#ExploitObserverAlert
CVE-2023-46739
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2023-46739. CubeFS is an open-source cloud-native file storage system. A vulnerability was found during in the CubeFS master component in versions prior to 3.3.1 that could allow an untrusted attacker to steal user passwords by carrying out a timing attack. The root case of the vulnerability was that CubeFS used raw string comparison of passwords. The vulnerable part of CubeFS was the UserService of the master component. The UserService gets instantiated when starting the server of the master component. The issue has been patched in v3.3.1. For impacted users, there is no other way to mitigate the issue besides upgrading.
CVE-2023-46739
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2023-46739. CubeFS is an open-source cloud-native file storage system. A vulnerability was found during in the CubeFS master component in versions prior to 3.3.1 that could allow an untrusted attacker to steal user passwords by carrying out a timing attack. The root case of the vulnerability was that CubeFS used raw string comparison of passwords. The vulnerable part of CubeFS was the UserService of the master component. The UserService gets instantiated when starting the server of the master component. The issue has been patched in v3.3.1. For impacted users, there is no other way to mitigate the issue besides upgrading.
#ExploitObserverAlert
CVE-2023-46738
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2023-46738. CubeFS is an open-source cloud-native file storage system. A security vulnerability was found in CubeFS HandlerNode in versions prior to 3.3.1 that could allow authenticated users to send maliciously-crafted requests that would crash the ObjectNode and deny other users from using it. The root cause was improper handling of incoming HTTP requests that could allow an attacker to control the ammount of memory that the ObjectNode would allocate. A malicious request could make the ObjectNode allocate more memory that the machine had available, and the attacker could exhaust memory by way of a single malicious request. An attacker would need to be authenticated in order to invoke the vulnerable code with their malicious request and have permissions to delete objects. In addition, the attacker would need to know the names of existing buckets of the CubeFS deployment - otherwise the request would be rejected before it reached the vulnerable code. As such, the most likely attacker is an inside user or an attacker that has breached the account of an existing user in the cluster. The issue has been patched in v3.3.1. There is no other mitigation besides upgrading.
CVE-2023-46738
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2023-46738. CubeFS is an open-source cloud-native file storage system. A security vulnerability was found in CubeFS HandlerNode in versions prior to 3.3.1 that could allow authenticated users to send maliciously-crafted requests that would crash the ObjectNode and deny other users from using it. The root cause was improper handling of incoming HTTP requests that could allow an attacker to control the ammount of memory that the ObjectNode would allocate. A malicious request could make the ObjectNode allocate more memory that the machine had available, and the attacker could exhaust memory by way of a single malicious request. An attacker would need to be authenticated in order to invoke the vulnerable code with their malicious request and have permissions to delete objects. In addition, the attacker would need to know the names of existing buckets of the CubeFS deployment - otherwise the request would be rejected before it reached the vulnerable code. As such, the most likely attacker is an inside user or an attacker that has breached the account of an existing user in the cluster. The issue has been patched in v3.3.1. There is no other mitigation besides upgrading.
#ExploitObserverAlert
CVE-2023-49442
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-49442. Deserialization of Untrusted Data in jeecgFormDemoController in JEECG 4.0 and earlier allows attackers to run arbitrary code via crafted POST request.
CVE-2023-49442
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-49442. Deserialization of Untrusted Data in jeecgFormDemoController in JEECG 4.0 and earlier allows attackers to run arbitrary code via crafted POST request.
#ExploitObserverAlert
CVE-2023-6621
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-6621. The POST SMTP WordPress plugin before 2.8.7 does not sanitise and escape the msg parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin.
CVE-2023-6621
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-6621. The POST SMTP WordPress plugin before 2.8.7 does not sanitise and escape the msg parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin.
#ExploitObserverAlert
CVE-2023-52303
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-52303. Nullptr in paddle.put_along_axis in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of service.
CVE-2023-52303
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-52303. Nullptr in paddle.put_along_axis in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of service.
#ExploitObserverAlert
CVE-2023-38674
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-38674. FPE in paddle.nanmedian in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of service.
CVE-2023-38674
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-38674. FPE in paddle.nanmedian in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of service.
#ExploitObserverAlert
CVE-2023-6540
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-6540. A vulnerability was reported in the Lenovo Browser Mobile and Lenovo Browser HD Apps for Android that could allow an attacker to craft a payload that could result in the disclosure of sensitive information.
