#ExploitObserverAlert
CVE-2023-30517
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2023-30517. Jenkins NeuVector Vulnerability Scanner Plugin 1.22 and earlier unconditionally disables SSL/TLS certificate and hostname validation when connecting to a configured NeuVector Vulnerability Scanner server.
FIRST-EPSS: 0.000460000
NVD-IS: 1.4
NVD-ES: 3.9
CVE-2023-30517
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2023-30517. Jenkins NeuVector Vulnerability Scanner Plugin 1.22 and earlier unconditionally disables SSL/TLS certificate and hostname validation when connecting to a configured NeuVector Vulnerability Scanner server.
FIRST-EPSS: 0.000460000
NVD-IS: 1.4
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2023-6105
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-6105. An information disclosure vulnerability exists in multiple ManageEngine products that can result in encryption keys being exposed. A low-privileged OS user with access to the host where an affected ManageEngine product is installed can view and use the exposed key to decrypt product database passwords. This allows the user to access the ManageEngine product database.
FIRST-EPSS: 0.000420000
NVD-IS: 3.6
NVD-ES: 1.8
CVE-2023-6105
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-6105. An information disclosure vulnerability exists in multiple ManageEngine products that can result in encryption keys being exposed. A low-privileged OS user with access to the host where an affected ManageEngine product is installed can view and use the exposed key to decrypt product database passwords. This allows the user to access the ManageEngine product database.
FIRST-EPSS: 0.000420000
NVD-IS: 3.6
NVD-ES: 1.8
#ExploitObserverAlert
GHSA-whj9-m24x-qhhp
DESCRIPTION: Exploit Observer has 4 entries related to GHSA-WHJ9-M24X-QHHP. Before 2.6.3
GHSS: 6.2
GHSA-whj9-m24x-qhhp
DESCRIPTION: Exploit Observer has 4 entries related to GHSA-WHJ9-M24X-QHHP. Before 2.6.3
GHSS: 6.2
#ExploitObserverAlert
CVE-2023-49447
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-49447. JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/nav/update.
FIRST-EPSS: 0.000580000
NVD-IS: 5.9
NVD-ES: 2.8
CVE-2023-49447
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-49447. JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/nav/update.
FIRST-EPSS: 0.000580000
NVD-IS: 5.9
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2023-21993
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-21993. Vulnerability in the Oracle Clinical Remote Data Capture product of Oracle Health Sciences Applications (component: Forms). The supported version that is affected is 5.4.0.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Clinical Remote Data Capture. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Clinical Remote Data Capture accessible data. CVSS 3.1 Base Score 6.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N).
FIRST-EPSS: 0.000470000
NVD-IS: 3.6
NVD-ES: 2.8
CVE-2023-21993
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-21993. Vulnerability in the Oracle Clinical Remote Data Capture product of Oracle Health Sciences Applications (component: Forms). The supported version that is affected is 5.4.0.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Clinical Remote Data Capture. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Clinical Remote Data Capture accessible data. CVSS 3.1 Base Score 6.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N).
FIRST-EPSS: 0.000470000
NVD-IS: 3.6
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2023-36720
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-36720. Windows Mixed Reality Developer Tools Denial of Service Vulnerability
FIRST-EPSS: 0.000990000
NVD-IS: 3.6
NVD-ES: 3.9
CVE-2023-36720
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-36720. Windows Mixed Reality Developer Tools Denial of Service Vulnerability
FIRST-EPSS: 0.000990000
NVD-IS: 3.6
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2023-49819
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-49819. Deserialization of Untrusted Data vulnerability in Gordon Böhme, Antonio Leutsch Structured Content (JSON-LD) #wpsc.This issue affects Structured Content (JSON-LD) #wpsc: from n/a through 1.5.3.
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2023-49819
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-49819. Deserialization of Untrusted Data vulnerability in Gordon Böhme, Antonio Leutsch Structured Content (JSON-LD) #wpsc.This issue affects Structured Content (JSON-LD) #wpsc: from n/a through 1.5.3.
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2023-43645
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2023-43645. OpenFGA is an authorization/permission engine built for developers and inspired by Google Zanzibar. OpenFGA is vulnerable to a denial of service attack when certain Check calls are executed against authorization models that contain circular relationship definitions. When the call is made, it's possible for the server to exhaust resources and die. Users are advised to upgrade to v1.3.2 and update any offending models. There are no known workarounds for this vulnerability. Note that for models which contained cycles or a relation definition that has the relation itself in its evaluation path, checks and queries that require evaluation will no longer be evaluated on v1.3.2+ and will return errors instead. Users who do not have cyclic models are unaffected.
