#ExploitObserverAlert
CVE-2023-43481
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-43481. An issue in Shenzhen TCL Browser TV Web BrowseHere (aka com.tcl.browser) 6.65.022_dab24cc6_231221_gp allows a remote attacker to execute arbitrary JavaScript code via the com.tcl.browser.portal.browse.activity.BrowsePageActivity component.
CVE-2023-43481
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-43481. An issue in Shenzhen TCL Browser TV Web BrowseHere (aka com.tcl.browser) 6.65.022_dab24cc6_231221_gp allows a remote attacker to execute arbitrary JavaScript code via the com.tcl.browser.portal.browse.activity.BrowsePageActivity component.
#ExploitObserverAlert
GHSA-cvg5-hjh8-246x
DESCRIPTION: Exploit Observer has 2 entries related to GHSA-CVG5-HJH8-246X. Improper condition check in some Intel(R) SPS firmware before version SPS_E3_06.00.03.300.0 may allow a privileged user to potentially enable denial of service via local access.
GHSS: 4.4
GHSA-cvg5-hjh8-246x
DESCRIPTION: Exploit Observer has 2 entries related to GHSA-CVG5-HJH8-246X. Improper condition check in some Intel(R) SPS firmware before version SPS_E3_06.00.03.300.0 may allow a privileged user to potentially enable denial of service via local access.
GHSS: 4.4
#ExploitObserverAlert
GHSA-wf33-pghc-9qmj
DESCRIPTION: Exploit Observer has 4 entries related to GHSA-WF33-PGHC-9QMJ. Improper access control in Odoo Community 15.0 and earlier and Odoo Enterprise 15.0 and earlier allows remote authenticated users to trigger the creation of demonstration data, including user accounts with known credentials.
GHSS: 7.1
GHSA-wf33-pghc-9qmj
DESCRIPTION: Exploit Observer has 4 entries related to GHSA-WF33-PGHC-9QMJ. Improper access control in Odoo Community 15.0 and earlier and Odoo Enterprise 15.0 and earlier allows remote authenticated users to trigger the creation of demonstration data, including user accounts with known credentials.
GHSS: 7.1
#ExploitObserverAlert
CVE-2022-45688
DESCRIPTION: Exploit Observer has 5 entries related to CVE-2022-45688. A stack overflow in the XML.toJSONObject component of hutool-json v5.8.10 allows attackers to cause a Denial of Service (DoS) via crafted JSON or XML data.
FIRST-EPSS: 0.000530000
NVD-IS: 3.6
NVD-ES: 3.9
CVE-2022-45688
DESCRIPTION: Exploit Observer has 5 entries related to CVE-2022-45688. A stack overflow in the XML.toJSONObject component of hutool-json v5.8.10 allows attackers to cause a Denial of Service (DoS) via crafted JSON or XML data.
FIRST-EPSS: 0.000530000
NVD-IS: 3.6
NVD-ES: 3.9
#ExploitObserverAlert
GHSA-fggx-frxq-cpx8
DESCRIPTION: Exploit Observer has 1 entries related to GHSA-FGGX-FRXQ-CPX8. Use after free in Garbage Collection in Google Chrome prior to 119.0.6045.159 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
GHSS: 8.8
GHSA-fggx-frxq-cpx8
DESCRIPTION: Exploit Observer has 1 entries related to GHSA-FGGX-FRXQ-CPX8. Use after free in Garbage Collection in Google Chrome prior to 119.0.6045.159 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
GHSS: 8.8
#ExploitObserverAlert
GHSA-crfc-rr25-6wf2
DESCRIPTION: Exploit Observer has 7 entries related to GHSA-CRFC-RR25-6WF2. In append_to_verify_fifo_interleaved_ of stream_encoder.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-174302683
GHSS: 5.5
GHSA-crfc-rr25-6wf2
DESCRIPTION: Exploit Observer has 7 entries related to GHSA-CRFC-RR25-6WF2. In append_to_verify_fifo_interleaved_ of stream_encoder.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-174302683
GHSS: 5.5
#ExploitObserverAlert
CVE-2023-49002
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-49002. An issue in Xenom Technologies (sinous) Phone Dialer-voice Call Dialer v.1.2.5 allows an attacker to bypass intended access restrictions via interaction with com.funprime.calldialer.ui.activities.OutgoingActivity.
