#ExploitObserverAlert
CVE-2022-1386
DESCRIPTION: Exploit Observer has 9 entries related to CVE-2022-1386. The Fusion Builder WordPress plugin before 3.6.2, used in the Avada theme, does not validate a parameter in its forms which could be used to initiate arbitrary HTTP requests. The data returned is then reflected back in the application's response. This could be used to interact with hosts on the server's local network bypassing firewalls and access control measures.
FIRST-EPSS: 0.349690000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2022-1386
DESCRIPTION: Exploit Observer has 9 entries related to CVE-2022-1386. The Fusion Builder WordPress plugin before 3.6.2, used in the Avada theme, does not validate a parameter in its forms which could be used to initiate arbitrary HTTP requests. The data returned is then reflected back in the application's response. This could be used to interact with hosts on the server's local network bypassing firewalls and access control measures.
FIRST-EPSS: 0.349690000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2021-20599
DESCRIPTION: Exploit Observer has 4 entries related to CVE-2021-20599. Cleartext transmission of sensitive information vulnerability in MELSEC iQ-R series Safety CPU R08/16/32/120SFCPU firmware versions "26" and prior and MELSEC iQ-R series SIL2 Process CPU R08/16/32/120PSFCPU all versions allows a remote unauthenticated attacker to login to a target CPU module by obtaining credentials other than password.
FIRST-EPSS: 0.002590000
NVD-IS: 3.6
NVD-ES: 3.9
CVE-2021-20599
DESCRIPTION: Exploit Observer has 4 entries related to CVE-2021-20599. Cleartext transmission of sensitive information vulnerability in MELSEC iQ-R series Safety CPU R08/16/32/120SFCPU firmware versions "26" and prior and MELSEC iQ-R series SIL2 Process CPU R08/16/32/120PSFCPU all versions allows a remote unauthenticated attacker to login to a target CPU module by obtaining credentials other than password.
FIRST-EPSS: 0.002590000
NVD-IS: 3.6
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2021-42712
DESCRIPTION: Exploit Observer has 4 entries related to CVE-2021-42712. Splashtop Streamer through 3.4.8.3 creates a Temporary File in a Directory with Insecure Permissions.
FIRST-EPSS: 0.000440000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2021-42712
DESCRIPTION: Exploit Observer has 4 entries related to CVE-2021-42712. Splashtop Streamer through 3.4.8.3 creates a Temporary File in a Directory with Insecure Permissions.
FIRST-EPSS: 0.000440000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2021-24212
DESCRIPTION: Exploit Observer has 4 entries related to CVE-2021-24212. The WooCommerce Help Scout WordPress plugin before 2.9.1 (https://woocommerce.com/products/woocommerce-help-scout/) allows unauthenticated users to upload any files to the site which by default will end up in wp-content/uploads/hstmp.
FIRST-EPSS: 0.002550000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2021-24212
DESCRIPTION: Exploit Observer has 4 entries related to CVE-2021-24212. The WooCommerce Help Scout WordPress plugin before 2.9.1 (https://woocommerce.com/products/woocommerce-help-scout/) allows unauthenticated users to upload any files to the site which by default will end up in wp-content/uploads/hstmp.
FIRST-EPSS: 0.002550000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2021-31727
DESCRIPTION: Exploit Observer has 5 entries related to CVE-2021-31727. Incorrect access control in zam64.sys, zam32.sys in MalwareFox AntiMalware 2.74.0.150 where IOCTL's 0x80002014, 0x80002018 expose unrestricted disk read/write capabilities respectively. A non-privileged process can open a handle to \.\ZemanaAntiMalware, register with the driver using IOCTL 0x80002010 and send these IOCTL's to escalate privileges by overwriting the boot sector or overwriting critical code in the pagefile.
FIRST-EPSS: 0.000440000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2021-31727
DESCRIPTION: Exploit Observer has 5 entries related to CVE-2021-31727. Incorrect access control in zam64.sys, zam32.sys in MalwareFox AntiMalware 2.74.0.150 where IOCTL's 0x80002014, 0x80002018 expose unrestricted disk read/write capabilities respectively. A non-privileged process can open a handle to \.\ZemanaAntiMalware, register with the driver using IOCTL 0x80002010 and send these IOCTL's to escalate privileges by overwriting the boot sector or overwriting critical code in the pagefile.
