#ExploitObserverAlert
CVE-2022-1178
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2022-1178. Stored Cross Site Scripting in GitHub repository openemr/openemr prior to 6.0.0.4.
FIRST-EPSS: 0.051470000
NVD-IS: 2.7
NVD-ES: 2.3
CVE-2022-1178
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2022-1178. Stored Cross Site Scripting in GitHub repository openemr/openemr prior to 6.0.0.4.
FIRST-EPSS: 0.051470000
NVD-IS: 2.7
NVD-ES: 2.3
#ExploitObserverAlert
CVE-2023-34104
DESCRIPTION: Exploit Observer has 4 entries related to CVE-2023-34104. fast-xml-parser is an open source, pure javascript xml parser. fast-xml-parser allows special characters in entity names, which are not escaped or sanitized. Since the entity name is used for creating a regex for searching and replacing entities in the XML body, an attacker can abuse it for denial of service (DoS) attacks. By crafting an entity name that results in an intentionally bad performing regex and utilizing it in the entity replacement step of the parser, this can cause the parser to stall for an indefinite amount of time. This problem has been resolved in v4.2.4. Users are advised to upgrade. Users unable to upgrade should avoid using DOCTYPE parsing by setting the `processEntities: false` option.
FIRST-EPSS: 0.000440000
NVD-IS: 3.6
NVD-ES: 3.9
CVE-2023-34104
DESCRIPTION: Exploit Observer has 4 entries related to CVE-2023-34104. fast-xml-parser is an open source, pure javascript xml parser. fast-xml-parser allows special characters in entity names, which are not escaped or sanitized. Since the entity name is used for creating a regex for searching and replacing entities in the XML body, an attacker can abuse it for denial of service (DoS) attacks. By crafting an entity name that results in an intentionally bad performing regex and utilizing it in the entity replacement step of the parser, this can cause the parser to stall for an indefinite amount of time. This problem has been resolved in v4.2.4. Users are advised to upgrade. Users unable to upgrade should avoid using DOCTYPE parsing by setting the `processEntities: false` option.
FIRST-EPSS: 0.000440000
NVD-IS: 3.6
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2021-2205
DESCRIPTION: Exploit Observer has 4 entries related to CVE-2021-2205. Vulnerability in the Oracle Marketing product of Oracle E-Business Suite (component: Marketing Administration). Supported versions that are affected are 12.2.7-12.2.10. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Marketing. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Marketing accessible data as well as unauthorized access to critical data or complete access to all Oracle Marketing accessible data. CVSS 3.1 Base Score 9.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N).
FIRST-EPSS: 0.001940000
NVD-IS: 5.2
NVD-ES: 3.9
CVE-2021-2205
DESCRIPTION: Exploit Observer has 4 entries related to CVE-2021-2205. Vulnerability in the Oracle Marketing product of Oracle E-Business Suite (component: Marketing Administration). Supported versions that are affected are 12.2.7-12.2.10. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Marketing. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Marketing accessible data as well as unauthorized access to critical data or complete access to all Oracle Marketing accessible data. CVSS 3.1 Base Score 9.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N).
FIRST-EPSS: 0.001940000
NVD-IS: 5.2
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2021-24379
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2021-24379. The Comments Like Dislike WordPress plugin before 1.1.4 allows users to like/dislike posted comments, however does not prevent them from replaying the AJAX request to add a like. This allows any user (even unauthenticated) to add unlimited like/dislike to any comment. The plugin appears to have some Restriction modes, such as Cookie Restriction, IP Restrictions, Logged In User Restriction, however, they do not prevent such attack as they only check client side
FIRST-EPSS: 0.001090000
NVD-IS: 1.4
NVD-ES: 3.9
CVE-2021-24379
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2021-24379. The Comments Like Dislike WordPress plugin before 1.1.4 allows users to like/dislike posted comments, however does not prevent them from replaying the AJAX request to add a like. This allows any user (even unauthenticated) to add unlimited like/dislike to any comment. The plugin appears to have some Restriction modes, such as Cookie Restriction, IP Restrictions, Logged In User Restriction, however, they do not prevent such attack as they only check client side
FIRST-EPSS: 0.001090000
NVD-IS: 1.4
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2023-5840
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2023-5840. Weak Password Recovery Mechanism for Forgotten Password in GitHub repository linkstackorg/linkstack prior to v4.2.9.
FIRST-EPSS: 0.000870000
NVD-IS: 5.9
NVD-ES: 2.8
CVE-2023-5840
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2023-5840. Weak Password Recovery Mechanism for Forgotten Password in GitHub repository linkstackorg/linkstack prior to v4.2.9.
