exploit Observer has 2 entries related to GHSA-GCQ4-64V6-P5PV. Cross Site Scripting (XSS) vulnerability in Netgate pfSense v.2.7.0 allows a remote attacker to gain privileges via a crafted url to the status_logs_filter_dynamic.php page.
GHSS: 5.4
GHSA-gcq4-64v6-p5pv
DESCRIPTION: Exploit Observer has 2 entries related to GHSA-GCQ4-64V6-P5PV. Cross Site Scripting (XSS) vulnerability in Netgate pfSense v.2.7.0 allows a remote attacker to gain privileges via a crafted url to the status_logs_filter_dynamic.php page.
GHSS: 5.4
#ExploitObserverAlert
GHSA-rp8v-59gg-c7h6
DESCRIPTION: Exploit Observer has 2 entries related to GHSA-RP8V-59GG-C7H6. Transient DOS due to reachable assertion in Modem during OSI decode scheduling.
GHSS: 7.5
GHSA-rp8v-59gg-c7h6
DESCRIPTION: Exploit Observer has 2 entries related to GHSA-RP8V-59GG-C7H6. Transient DOS due to reachable assertion in Modem during OSI decode scheduling.
GHSS: 7.5
#ExploitObserverAlert
CVE-2023-43481
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-43481. An issue in Shenzhen TCL Browser TV Web BrowseHere (aka com.tcl.browser) 6.65.022_dab24cc6_231221_gp allows a remote attacker to execute arbitrary JavaScript code via the com.tcl.browser.portal.browse.activity.BrowsePageActivity component.
CVE-2023-43481
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-43481. An issue in Shenzhen TCL Browser TV Web BrowseHere (aka com.tcl.browser) 6.65.022_dab24cc6_231221_gp allows a remote attacker to execute arbitrary JavaScript code via the com.tcl.browser.portal.browse.activity.BrowsePageActivity component.
#ExploitObserverAlert
GHSA-cvg5-hjh8-246x
DESCRIPTION: Exploit Observer has 2 entries related to GHSA-CVG5-HJH8-246X. Improper condition check in some Intel(R) SPS firmware before version SPS_E3_06.00.03.300.0 may allow a privileged user to potentially enable denial of service via local access.
GHSS: 4.4
GHSA-cvg5-hjh8-246x
DESCRIPTION: Exploit Observer has 2 entries related to GHSA-CVG5-HJH8-246X. Improper condition check in some Intel(R) SPS firmware before version SPS_E3_06.00.03.300.0 may allow a privileged user to potentially enable denial of service via local access.
GHSS: 4.4
#ExploitObserverAlert
GHSA-wf33-pghc-9qmj
DESCRIPTION: Exploit Observer has 4 entries related to GHSA-WF33-PGHC-9QMJ. Improper access control in Odoo Community 15.0 and earlier and Odoo Enterprise 15.0 and earlier allows remote authenticated users to trigger the creation of demonstration data, including user accounts with known credentials.
GHSS: 7.1
GHSA-wf33-pghc-9qmj
DESCRIPTION: Exploit Observer has 4 entries related to GHSA-WF33-PGHC-9QMJ. Improper access control in Odoo Community 15.0 and earlier and Odoo Enterprise 15.0 and earlier allows remote authenticated users to trigger the creation of demonstration data, including user accounts with known credentials.
GHSS: 7.1
#ExploitObserverAlert
CVE-2022-45688
DESCRIPTION: Exploit Observer has 5 entries related to CVE-2022-45688. A stack overflow in the XML.toJSONObject component of hutool-json v5.8.10 allows attackers to cause a Denial of Service (DoS) via crafted JSON or XML data.
FIRST-EPSS: 0.000530000
NVD-IS: 3.6
NVD-ES: 3.9
CVE-2022-45688
DESCRIPTION: Exploit Observer has 5 entries related to CVE-2022-45688. A stack overflow in the XML.toJSONObject component of hutool-json v5.8.10 allows attackers to cause a Denial of Service (DoS) via crafted JSON or XML data.