FIRST-EPSS: 0.000440000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2020-6383
DESCRIPTION: Exploit Observer has 10 entries related to CVE-2020-6383. Type confusion in V8 in Google Chrome prior to 80.0.3987.116 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
FIRST-EPSS: 0.013800000
NVD-IS: 5.9
NVD-ES: 2.8
CVE-2020-6383
DESCRIPTION: Exploit Observer has 10 entries related to CVE-2020-6383. Type confusion in V8 in Google Chrome prior to 80.0.3987.116 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
FIRST-EPSS: 0.013800000
NVD-IS: 5.9
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2023-34230
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2023-34230. snowflake-connector-net, the Snowflake Connector for .NET, is vulnerable to command injection prior to version 2.0.18 via SSO URL authentication. In order to exploit the potential for command injection, an attacker would need to be successful in (1) establishing a malicious resource and (2) redirecting users to utilize the resource. The attacker could set up a malicious, publicly accessible server which responds to the SSO URL with an attack payload. If the attacker then tricked a user into visiting the maliciously crafted connection URL, the user’s local machine would render the malicious payload, leading to a remote code execution. This attack scenario can be mitigated through URL whitelisting as well as common anti-phishing resources. Version 2.0.18 fixes this issue.
FIRST-EPSS: 0.002700000
NVD-IS: 5.9
NVD-ES: 2.8
CVE-2023-34230
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2023-34230. snowflake-connector-net, the Snowflake Connector for .NET, is vulnerable to command injection prior to version 2.0.18 via SSO URL authentication. In order to exploit the potential for command injection, an attacker would need to be successful in (1) establishing a malicious resource and (2) redirecting users to utilize the resource. The attacker could set up a malicious, publicly accessible server which responds to the SSO URL with an attack payload. If the attacker then tricked a user into visiting the maliciously crafted connection URL, the user’s local machine would render the malicious payload, leading to a remote code execution. This attack scenario can be mitigated through URL whitelisting as well as common anti-phishing resources. Version 2.0.18 fixes this issue.
FIRST-EPSS: 0.002700000
NVD-IS: 5.9
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2023-37920
DESCRIPTION: Exploit Observer has 7 entries related to CVE-2023-37920. Certifi is a curated collection of Root Certificates for validating the trustworthiness of SSL certificates while verifying the identity of TLS hosts. Certifi prior to version 2023.07.22 recognizes "e-Tugra" root certificates. e-Tugra's root certificates were subject to an investigation prompted by reporting of security issues in their systems. Certifi 2023.07.22 removes root certificates from "e-Tugra" from the root store.
FIRST-EPSS: 0.000590000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2023-37920
DESCRIPTION: Exploit Observer has 7 entries related to CVE-2023-37920. Certifi is a curated collection of Root Certificates for validating the trustworthiness of SSL certificates while verifying the identity of TLS hosts. Certifi prior to version 2023.07.22 recognizes "e-Tugra" root certificates. e-Tugra's root certificates were subject to an investigation prompted by reporting of security issues in their systems. Certifi 2023.07.22 removes root certificates from "e-Tugra" from the root store.
FIRST-EPSS: 0.000590000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2023-6801
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2023-6801. The RSS Aggregator by Feedzy – Feed to Post, Autoblogging, News & YouTube Video Feeds Aggregator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 4.3.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with author-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
CVE-2023-6801
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2023-6801. The RSS Aggregator by Feedzy – Feed to Post, Autoblogging, News & YouTube Video Feeds Aggregator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 4.3.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with author-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
#ExploitObserverAlert
CVE-2022-40898
DESCRIPTION: Exploit Observer has 9 entries related to CVE-2022-40898. An issue discovered in Python Packaging Authority (PyPA) Wheel 0.37.1 and earlier allows remote attackers to cause a denial of service via attacker controlled input to wheel cli.
FIRST-EPSS: 0.002590000
NVD-IS: 3.6
NVD-ES: 3.9
CVE-2022-40898
DESCRIPTION: Exploit Observer has 9 entries related to CVE-2022-40898. An issue discovered in Python Packaging Authority (PyPA) Wheel 0.37.1 and earlier allows remote attackers to cause a denial of service via attacker controlled input to wheel cli.
FIRST-EPSS: 0.002590000
NVD-IS: 3.6
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2021-25748
DESCRIPTION: Exploit Observer has 5 entries related to CVE-2021-25748. A security issue was discovered in ingress-nginx where a user that can create or update ingress objects can use a newline character to bypass the sanitization of the `spec.rules[].http.paths[].path` field of an Ingress object (in the `networking.k8s.io` or `extensions` API group) to obtain the credentials of the ingress-nginx controller. In the default configuration, that credential has access to all secrets in the cluster.