FIRST-EPSS: 0.000870000
NVD-IS: 5.9
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2023-50269
DESCRIPTION: Exploit Observer has 6 entries related to CVE-2023-50269. Squid is a caching proxy for the Web. Due to an Uncontrolled Recursion bug in versions 2.6 through 2.7.STABLE9, versions 3.1 through 5.9, and versions 6.0.1 through 6.5, Squid may be vulnerable to a Denial of Service attack against HTTP Request parsing. This problem allows a remote client to perform Denial of Service attack by sending a large X-Forwarded-For header when the follow_x_forwarded_for feature is configured. This bug is fixed by Squid version 6.6. In addition, patches addressing this problem for the stable releases can be found in Squid's patch archives.
FIRST-EPSS: 0.001190000
NVD-IS: 3.6
NVD-ES: 3.9
CVE-2023-50269
DESCRIPTION: Exploit Observer has 6 entries related to CVE-2023-50269. Squid is a caching proxy for the Web. Due to an Uncontrolled Recursion bug in versions 2.6 through 2.7.STABLE9, versions 3.1 through 5.9, and versions 6.0.1 through 6.5, Squid may be vulnerable to a Denial of Service attack against HTTP Request parsing. This problem allows a remote client to perform Denial of Service attack by sending a large X-Forwarded-For header when the follow_x_forwarded_for feature is configured. This bug is fixed by Squid version 6.6. In addition, patches addressing this problem for the stable releases can be found in Squid's patch archives.
FIRST-EPSS: 0.001190000
NVD-IS: 3.6
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2021-24113
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2021-24113. Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability
FIRST-EPSS: 0.001780000
NVD-IS: 2.5
NVD-ES: 2.8
CVE-2021-24113
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2021-24113. Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability
FIRST-EPSS: 0.001780000
NVD-IS: 2.5
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2022-48116
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2022-48116. AyaCMS v3.1.2 was discovered to contain a remote code execution (RCE) vulnerability via the component /admin/tpl_edit.inc.php.
FIRST-EPSS: 0.001420000
NVD-IS: 5.9
NVD-ES: 1.2
CVE-2022-48116
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2022-48116. AyaCMS v3.1.2 was discovered to contain a remote code execution (RCE) vulnerability via the component /admin/tpl_edit.inc.php.
FIRST-EPSS: 0.001420000
NVD-IS: 5.9
NVD-ES: 1.2
#ExploitObserverAlert
CVE-2022-1386
DESCRIPTION: Exploit Observer has 9 entries related to CVE-2022-1386. The Fusion Builder WordPress plugin before 3.6.2, used in the Avada theme, does not validate a parameter in its forms which could be used to initiate arbitrary HTTP requests. The data returned is then reflected back in the application's response. This could be used to interact with hosts on the server's local network bypassing firewalls and access control measures.
FIRST-EPSS: 0.349690000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2022-1386
DESCRIPTION: Exploit Observer has 9 entries related to CVE-2022-1386. The Fusion Builder WordPress plugin before 3.6.2, used in the Avada theme, does not validate a parameter in its forms which could be used to initiate arbitrary HTTP requests. The data returned is then reflected back in the application's response. This could be used to interact with hosts on the server's local network bypassing firewalls and access control measures.
FIRST-EPSS: 0.349690000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2021-20599
DESCRIPTION: Exploit Observer has 4 entries related to CVE-2021-20599. Cleartext transmission of sensitive information vulnerability in MELSEC iQ-R series Safety CPU R08/16/32/120SFCPU firmware versions "26" and prior and MELSEC iQ-R series SIL2 Process CPU R08/16/32/120PSFCPU all versions allows a remote unauthenticated attacker to login to a target CPU module by obtaining credentials other than password.
FIRST-EPSS: 0.002590000
NVD-IS: 3.6
NVD-ES: 3.9
CVE-2021-20599
DESCRIPTION: Exploit Observer has 4 entries related to CVE-2021-20599. Cleartext transmission of sensitive information vulnerability in MELSEC iQ-R series Safety CPU R08/16/32/120SFCPU firmware versions "26" and prior and MELSEC iQ-R series SIL2 Process CPU R08/16/32/120PSFCPU all versions allows a remote unauthenticated attacker to login to a target CPU module by obtaining credentials other than password.
FIRST-EPSS: 0.002590000
NVD-IS: 3.6
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2021-42712
DESCRIPTION: Exploit Observer has 4 entries related to CVE-2021-42712. Splashtop Streamer through 3.4.8.3 creates a Temporary File in a Directory with Insecure Permissions.