FIRST-EPSS: 0.000530000
NVD-IS: 3.6
NVD-ES: 3.9
#ExploitObserverAlert
GHSA-fggx-frxq-cpx8
DESCRIPTION: Exploit Observer has 1 entries related to GHSA-FGGX-FRXQ-CPX8. Use after free in Garbage Collection in Google Chrome prior to 119.0.6045.159 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
GHSS: 8.8
GHSA-fggx-frxq-cpx8
DESCRIPTION: Exploit Observer has 1 entries related to GHSA-FGGX-FRXQ-CPX8. Use after free in Garbage Collection in Google Chrome prior to 119.0.6045.159 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
GHSS: 8.8
#ExploitObserverAlert
GHSA-crfc-rr25-6wf2
DESCRIPTION: Exploit Observer has 7 entries related to GHSA-CRFC-RR25-6WF2. In append_to_verify_fifo_interleaved_ of stream_encoder.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-174302683
GHSS: 5.5
GHSA-crfc-rr25-6wf2
DESCRIPTION: Exploit Observer has 7 entries related to GHSA-CRFC-RR25-6WF2. In append_to_verify_fifo_interleaved_ of stream_encoder.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-174302683
GHSS: 5.5
#ExploitObserverAlert
CVE-2023-49002
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-49002. An issue in Xenom Technologies (sinous) Phone Dialer-voice Call Dialer v.1.2.5 allows an attacker to bypass intended access restrictions via interaction with com.funprime.calldialer.ui.activities.OutgoingActivity.
CVE-2023-49002
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-49002. An issue in Xenom Technologies (sinous) Phone Dialer-voice Call Dialer v.1.2.5 allows an attacker to bypass intended access restrictions via interaction with com.funprime.calldialer.ui.activities.OutgoingActivity.
#ExploitObserverAlert
GHSA-w689-557m-2cvq
DESCRIPTION: Exploit Observer has 4 entries related to GHSA-W689-557M-2CVQ. The malicious user is able to discover services in the internal network through webhook functionality. All installations accepting public traffic are affected.
GHSS: 8.3
GHSA-w689-557m-2cvq
DESCRIPTION: Exploit Observer has 4 entries related to GHSA-W689-557M-2CVQ. The malicious user is able to discover services in the internal network through webhook functionality. All installations accepting public traffic are affected.
GHSS: 8.3
#ExploitObserverAlert
GHSA-rrwx-6mf8-vc3j
DESCRIPTION: Exploit Observer has 2 entries related to GHSA-RRWX-6MF8-VC3J. Double Free vulnerability in virtualsquare picoTCP v1.7.0 and picoTCP-NG v2.1 in modules/pico_fragments.c in function pico_fragments_reassemble, allows attackers to execute arbitrary code.
GHSS: 9.8
GHSA-rrwx-6mf8-vc3j
DESCRIPTION: Exploit Observer has 2 entries related to GHSA-RRWX-6MF8-VC3J. Double Free vulnerability in virtualsquare picoTCP v1.7.0 and picoTCP-NG v2.1 in modules/pico_fragments.c in function pico_fragments_reassemble, allows attackers to execute arbitrary code.
GHSS: 9.8
#ExploitObserverAlert
GHSA-h5mv-fv98-gqmq
DESCRIPTION: Exploit Observer has 3 entries related to GHSA-H5MV-FV98-GQMQ. A form validation endpoint in Play Framework Plugin executes the play command to validate a given input file.
GHSS: 8.8
GHSA-h5mv-fv98-gqmq
DESCRIPTION: Exploit Observer has 3 entries related to GHSA-H5MV-FV98-GQMQ. A form validation endpoint in Play Framework Plugin executes the play command to validate a given input file.
GHSS: 8.8
#ExploitObserverAlert
GHSA-q7fr-vqhq-v5xr
DESCRIPTION: Exploit Observer has 4 entries related to GHSA-Q7FR-VQHQ-V5XR. While investigating ARTEMIS-2964 it was found that the creation of advisory messages in the OpenWire protocol head of Apache ActiveMQ Artemis 2.15.0 bypassed policy based access control for the entire session. Production of advisory messages was not subject to access control in error.
GHSS: 7.5
GHSA-q7fr-vqhq-v5xr
DESCRIPTION: Exploit Observer has 4 entries related to GHSA-Q7FR-VQHQ-V5XR. While investigating ARTEMIS-2964 it was found that the creation of advisory messages in the OpenWire protocol head of Apache ActiveMQ Artemis 2.15.0 bypassed policy based access control for the entire session. Production of advisory messages was not subject to access control in error.
GHSS: 7.5
#ExploitObserverAlert
GHSA-rxh8-p4v2-m8hf
DESCRIPTION: Exploit Observer has 1 entries related to GHSA-RXH8-P4V2-M8HF. The improper neutralization of special elements in the CGI program of the Zyxel NAS326 firmware version V5.21(AAZF.14)C0 and NAS542 firmware version V5.21(ABAG.11)C0 could allow an authenticated attacker to execute some operating system (OS) commands by sending a crafted URL to a vulnerable device.
GHSS: 8.8
GHSA-rxh8-p4v2-m8hf
DESCRIPTION: Exploit Observer has 1 entries related to GHSA-RXH8-P4V2-M8HF. The improper neutralization of special elements in the CGI program of the Zyxel NAS326 firmware version V5.21(AAZF.14)C0 and NAS542 firmware version V5.21(ABAG.11)C0 could allow an authenticated attacker to execute some operating system (OS) commands by sending a crafted URL to a vulnerable device.