CVE-2023-6540
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-6540. A vulnerability was reported in the Lenovo Browser Mobile and Lenovo Browser HD Apps for Android that could allow an attacker to craft a payload that could result in the disclosure of sensitive information.
#ExploitObserverAlert
CVE-2023-50093
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2023-50093. APIIDA API Gateway Manager for Broadcom Layer7 v2023.2.2 is vulnerable to Host Header Injection.
CVE-2023-50093
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2023-50093. APIIDA API Gateway Manager for Broadcom Layer7 v2023.2.2 is vulnerable to Host Header Injection.
#ExploitObserverAlert
CVE-2023-5138
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2023-5138. Glitch detection is not enabled by default for the CortexM33 core in Silicon Labs secure vault high parts EFx32xG2xB, except EFR32xG21B.
CVE-2023-5138
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2023-5138. Glitch detection is not enabled by default for the CortexM33 core in Silicon Labs secure vault high parts EFx32xG2xB, except EFR32xG21B.
#ExploitObserverAlert
GHSA-cfph-4qqh-w828
DESCRIPTION: Exploit Observer has 3 entries related to GHSA-CFPH-4QQH-W828. Sending specially crafted HTTP requests and inspector messages to Wrangler's dev server could result in any file on the user's computer being accessible over the local network. An attacker that could trick any user on the local network into opening a malicious website could also read any file.
GHSS: 6.9
GHSA-cfph-4qqh-w828
DESCRIPTION: Exploit Observer has 3 entries related to GHSA-CFPH-4QQH-W828. Sending specially crafted HTTP requests and inspector messages to Wrangler's dev server could result in any file on the user's computer being accessible over the local network. An attacker that could trick any user on the local network into opening a malicious website could also read any file.
GHSS: 6.9
#ExploitObserverAlert
GHSA-264p-99wq-f4j6
DESCRIPTION: Exploit Observer has 1 entries related to GHSA-264P-99WQ-F4J6. A potential denial-of-service issue exists in ion-java for applications that use ion-java to:
GHSS: 7.5
GHSA-264p-99wq-f4j6
DESCRIPTION: Exploit Observer has 1 entries related to GHSA-264P-99WQ-F4J6. A potential denial-of-service issue exists in ion-java for applications that use ion-java to:
GHSS: 7.5
#ExploitObserverAlert
CVE-2023-6338
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-6338. Uncontrolled search path vulnerabilities were reported in the Lenovo Universal Device Client (UDC) that could allow an attacker with local access to execute code with elevated privileges.
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2023-6338
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-6338. Uncontrolled search path vulnerabilities were reported in the Lenovo Universal Device Client (UDC) that could allow an attacker with local access to execute code with elevated privileges.
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2023-38676
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-38676. Nullptr in paddle.dot in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of service.
CVE-2023-38676
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-38676. Nullptr in paddle.dot in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of service.
#ExploitObserverAlert
CVE-2023-37607
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2023-37607. Directory Traversal in Automatic-Systems SOC FL9600 FastLine lego_T04E00 allows a remote attacker to obtain sensitive information.
CVE-2023-37607
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2023-37607. Directory Traversal in Automatic-Systems SOC FL9600 FastLine lego_T04E00 allows a remote attacker to obtain sensitive information.
#ExploitObserverAlert
CVE-2023-6498
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2023-6498. The Complianz – GDPR/CCPA Cookie Consent plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to and including 6.5.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled.
CVE-2023-6498
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2023-6498. The Complianz – GDPR/CCPA Cookie Consent plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to and including 6.5.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled.
#ExploitObserverAlert
CVE-2023-30617
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-30617. Kruise provides automated management of large-scale applications on Kubernetes. Starting in version 0.8.0 and prior to versions 1.3.1, 1.4.1, and 1.5.2, an attacker who has gained root privilege of the node that kruise-daemon run can leverage the kruise-daemon pod to list all secrets in the entire cluster. After that, the attacker can leverage the "captured" secrets (e.g. the kruise-manager service account token) to gain extra privileges such as pod modification. Versions 1.3.1, 1.4.1, and 1.5.2 fix this issue. A workaround is available. For users that do not require imagepulljob functions, they can modify kruise-daemon-role to drop the cluster level secret get/list privilege.