FIRST-EPSS: 0.000460000
NVD-IS: 3.6
NVD-ES: 2.2
CVE-2023-43645
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2023-43645. OpenFGA is an authorization/permission engine built for developers and inspired by Google Zanzibar. OpenFGA is vulnerable to a denial of service attack when certain Check calls are executed against authorization models that contain circular relationship definitions. When the call is made, it's possible for the server to exhaust resources and die. Users are advised to upgrade to v1.3.2 and update any offending models. There are no known workarounds for this vulnerability. Note that for models which contained cycles or a relation definition that has the relation itself in its evaluation path, checks and queries that require evaluation will no longer be evaluated on v1.3.2+ and will return errors instead. Users who do not have cyclic models are unaffected.
FIRST-EPSS: 0.000460000
NVD-IS: 3.6
NVD-ES: 2.2
#ExploitObserverAlert
CVE-2023-1690
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2023-1690. A vulnerability, which was classified as problematic, has been found in SourceCodester Earnings and Expense Tracker App 1.0. This issue affects some unknown processing of the file LoginRegistration.php?a=register_user. The manipulation of the argument fullname leads to cross site scripting. The attack may be initiated remotely. The identifier VDB-224309 was assigned to this vulnerability.
FIRST-EPSS: 0.000460000
NVD-IS: 2.7
NVD-ES: 2.8
CVE-2023-1690
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2023-1690. A vulnerability, which was classified as problematic, has been found in SourceCodester Earnings and Expense Tracker App 1.0. This issue affects some unknown processing of the file LoginRegistration.php?a=register_user. The manipulation of the argument fullname leads to cross site scripting. The attack may be initiated remotely. The identifier VDB-224309 was assigned to this vulnerability.
FIRST-EPSS: 0.000460000
NVD-IS: 2.7
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2023-41367
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2023-41367. Due to missing authentication check in webdynpro application, an unauthorized user in SAP NetWeaver (Guided Procedures) - version 7.50, can gain access to admin view of specific function anonymously. On successful exploitation of vulnerability under specific circumstances, attacker can view user’s email address. There is no integrity/availability impact.
FIRST-EPSS: 0.000460000
NVD-IS: 1.4
NVD-ES: 3.9
CVE-2023-41367
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2023-41367. Due to missing authentication check in webdynpro application, an unauthorized user in SAP NetWeaver (Guided Procedures) - version 7.50, can gain access to admin view of specific function anonymously. On successful exploitation of vulnerability under specific circumstances, attacker can view user’s email address. There is no integrity/availability impact.
FIRST-EPSS: 0.000460000
NVD-IS: 1.4
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2023-4373
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-4373. Inadequate validation of permissions when employing remote tools and macros within Devolutions Remote Desktop Manager versions 2023.2.19 and earlier permits a user to initiate a connection without proper execution rights via the remote tools feature.
FIRST-EPSS: 0.001340000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2023-4373
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-4373. Inadequate validation of permissions when employing remote tools and macros within Devolutions Remote Desktop Manager versions 2023.2.19 and earlier permits a user to initiate a connection without proper execution rights via the remote tools feature.
FIRST-EPSS: 0.001340000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2023-22046
DESCRIPTION: Exploit Observer has 5 entries related to CVE-2023-22046. Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.33 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
FIRST-EPSS: 0.000830000
NVD-IS: 3.6
NVD-ES: 1.2
CVE-2023-22046
DESCRIPTION: Exploit Observer has 5 entries related to CVE-2023-22046. Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.33 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
FIRST-EPSS: 0.000830000
NVD-IS: 3.6
NVD-ES: 1.2
#ExploitObserverAlert
GHSA-m88m-crr9-jvqq
DESCRIPTION: Exploit Observer has 2 entries related to GHSA-M88M-CRR9-JVQQ. A carefully crafted malicious OpenRefine project tar file can be used to trigger arbitrary code execution if a user can be convinced to import it.
GHSS: 5.5
GHSA-m88m-crr9-jvqq
DESCRIPTION: Exploit Observer has 2 entries related to GHSA-M88M-CRR9-JVQQ. A carefully crafted malicious OpenRefine project tar file can be used to trigger arbitrary code execution if a user can be convinced to import it.