GHSS: 8.8
#ExploitObserverAlert
GHSA-fxf5-c62c-5f69
DESCRIPTION: Exploit Observer has 6 entries related to GHSA-FXF5-C62C-5F69. A path traversal vulnerability found in Qlik Sense Enterprise for Windows for versions May 2023 Patch 3 and earlier, February 2023 Patch 7 and earlier, November 2022 Patch 10 and earlier, and August 2022 Patch 12 and earlier allows an unauthenticated remote attacker to generate an anonymous session. This allows them to transmit HTTP requests to unauthorized endpoints. This is fixed in August 2023 IR, May 2023 Patch 4, February 2023 Patch 8, November 2022 Patch 11, and August 2022 Patch 13.
GHSS: 8.2
GHSA-fxf5-c62c-5f69
DESCRIPTION: Exploit Observer has 6 entries related to GHSA-FXF5-C62C-5F69. A path traversal vulnerability found in Qlik Sense Enterprise for Windows for versions May 2023 Patch 3 and earlier, February 2023 Patch 7 and earlier, November 2022 Patch 10 and earlier, and August 2022 Patch 12 and earlier allows an unauthenticated remote attacker to generate an anonymous session. This allows them to transmit HTTP requests to unauthorized endpoints. This is fixed in August 2023 IR, May 2023 Patch 4, February 2023 Patch 8, November 2022 Patch 11, and August 2022 Patch 13.
GHSS: 8.2
#ExploitObserverAlert
GHSA-jmj6-p2j9-68cp
DESCRIPTION: Exploit Observer has 3 entries related to GHSA-JMJ6-P2J9-68CP. wildfly-elytron: possible timing attacks via use of unsafe comparator. A flaw was found in Wildfly-elytron. Wildfly-elytron uses java.util.Arrays.equals in several places, which is unsafe and vulnerable to timing attacks. To compare values securely, use java.security.MessageDigest.isEqual instead. This flaw allows an attacker to access secure information or impersonate an authed user.
GHSS: 7.4
GHSA-jmj6-p2j9-68cp
DESCRIPTION: Exploit Observer has 3 entries related to GHSA-JMJ6-P2J9-68CP. wildfly-elytron: possible timing attacks via use of unsafe comparator. A flaw was found in Wildfly-elytron. Wildfly-elytron uses java.util.Arrays.equals in several places, which is unsafe and vulnerable to timing attacks. To compare values securely, use java.security.MessageDigest.isEqual instead. This flaw allows an attacker to access secure information or impersonate an authed user.
GHSS: 7.4
#ExploitObserverAlert
GHSA-rg73-99g2-rp3j
DESCRIPTION: Exploit Observer has 4 entries related to GHSA-RG73-99G2-RP3J. Owl Labs Meeting Owl 5.2.0.15 allows attackers to activate Tethering Mode with hard-coded hoothoot credentials via a certain c 150 value.
GHSS: 7.4
GHSA-rg73-99g2-rp3j
DESCRIPTION: Exploit Observer has 4 entries related to GHSA-RG73-99G2-RP3J. Owl Labs Meeting Owl 5.2.0.15 allows attackers to activate Tethering Mode with hard-coded hoothoot credentials via a certain c 150 value.
GHSS: 7.4
#ExploitObserverAlert
GHSA-hhgr-rpp9-9whw
DESCRIPTION: Exploit Observer has 5 entries related to GHSA-HHGR-RPP9-9WHW. SolarWinds Orion Platform before 2020.2.4, as used by various SolarWinds products, installs and uses a SQL Server backend, and stores database credentials to access this backend in a file readable by unprivileged users. As a result, any user having access to the filesystem can read database login details from that file, including the login name and its associated password. Then, the credentials can be used to get database owner access to the SWNetPerfMon.DB database. This gives access to the data collected by SolarWinds applications, and leads to admin access to the applications by inserting or changing authentication data stored in the Accounts table of the database.
GHSA-hhgr-rpp9-9whw
DESCRIPTION: Exploit Observer has 5 entries related to GHSA-HHGR-RPP9-9WHW. SolarWinds Orion Platform before 2020.2.4, as used by various SolarWinds products, installs and uses a SQL Server backend, and stores database credentials to access this backend in a file readable by unprivileged users. As a result, any user having access to the filesystem can read database login details from that file, including the login name and its associated password. Then, the credentials can be used to get database owner access to the SWNetPerfMon.DB database. This gives access to the data collected by SolarWinds applications, and leads to admin access to the applications by inserting or changing authentication data stored in the Accounts table of the database.