CVE-2023-30617
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-30617. Kruise provides automated management of large-scale applications on Kubernetes. Starting in version 0.8.0 and prior to versions 1.3.1, 1.4.1, and 1.5.2, an attacker who has gained root privilege of the node that kruise-daemon run can leverage the kruise-daemon pod to list all secrets in the entire cluster. After that, the attacker can leverage the "captured" secrets (e.g. the kruise-manager service account token) to gain extra privileges such as pod modification. Versions 1.3.1, 1.4.1, and 1.5.2 fix this issue. A workaround is available. For users that do not require imagepulljob functions, they can modify kruise-daemon-role to drop the cluster level secret get/list privilege.
#ExploitObserverAlert
CVE-2023-50090
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-50090. Arbitrary File Write vulnerability in the saveReportFile method of ureport2 2.2.9 and before allows attackers to write arbitrary files and run arbitrary commands via crafted POST request.
CVE-2023-50090
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-50090. Arbitrary File Write vulnerability in the saveReportFile method of ureport2 2.2.9 and before allows attackers to write arbitrary files and run arbitrary commands via crafted POST request.
#ExploitObserverAlert
GHSA-f8mp-x433-5wpf
DESCRIPTION: Exploit Observer has 5 entries related to GHSA-F8MP-X433-5WPF. The V8 inspector intentionally allows arbitrary code execution within the Workers sandbox for debugging. wrangler dev would previously start an inspector server listening on all network interfaces. This would allow an attacker on the local network to connect to the inspector and run arbitrary code. Additionally, the inspector server did not validate Origin/Host headers, granting an attacker that can trick any user on the local network into opening a malicious website the ability to run code. If wrangler dev --remote was being used, an attacker could access production resources if they were bound to the worker.
GHSS: 9.3
GHSA-f8mp-x433-5wpf
DESCRIPTION: Exploit Observer has 5 entries related to GHSA-F8MP-X433-5WPF. The V8 inspector intentionally allows arbitrary code execution within the Workers sandbox for debugging. wrangler dev would previously start an inspector server listening on all network interfaces. This would allow an attacker on the local network to connect to the inspector and run arbitrary code. Additionally, the inspector server did not validate Origin/Host headers, granting an attacker that can trick any user on the local network into opening a malicious website the ability to run code. If wrangler dev --remote was being used, an attacker could access production resources if they were bound to the worker.
GHSS: 9.3
#ExploitObserverAlert
PD/http/misconfiguration/cookies-without-httponly
DESCRIPTION: Exploit Observer has 1 entries related to PD/http/misconfiguration/cookies-without-httponly. Checks whether cookies in the HTTP response contain the HttpOnly attribute. If the HttpOnly flag is set, it means that the cookie is HTTP-only
PD/http/misconfiguration/cookies-without-httponly
DESCRIPTION: Exploit Observer has 1 entries related to PD/http/misconfiguration/cookies-without-httponly. Checks whether cookies in the HTTP response contain the HttpOnly attribute. If the HttpOnly flag is set, it means that the cookie is HTTP-only
#ExploitObserverAlert
GHSA-r6r4-5pr8-gjcp
DESCRIPTION: Exploit Observer has 2 entries related to GHSA-R6R4-5PR8-GJCP. Vapor's vapor_urlparser_parse function uses uint16_t indexes when parsing a URI's components, which may cause integer overflows when parsing untrusted inputs.
GHSS: 6.5
GHSA-r6r4-5pr8-gjcp
DESCRIPTION: Exploit Observer has 2 entries related to GHSA-R6R4-5PR8-GJCP. Vapor's vapor_urlparser_parse function uses uint16_t indexes when parsing a URI's components, which may cause integer overflows when parsing untrusted inputs.
GHSS: 6.5
#ExploitObserverAlert
CVE-2023-5881
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-5881. Unauthenticated access permitted to web interface page The Genie Company Aladdin Connect (Retrofit-Kit Model ALDCM) "Garage Door Control Module Setup" and modify the Garage door's SSID settings.
CVE-2023-5881
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-5881. Unauthenticated access permitted to web interface page The Genie Company Aladdin Connect (Retrofit-Kit Model ALDCM) "Garage Door Control Module Setup" and modify the Garage door's SSID settings.