CVE-2023-49002
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-49002. An issue in Xenom Technologies (sinous) Phone Dialer-voice Call Dialer v.1.2.5 allows an attacker to bypass intended access restrictions via interaction with com.funprime.calldialer.ui.activities.OutgoingActivity.
#ExploitObserverAlert
GHSA-w689-557m-2cvq
DESCRIPTION: Exploit Observer has 4 entries related to GHSA-W689-557M-2CVQ. The malicious user is able to discover services in the internal network through webhook functionality. All installations accepting public traffic are affected.
GHSS: 8.3
GHSA-w689-557m-2cvq
DESCRIPTION: Exploit Observer has 4 entries related to GHSA-W689-557M-2CVQ. The malicious user is able to discover services in the internal network through webhook functionality. All installations accepting public traffic are affected.
GHSS: 8.3
#ExploitObserverAlert
GHSA-rrwx-6mf8-vc3j
DESCRIPTION: Exploit Observer has 2 entries related to GHSA-RRWX-6MF8-VC3J. Double Free vulnerability in virtualsquare picoTCP v1.7.0 and picoTCP-NG v2.1 in modules/pico_fragments.c in function pico_fragments_reassemble, allows attackers to execute arbitrary code.
GHSS: 9.8
GHSA-rrwx-6mf8-vc3j
DESCRIPTION: Exploit Observer has 2 entries related to GHSA-RRWX-6MF8-VC3J. Double Free vulnerability in virtualsquare picoTCP v1.7.0 and picoTCP-NG v2.1 in modules/pico_fragments.c in function pico_fragments_reassemble, allows attackers to execute arbitrary code.
GHSS: 9.8
#ExploitObserverAlert
GHSA-h5mv-fv98-gqmq
DESCRIPTION: Exploit Observer has 3 entries related to GHSA-H5MV-FV98-GQMQ. A form validation endpoint in Play Framework Plugin executes the play command to validate a given input file.
GHSS: 8.8
GHSA-h5mv-fv98-gqmq
DESCRIPTION: Exploit Observer has 3 entries related to GHSA-H5MV-FV98-GQMQ. A form validation endpoint in Play Framework Plugin executes the play command to validate a given input file.
GHSS: 8.8
#ExploitObserverAlert
GHSA-q7fr-vqhq-v5xr
DESCRIPTION: Exploit Observer has 4 entries related to GHSA-Q7FR-VQHQ-V5XR. While investigating ARTEMIS-2964 it was found that the creation of advisory messages in the OpenWire protocol head of Apache ActiveMQ Artemis 2.15.0 bypassed policy based access control for the entire session. Production of advisory messages was not subject to access control in error.
GHSS: 7.5
GHSA-q7fr-vqhq-v5xr
DESCRIPTION: Exploit Observer has 4 entries related to GHSA-Q7FR-VQHQ-V5XR. While investigating ARTEMIS-2964 it was found that the creation of advisory messages in the OpenWire protocol head of Apache ActiveMQ Artemis 2.15.0 bypassed policy based access control for the entire session. Production of advisory messages was not subject to access control in error.
GHSS: 7.5
#ExploitObserverAlert
GHSA-rxh8-p4v2-m8hf
DESCRIPTION: Exploit Observer has 1 entries related to GHSA-RXH8-P4V2-M8HF. The improper neutralization of special elements in the CGI program of the Zyxel NAS326 firmware version V5.21(AAZF.14)C0 and NAS542 firmware version V5.21(ABAG.11)C0 could allow an authenticated attacker to execute some operating system (OS) commands by sending a crafted URL to a vulnerable device.
GHSS: 8.8
GHSA-rxh8-p4v2-m8hf
DESCRIPTION: Exploit Observer has 1 entries related to GHSA-RXH8-P4V2-M8HF. The improper neutralization of special elements in the CGI program of the Zyxel NAS326 firmware version V5.21(AAZF.14)C0 and NAS542 firmware version V5.21(ABAG.11)C0 could allow an authenticated attacker to execute some operating system (OS) commands by sending a crafted URL to a vulnerable device.
GHSS: 8.8
#ExploitObserverAlert
GHSA-fxf5-c62c-5f69
DESCRIPTION: Exploit Observer has 6 entries related to GHSA-FXF5-C62C-5F69. A path traversal vulnerability found in Qlik Sense Enterprise for Windows for versions May 2023 Patch 3 and earlier, February 2023 Patch 7 and earlier, November 2022 Patch 10 and earlier, and August 2022 Patch 12 and earlier allows an unauthenticated remote attacker to generate an anonymous session. This allows them to transmit HTTP requests to unauthorized endpoints. This is fixed in August 2023 IR, May 2023 Patch 4, February 2023 Patch 8, November 2022 Patch 11, and August 2022 Patch 13.