FIRST-EPSS: 0.000480000
NVD-IS: 3.6
NVD-ES: 2.8
CVE-2021-25748
DESCRIPTION: Exploit Observer has 5 entries related to CVE-2021-25748. A security issue was discovered in ingress-nginx where a user that can create or update ingress objects can use a newline character to bypass the sanitization of the `spec.rules[].http.paths[].path` field of an Ingress object (in the `networking.k8s.io` or `extensions` API group) to obtain the credentials of the ingress-nginx controller. In the default configuration, that credential has access to all secrets in the cluster.
FIRST-EPSS: 0.000480000
NVD-IS: 3.6
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2021-39192
DESCRIPTION: Exploit Observer has 5 entries related to CVE-2021-39192. Ghost is a Node.js content management system. An error in the implementation of the limits service between versions 4.0.0 and 4.9.4 allows all authenticated users (including contributors) to view admin-level API keys via the integrations API endpoint, leading to a privilege escalation vulnerability. This issue is patched in Ghost version 4.10.0. As a workaround, disable all non-Administrator accounts to prevent API access. It is highly recommended to regenerate all API keys after patching or applying the workaround.
FIRST-EPSS: 0.000950000
NVD-IS: 5.9
NVD-ES: 1.2
CVE-2021-39192
DESCRIPTION: Exploit Observer has 5 entries related to CVE-2021-39192. Ghost is a Node.js content management system. An error in the implementation of the limits service between versions 4.0.0 and 4.9.4 allows all authenticated users (including contributors) to view admin-level API keys via the integrations API endpoint, leading to a privilege escalation vulnerability. This issue is patched in Ghost version 4.10.0. As a workaround, disable all non-Administrator accounts to prevent API access. It is highly recommended to regenerate all API keys after patching or applying the workaround.
FIRST-EPSS: 0.000950000
NVD-IS: 5.9
NVD-ES: 1.2
#ExploitObserverAlert
CVE-2021-30633
DESCRIPTION: Exploit Observer has 6 entries related to CVE-2021-30633. Use after free in Indexed DB API in Google Chrome prior to 93.0.4577.82 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
FIRST-EPSS: 0.004470000
NVD-IS: 6.0
NVD-ES: 2.8
CVE-2021-30633
DESCRIPTION: Exploit Observer has 6 entries related to CVE-2021-30633. Use after free in Indexed DB API in Google Chrome prior to 93.0.4577.82 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
FIRST-EPSS: 0.004470000
NVD-IS: 6.0
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2022-1177
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2022-1177. Accounting User Can Download Patient Reports in openemr in GitHub repository openemr/openemr prior to 6.1.0.
FIRST-EPSS: 0.002740000
NVD-IS: 1.4
NVD-ES: 2.8
CVE-2022-1177
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2022-1177. Accounting User Can Download Patient Reports in openemr in GitHub repository openemr/openemr prior to 6.1.0.
FIRST-EPSS: 0.002740000
NVD-IS: 1.4
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2023-40164
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2023-40164. Notepad++ is a free and open-source source code editor. Versions 8.5.6 and prior are vulnerable to global buffer read overflow in `nsCodingStateMachine::NextStater`. The exploitability of this issue is not clear. Potentially, it may be used to leak internal memory allocation information. As of time of publication, no known patches are available in existing versions of Notepad++.
FIRST-EPSS: 0.000520000
NVD-IS: 3.6
NVD-ES: 1.8
CVE-2023-40164
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2023-40164. Notepad++ is a free and open-source source code editor. Versions 8.5.6 and prior are vulnerable to global buffer read overflow in `nsCodingStateMachine::NextStater`. The exploitability of this issue is not clear. Potentially, it may be used to leak internal memory allocation information. As of time of publication, no known patches are available in existing versions of Notepad++.
FIRST-EPSS: 0.000520000
NVD-IS: 3.6
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2023-5044
DESCRIPTION: Exploit Observer has 7 entries related to CVE-2023-5044. Code injection via nginx.ingress.kubernetes.io/permanent-redirect annotation.
FIRST-EPSS: 0.000610000
NVD-IS: 5.9
NVD-ES: 2.8
CVE-2023-5044
DESCRIPTION: Exploit Observer has 7 entries related to CVE-2023-5044. Code injection via nginx.ingress.kubernetes.io/permanent-redirect annotation.
FIRST-EPSS: 0.000610000
NVD-IS: 5.9
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2023-25664
DESCRIPTION: Exploit Observer has 5 entries related to CVE-2023-25664. TensorFlow is an open source platform for machine learning. Prior to versions 2.12.0 and 2.11.1, there is a heap buffer overflow in TAvgPoolGrad. A fix is included in TensorFlow 2.12.0 and 2.11.1.