FIRST-EPSS: 0.000440000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2021-42712
DESCRIPTION: Exploit Observer has 4 entries related to CVE-2021-42712. Splashtop Streamer through 3.4.8.3 creates a Temporary File in a Directory with Insecure Permissions.
FIRST-EPSS: 0.000440000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2021-24212
DESCRIPTION: Exploit Observer has 4 entries related to CVE-2021-24212. The WooCommerce Help Scout WordPress plugin before 2.9.1 (https://woocommerce.com/products/woocommerce-help-scout/) allows unauthenticated users to upload any files to the site which by default will end up in wp-content/uploads/hstmp.
FIRST-EPSS: 0.002550000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2021-24212
DESCRIPTION: Exploit Observer has 4 entries related to CVE-2021-24212. The WooCommerce Help Scout WordPress plugin before 2.9.1 (https://woocommerce.com/products/woocommerce-help-scout/) allows unauthenticated users to upload any files to the site which by default will end up in wp-content/uploads/hstmp.
FIRST-EPSS: 0.002550000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2021-31727
DESCRIPTION: Exploit Observer has 5 entries related to CVE-2021-31727. Incorrect access control in zam64.sys, zam32.sys in MalwareFox AntiMalware 2.74.0.150 where IOCTL's 0x80002014, 0x80002018 expose unrestricted disk read/write capabilities respectively. A non-privileged process can open a handle to \.\ZemanaAntiMalware, register with the driver using IOCTL 0x80002010 and send these IOCTL's to escalate privileges by overwriting the boot sector or overwriting critical code in the pagefile.
FIRST-EPSS: 0.000440000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2021-31727
DESCRIPTION: Exploit Observer has 5 entries related to CVE-2021-31727. Incorrect access control in zam64.sys, zam32.sys in MalwareFox AntiMalware 2.74.0.150 where IOCTL's 0x80002014, 0x80002018 expose unrestricted disk read/write capabilities respectively. A non-privileged process can open a handle to \.\ZemanaAntiMalware, register with the driver using IOCTL 0x80002010 and send these IOCTL's to escalate privileges by overwriting the boot sector or overwriting critical code in the pagefile.
FIRST-EPSS: 0.000440000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2020-6383
DESCRIPTION: Exploit Observer has 10 entries related to CVE-2020-6383. Type confusion in V8 in Google Chrome prior to 80.0.3987.116 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
FIRST-EPSS: 0.013800000
NVD-IS: 5.9
NVD-ES: 2.8
CVE-2020-6383
DESCRIPTION: Exploit Observer has 10 entries related to CVE-2020-6383. Type confusion in V8 in Google Chrome prior to 80.0.3987.116 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
FIRST-EPSS: 0.013800000
NVD-IS: 5.9
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2023-34230
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2023-34230. snowflake-connector-net, the Snowflake Connector for .NET, is vulnerable to command injection prior to version 2.0.18 via SSO URL authentication. In order to exploit the potential for command injection, an attacker would need to be successful in (1) establishing a malicious resource and (2) redirecting users to utilize the resource. The attacker could set up a malicious, publicly accessible server which responds to the SSO URL with an attack payload. If the attacker then tricked a user into visiting the maliciously crafted connection URL, the user’s local machine would render the malicious payload, leading to a remote code execution. This attack scenario can be mitigated through URL whitelisting as well as common anti-phishing resources. Version 2.0.18 fixes this issue.
FIRST-EPSS: 0.002700000
NVD-IS: 5.9
NVD-ES: 2.8
CVE-2023-34230
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2023-34230. snowflake-connector-net, the Snowflake Connector for .NET, is vulnerable to command injection prior to version 2.0.18 via SSO URL authentication. In order to exploit the potential for command injection, an attacker would need to be successful in (1) establishing a malicious resource and (2) redirecting users to utilize the resource. The attacker could set up a malicious, publicly accessible server which responds to the SSO URL with an attack payload. If the attacker then tricked a user into visiting the maliciously crafted connection URL, the user’s local machine would render the malicious payload, leading to a remote code execution. This attack scenario can be mitigated through URL whitelisting as well as common anti-phishing resources. Version 2.0.18 fixes this issue.
FIRST-EPSS: 0.002700000
NVD-IS: 5.9
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2023-37920
DESCRIPTION: Exploit Observer has 7 entries related to CVE-2023-37920. Certifi is a curated collection of Root Certificates for validating the trustworthiness of SSL certificates while verifying the identity of TLS hosts. Certifi prior to version 2023.07.22 recognizes "e-Tugra" root certificates. e-Tugra's root certificates were subject to an investigation prompted by reporting of security issues in their systems. Certifi 2023.07.22 removes root certificates from "e-Tugra" from the root store.