GHSS: 8.2
GHSA-fxf5-c62c-5f69
DESCRIPTION: Exploit Observer has 6 entries related to GHSA-FXF5-C62C-5F69. A path traversal vulnerability found in Qlik Sense Enterprise for Windows for versions May 2023 Patch 3 and earlier, February 2023 Patch 7 and earlier, November 2022 Patch 10 and earlier, and August 2022 Patch 12 and earlier allows an unauthenticated remote attacker to generate an anonymous session. This allows them to transmit HTTP requests to unauthorized endpoints. This is fixed in August 2023 IR, May 2023 Patch 4, February 2023 Patch 8, November 2022 Patch 11, and August 2022 Patch 13.
GHSS: 8.2
#ExploitObserverAlert
GHSA-jmj6-p2j9-68cp
DESCRIPTION: Exploit Observer has 3 entries related to GHSA-JMJ6-P2J9-68CP. wildfly-elytron: possible timing attacks via use of unsafe comparator. A flaw was found in Wildfly-elytron. Wildfly-elytron uses java.util.Arrays.equals in several places, which is unsafe and vulnerable to timing attacks. To compare values securely, use java.security.MessageDigest.isEqual instead. This flaw allows an attacker to access secure information or impersonate an authed user.
GHSS: 7.4
GHSA-jmj6-p2j9-68cp
DESCRIPTION: Exploit Observer has 3 entries related to GHSA-JMJ6-P2J9-68CP. wildfly-elytron: possible timing attacks via use of unsafe comparator. A flaw was found in Wildfly-elytron. Wildfly-elytron uses java.util.Arrays.equals in several places, which is unsafe and vulnerable to timing attacks. To compare values securely, use java.security.MessageDigest.isEqual instead. This flaw allows an attacker to access secure information or impersonate an authed user.
GHSS: 7.4
#ExploitObserverAlert
GHSA-rg73-99g2-rp3j
DESCRIPTION: Exploit Observer has 4 entries related to GHSA-RG73-99G2-RP3J. Owl Labs Meeting Owl 5.2.0.15 allows attackers to activate Tethering Mode with hard-coded hoothoot credentials via a certain c 150 value.
GHSS: 7.4
GHSA-rg73-99g2-rp3j
DESCRIPTION: Exploit Observer has 4 entries related to GHSA-RG73-99G2-RP3J. Owl Labs Meeting Owl 5.2.0.15 allows attackers to activate Tethering Mode with hard-coded hoothoot credentials via a certain c 150 value.
GHSS: 7.4
#ExploitObserverAlert
GHSA-hhgr-rpp9-9whw
DESCRIPTION: Exploit Observer has 5 entries related to GHSA-HHGR-RPP9-9WHW. SolarWinds Orion Platform before 2020.2.4, as used by various SolarWinds products, installs and uses a SQL Server backend, and stores database credentials to access this backend in a file readable by unprivileged users. As a result, any user having access to the filesystem can read database login details from that file, including the login name and its associated password. Then, the credentials can be used to get database owner access to the SWNetPerfMon.DB database. This gives access to the data collected by SolarWinds applications, and leads to admin access to the applications by inserting or changing authentication data stored in the Accounts table of the database.
GHSA-hhgr-rpp9-9whw
DESCRIPTION: Exploit Observer has 5 entries related to GHSA-HHGR-RPP9-9WHW. SolarWinds Orion Platform before 2020.2.4, as used by various SolarWinds products, installs and uses a SQL Server backend, and stores database credentials to access this backend in a file readable by unprivileged users. As a result, any user having access to the filesystem can read database login details from that file, including the login name and its associated password. Then, the credentials can be used to get database owner access to the SWNetPerfMon.DB database. This gives access to the data collected by SolarWinds applications, and leads to admin access to the applications by inserting or changing authentication data stored in the Accounts table of the database.
#ExploitObserverAlert
CVE-2023-26035
DESCRIPTION: Exploit Observer has 8 entries related to CVE-2023-26035. ZoneMinder is a free, open source Closed-circuit television software application for Linux which supports IP, USB and Analog cameras. Versions prior to 1.36.33 and 1.37.33 are vulnerable to Unauthenticated Remote Code Execution via Missing Authorization. There are no permissions check on the snapshot action, which expects an id to fetch an existing monitor but can be passed an object to create a new one instead. TriggerOn ends up calling shell_exec using the supplied Id. This issue is fixed in This issue is fixed in versions 1.36.33 and 1.37.33.