GHSS: 5.5
#ExploitObserverAlert
CVE-2023-3167
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2023-3167. The Mail Queue plugin for WordPress is vulnerable to Stored Cross-Site Scripting via an email subject in versions up to, and including, 1.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
FIRST-EPSS: 0.000520000
NVD-IS: 2.7
NVD-ES: 2.8
CVE-2023-3167
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2023-3167. The Mail Queue plugin for WordPress is vulnerable to Stored Cross-Site Scripting via an email subject in versions up to, and including, 1.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
FIRST-EPSS: 0.000520000
NVD-IS: 2.7
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2023-22949
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2023-22949. An issue was discovered in TigerGraph Enterprise Free Edition 3.x. There is logging of user credentials. All authenticated GSQL access requests are logged by TigerGraph in multiple places. Each request includes both the username and password of the user in an easily decodable base64 form. That could allow a TigerGraph administrator to effectively harvest usernames/passwords.
FIRST-EPSS: 0.000490000
NVD-IS: 3.6
NVD-ES: 1.2
CVE-2023-22949
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2023-22949. An issue was discovered in TigerGraph Enterprise Free Edition 3.x. There is logging of user credentials. All authenticated GSQL access requests are logged by TigerGraph in multiple places. Each request includes both the username and password of the user in an easily decodable base64 form. That could allow a TigerGraph administrator to effectively harvest usernames/passwords.
FIRST-EPSS: 0.000490000
NVD-IS: 3.6
NVD-ES: 1.2
#ExploitObserverAlert
CVE-2023-45672
DESCRIPTION: Exploit Observer has 5 entries related to CVE-2023-45672. Frigate is an open source network video recorder. Prior to version 0.13.0 Beta 3, an unsafe deserialization vulnerability was identified in the endpoints used to save configurations for Frigate. This can lead to unauthenticated remote code execution. This can be performed through the UI at `/config` or through a direct call to `/api/config/save`. Exploiting this vulnerability requires the attacker to both know very specific information about a user's Frigate server and requires an authenticated user to be tricked into clicking a specially crafted link to their Frigate instance. This vulnerability could exploited by an attacker under the following circumstances: Frigate publicly exposed to the internet (even with authentication); attacker knows the address of a user's Frigate instance; attacker crafts a specialized page which links to the user's Frigate instance; attacker finds a way to get an authenticated user to visit their specialized page and click the button/link. Input is initially accepted through `http.py`. The user-provided input is then parsed and loaded by `load_config_with_no_duplicates`. However, `load_config_with_no_duplicates` does not sanitize this input by merit of using `yaml.loader.Loader` which can instantiate custom constructors. A provided payload will be executed directly at `frigate/util/builtin.py:110`. This issue may lead to pre-authenticated Remote Code Execution. Version 0.13.0 Beta 3 contains a patch.
FIRST-EPSS: 0.018070000
NVD-IS: 5.9
NVD-ES: 1.6
CVE-2023-45672
DESCRIPTION: Exploit Observer has 5 entries related to CVE-2023-45672. Frigate is an open source network video recorder. Prior to version 0.13.0 Beta 3, an unsafe deserialization vulnerability was identified in the endpoints used to save configurations for Frigate. This can lead to unauthenticated remote code execution. This can be performed through the UI at `/config` or through a direct call to `/api/config/save`. Exploiting this vulnerability requires the attacker to both know very specific information about a user's Frigate server and requires an authenticated user to be tricked into clicking a specially crafted link to their Frigate instance. This vulnerability could exploited by an attacker under the following circumstances: Frigate publicly exposed to the internet (even with authentication); attacker knows the address of a user's Frigate instance; attacker crafts a specialized page which links to the user's Frigate instance; attacker finds a way to get an authenticated user to visit their specialized page and click the button/link. Input is initially accepted through `http.py`. The user-provided input is then parsed and loaded by `load_config_with_no_duplicates`. However, `load_config_with_no_duplicates` does not sanitize this input by merit of using `yaml.loader.Loader` which can instantiate custom constructors. A provided payload will be executed directly at `frigate/util/builtin.py:110`. This issue may lead to pre-authenticated Remote Code Execution. Version 0.13.0 Beta 3 contains a patch.
FIRST-EPSS: 0.018070000
NVD-IS: 5.9
NVD-ES: 1.6
#ExploitObserverAlert
CVE-2023-2047
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2023-2047. A vulnerability was found in Campcodes Advanced Online Voting System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file login.php. The manipulation of the argument voter leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-225932.
FIRST-EPSS: 0.000640000
NVD-IS: 3.6
NVD-ES: 3.9
CVE-2023-2047
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2023-2047. A vulnerability was found in Campcodes Advanced Online Voting System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file login.php. The manipulation of the argument voter leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-225932.