FIRST-EPSS: 0.000590000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2023-37920
DESCRIPTION: Exploit Observer has 7 entries related to CVE-2023-37920. Certifi is a curated collection of Root Certificates for validating the trustworthiness of SSL certificates while verifying the identity of TLS hosts. Certifi prior to version 2023.07.22 recognizes "e-Tugra" root certificates. e-Tugra's root certificates were subject to an investigation prompted by reporting of security issues in their systems. Certifi 2023.07.22 removes root certificates from "e-Tugra" from the root store.
FIRST-EPSS: 0.000590000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2023-6801
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2023-6801. The RSS Aggregator by Feedzy – Feed to Post, Autoblogging, News & YouTube Video Feeds Aggregator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 4.3.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with author-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
CVE-2023-6801
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2023-6801. The RSS Aggregator by Feedzy – Feed to Post, Autoblogging, News & YouTube Video Feeds Aggregator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 4.3.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with author-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
#ExploitObserverAlert
CVE-2022-40898
DESCRIPTION: Exploit Observer has 9 entries related to CVE-2022-40898. An issue discovered in Python Packaging Authority (PyPA) Wheel 0.37.1 and earlier allows remote attackers to cause a denial of service via attacker controlled input to wheel cli.
FIRST-EPSS: 0.002590000
NVD-IS: 3.6
NVD-ES: 3.9
CVE-2022-40898
DESCRIPTION: Exploit Observer has 9 entries related to CVE-2022-40898. An issue discovered in Python Packaging Authority (PyPA) Wheel 0.37.1 and earlier allows remote attackers to cause a denial of service via attacker controlled input to wheel cli.
FIRST-EPSS: 0.002590000
NVD-IS: 3.6
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2021-25748
DESCRIPTION: Exploit Observer has 5 entries related to CVE-2021-25748. A security issue was discovered in ingress-nginx where a user that can create or update ingress objects can use a newline character to bypass the sanitization of the `spec.rules[].http.paths[].path` field of an Ingress object (in the `networking.k8s.io` or `extensions` API group) to obtain the credentials of the ingress-nginx controller. In the default configuration, that credential has access to all secrets in the cluster.
FIRST-EPSS: 0.000480000
NVD-IS: 3.6
NVD-ES: 2.8
CVE-2021-25748
DESCRIPTION: Exploit Observer has 5 entries related to CVE-2021-25748. A security issue was discovered in ingress-nginx where a user that can create or update ingress objects can use a newline character to bypass the sanitization of the `spec.rules[].http.paths[].path` field of an Ingress object (in the `networking.k8s.io` or `extensions` API group) to obtain the credentials of the ingress-nginx controller. In the default configuration, that credential has access to all secrets in the cluster.
FIRST-EPSS: 0.000480000
NVD-IS: 3.6
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2021-39192
DESCRIPTION: Exploit Observer has 5 entries related to CVE-2021-39192. Ghost is a Node.js content management system. An error in the implementation of the limits service between versions 4.0.0 and 4.9.4 allows all authenticated users (including contributors) to view admin-level API keys via the integrations API endpoint, leading to a privilege escalation vulnerability. This issue is patched in Ghost version 4.10.0. As a workaround, disable all non-Administrator accounts to prevent API access. It is highly recommended to regenerate all API keys after patching or applying the workaround.
FIRST-EPSS: 0.000950000
NVD-IS: 5.9
NVD-ES: 1.2
CVE-2021-39192
DESCRIPTION: Exploit Observer has 5 entries related to CVE-2021-39192. Ghost is a Node.js content management system. An error in the implementation of the limits service between versions 4.0.0 and 4.9.4 allows all authenticated users (including contributors) to view admin-level API keys via the integrations API endpoint, leading to a privilege escalation vulnerability. This issue is patched in Ghost version 4.10.0. As a workaround, disable all non-Administrator accounts to prevent API access. It is highly recommended to regenerate all API keys after patching or applying the workaround.
FIRST-EPSS: 0.000950000
NVD-IS: 5.9
NVD-ES: 1.2
#ExploitObserverAlert
CVE-2021-30633
DESCRIPTION: Exploit Observer has 6 entries related to CVE-2021-30633. Use after free in Indexed DB API in Google Chrome prior to 93.0.4577.82 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
FIRST-EPSS: 0.004470000
NVD-IS: 6.0
NVD-ES: 2.8
CVE-2021-30633
DESCRIPTION: Exploit Observer has 6 entries related to CVE-2021-30633. Use after free in Indexed DB API in Google Chrome prior to 93.0.4577.82 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
FIRST-EPSS: 0.004470000
NVD-IS: 6.0
NVD-ES: 2.8