FIRST-EPSS: 0.104040000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2023-26035
DESCRIPTION: Exploit Observer has 8 entries related to CVE-2023-26035. ZoneMinder is a free, open source Closed-circuit television software application for Linux which supports IP, USB and Analog cameras. Versions prior to 1.36.33 and 1.37.33 are vulnerable to Unauthenticated Remote Code Execution via Missing Authorization. There are no permissions check on the snapshot action, which expects an id to fetch an existing monitor but can be passed an object to create a new one instead. TriggerOn ends up calling shell_exec using the supplied Id. This issue is fixed in This issue is fixed in versions 1.36.33 and 1.37.33.
FIRST-EPSS: 0.104040000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
GHSA-f9fq-vjvh-779p
DESCRIPTION: Exploit Observer has 3 entries related to GHSA-F9FQ-VJVH-779P. HashiCorp vault-ssh-helper (github.com/hashicorp/vault-ssh-helper/helper) up to and including version 0.1.6 incorrectly accepted Vault-issued SSH OTPs for the subnet in which a host's network interface was located, rather than the specific IP address assigned to that interface. Fixed in 0.2.0.
GHSS: 7.5
GHSA-f9fq-vjvh-779p
DESCRIPTION: Exploit Observer has 3 entries related to GHSA-F9FQ-VJVH-779P. HashiCorp vault-ssh-helper (github.com/hashicorp/vault-ssh-helper/helper) up to and including version 0.1.6 incorrectly accepted Vault-issued SSH OTPs for the subnet in which a host's network interface was located, rather than the specific IP address assigned to that interface. Fixed in 0.2.0.
GHSS: 7.5
#ExploitObserverAlert
CVE-2023-4641
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-4641. A flaw was found in shadow-utils. When asking for a new password, shadow-utils asks the password twice. If the password fails on the second attempt, shadow-utils fails in cleaning the buffer used to store the first entry. This may allow an attacker with enough access to retrieve the password from the memory.
CVE-2023-4641
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-4641. A flaw was found in shadow-utils. When asking for a new password, shadow-utils asks the password twice. If the password fails on the second attempt, shadow-utils fails in cleaning the buffer used to store the first entry. This may allow an attacker with enough access to retrieve the password from the memory.
#ExploitObserverAlert
CVE-2023-29017
DESCRIPTION: Exploit Observer has 10 entries related to CVE-2023-29017. vm2 is a sandbox that can run untrusted code with whitelisted Node's built-in modules. Prior to version 3.9.15, vm2 was not properly handling host objects passed to `Error.prepareStackTrace` in case of unhandled async errors. A threat actor could bypass the sandbox protections to gain remote code execution rights on the host running the sandbox. This vulnerability was patched in the release of version 3.9.15 of vm2. There are no known workarounds.
FIRST-EPSS: 0.008130000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2023-29017
DESCRIPTION: Exploit Observer has 10 entries related to CVE-2023-29017. vm2 is a sandbox that can run untrusted code with whitelisted Node's built-in modules. Prior to version 3.9.15, vm2 was not properly handling host objects passed to `Error.prepareStackTrace` in case of unhandled async errors. A threat actor could bypass the sandbox protections to gain remote code execution rights on the host running the sandbox. This vulnerability was patched in the release of version 3.9.15 of vm2. There are no known workarounds.
FIRST-EPSS: 0.008130000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
GHSA-x3f3-j7qh-9wgj
DESCRIPTION: Exploit Observer has 1 entries related to GHSA-X3F3-J7QH-9WGJ. An OS command injection vulnerability exists in AE1021PE firmware version 2.0.9 and earlier and AE1021 firmware version 2.0.9 and earlier. If this vulnerability is exploited, an arbitrary OS command may be executed by an attacker who can log in to the product.
GHSS: 8.8
GHSA-x3f3-j7qh-9wgj
DESCRIPTION: Exploit Observer has 1 entries related to GHSA-X3F3-J7QH-9WGJ. An OS command injection vulnerability exists in AE1021PE firmware version 2.0.9 and earlier and AE1021 firmware version 2.0.9 and earlier. If this vulnerability is exploited, an arbitrary OS command may be executed by an attacker who can log in to the product.
GHSS: 8.8