FIRST-EPSS: 0.000640000
NVD-IS: 3.6
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2023-41180
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-41180. Incorrect certificate validation in InvokeHTTP on Apache NiFi MiNiFi C++ versions 0.13 to 0.14 allows an intermediary to present a forged certificate during TLS handshake negotation. The Disable Peer Verification property of InvokeHTTP was effectively flipped, disabling verification by default, when using HTTPS. Mitigation: Set the Disable Peer Verification property of InvokeHTTP to true when using MiNiFi C++ versions 0.13.0 or 0.14.0. Upgrading to MiNiFi C++ 0.15.0 corrects the default behavior.
FIRST-EPSS: 0.000440000
NVD-IS: 3.6
NVD-ES: 2.2
CVE-2023-41180
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-41180. Incorrect certificate validation in InvokeHTTP on Apache NiFi MiNiFi C++ versions 0.13 to 0.14 allows an intermediary to present a forged certificate during TLS handshake negotation. The Disable Peer Verification property of InvokeHTTP was effectively flipped, disabling verification by default, when using HTTPS. Mitigation: Set the Disable Peer Verification property of InvokeHTTP to true when using MiNiFi C++ versions 0.13.0 or 0.14.0. Upgrading to MiNiFi C++ 0.15.0 corrects the default behavior.
FIRST-EPSS: 0.000440000
NVD-IS: 3.6
NVD-ES: 2.2
#ExploitObserverAlert
CVE-2023-48365
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-48365. Qlik Sense Enterprise for Windows before August 2023 Patch 2 allows unauthenticated remote code execution, aka QB-21683. Due to improper validation of HTTP headers, a remote attacker is able to elevate their privilege by tunneling HTTP requests, allowing them to execute HTTP requests on the backend server that hosts the repository application. The fixed versions are August 2023 Patch 2, May 2023 Patch 6, February 2023 Patch 10, November 2022 Patch 12, August 2022 Patch 14, May 2022 Patch 16, February 2022 Patch 15, and November 2021 Patch 17. NOTE: this issue exists because of an incomplete fix for CVE-2023-41265.
FIRST-EPSS: 0.000820000
NVD-IS: 6.0
NVD-ES: 3.1
CVE-2023-48365
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-48365. Qlik Sense Enterprise for Windows before August 2023 Patch 2 allows unauthenticated remote code execution, aka QB-21683. Due to improper validation of HTTP headers, a remote attacker is able to elevate their privilege by tunneling HTTP requests, allowing them to execute HTTP requests on the backend server that hosts the repository application. The fixed versions are August 2023 Patch 2, May 2023 Patch 6, February 2023 Patch 10, November 2022 Patch 12, August 2022 Patch 14, May 2022 Patch 16, February 2022 Patch 15, and November 2021 Patch 17. NOTE: this issue exists because of an incomplete fix for CVE-2023-41265.
FIRST-EPSS: 0.000820000
NVD-IS: 6.0
NVD-ES: 3.1
#ExploitObserverAlert
CVE-2023-48765
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-48765. Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Till Krüss Email Address Encoder allows Stored XSS.This issue affects Email Address Encoder: from n/a through 1.0.22.
FIRST-EPSS: 0.000430000
NVD-IS: 2.7
NVD-ES: 2.3
CVE-2023-48765
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-48765. Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Till Krüss Email Address Encoder allows Stored XSS.This issue affects Email Address Encoder: from n/a through 1.0.22.
FIRST-EPSS: 0.000430000
NVD-IS: 2.7
NVD-ES: 2.3
#ExploitObserverAlert
CVE-2023-6381
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-6381. Improper input validation vulnerability in Newsletter Software SuperMailer affecting version 11.20.0.2204. An attacker could exploit this vulnerability by sending a malicious configuration file (file with SMB extension) to a user via a link or email attachment and persuade the user to open the file with the affected software on the local system. A successful exploit could allow the attacker to crash the application when attempting to load the malicious file.
FIRST-EPSS: 0.000430000
NVD-IS: 3.6
NVD-ES: 1.8
CVE-2023-6381
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-6381. Improper input validation vulnerability in Newsletter Software SuperMailer affecting version 11.20.0.2204. An attacker could exploit this vulnerability by sending a malicious configuration file (file with SMB extension) to a user via a link or email attachment and persuade the user to open the file with the affected software on the local system. A successful exploit could allow the attacker to crash the application when attempting to load the malicious file.
FIRST-EPSS: 0.000430000
NVD-IS: 3.6
NVD-ES: 1.8