FIRST-EPSS: 0.000610000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2023-25664
DESCRIPTION: Exploit Observer has 5 entries related to CVE-2023-25664. TensorFlow is an open source platform for machine learning. Prior to versions 2.12.0 and 2.11.1, there is a heap buffer overflow in TAvgPoolGrad. A fix is included in TensorFlow 2.12.0 and 2.11.1.
FIRST-EPSS: 0.000610000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2021-32637
DESCRIPTION: Exploit Observer has 6 entries related to CVE-2021-32637. Authelia is a a single sign-on multi-factor portal for web apps. This affects uses who are using nginx ngx_http_auth_request_module with Authelia, it allows a malicious individual who crafts a malformed HTTP request to bypass the authentication mechanism. It additionally could theoretically affect other proxy servers, but all of the ones we officially support except nginx do not allow malformed URI paths. The problem is rectified entirely in v4.29.3. As this patch is relatively straightforward we can back port this to any version upon request. Alternatively we are supplying a git patch to 4.25.1 which should be relatively straightforward to apply to any version, the git patches for specific versions can be found in the references. The most relevant workaround is upgrading. You can also add a block which fails requests that contains a malformed URI in the internal location block.
FIRST-EPSS: 0.002100000
NVD-IS: 6.0
NVD-ES: 3.9
CVE-2021-32637
DESCRIPTION: Exploit Observer has 6 entries related to CVE-2021-32637. Authelia is a a single sign-on multi-factor portal for web apps. This affects uses who are using nginx ngx_http_auth_request_module with Authelia, it allows a malicious individual who crafts a malformed HTTP request to bypass the authentication mechanism. It additionally could theoretically affect other proxy servers, but all of the ones we officially support except nginx do not allow malformed URI paths. The problem is rectified entirely in v4.29.3. As this patch is relatively straightforward we can back port this to any version upon request. Alternatively we are supplying a git patch to 4.25.1 which should be relatively straightforward to apply to any version, the git patches for specific versions can be found in the references. The most relevant workaround is upgrading. You can also add a block which fails requests that contains a malformed URI in the internal location block.
FIRST-EPSS: 0.002100000
NVD-IS: 6.0
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2021-3271
DESCRIPTION: Exploit Observer has 4 entries related to CVE-2021-3271. PressBooks 5.17.3 contains a cross-site scripting (XSS). Stored XSS can be submitted via the Book Info's Long Description Body, and all actions to open or preview the books page will result in the triggering the stored XSS.
FIRST-EPSS: 0.000630000
NVD-IS: 2.7
NVD-ES: 1.7
CVE-2021-3271
DESCRIPTION: Exploit Observer has 4 entries related to CVE-2021-3271. PressBooks 5.17.3 contains a cross-site scripting (XSS). Stored XSS can be submitted via the Book Info's Long Description Body, and all actions to open or preview the books page will result in the triggering the stored XSS.
FIRST-EPSS: 0.000630000
NVD-IS: 2.7
NVD-ES: 1.7
#ExploitObserverAlert
CVE-2021-3481
DESCRIPTION: Exploit Observer has 6 entries related to CVE-2021-3481. A flaw was found in Qt. An out-of-bounds read vulnerability was found in QRadialFetchSimd in qt/qtbase/src/gui/painting/qdrawhelper_p.h in Qt/Qtbase. While rendering and displaying a crafted Scalable Vector Graphics (SVG) file this flaw may lead to an unauthorized memory access. The highest threat from this vulnerability is to data confidentiality and the application availability.
FIRST-EPSS: 0.000700000
NVD-IS: 5.2
NVD-ES: 1.8
CVE-2021-3481
DESCRIPTION: Exploit Observer has 6 entries related to CVE-2021-3481. A flaw was found in Qt. An out-of-bounds read vulnerability was found in QRadialFetchSimd in qt/qtbase/src/gui/painting/qdrawhelper_p.h in Qt/Qtbase. While rendering and displaying a crafted Scalable Vector Graphics (SVG) file this flaw may lead to an unauthorized memory access. The highest threat from this vulnerability is to data confidentiality and the application availability.
FIRST-EPSS: 0.000700000
NVD-IS: 5.2
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2019-7384
DESCRIPTION: Exploit Observer has 7 entries related to CVE-2019-7384. An authenticated shell command injection issue has been discovered in Raisecom ISCOM HT803G-U, HT803G-W, HT803G-1GE, and HT803G GPON products with the firmware version ISCOMHT803G-U_2.0.0_140521_R4.1.47.002 or below. The value of the fmgpon_loid parameter is used in a system call inside the boa binary. Because there is no user input validation, this leads to authenticated code execution on the device.
FIRST-EPSS: 0.000640000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2019-7384
DESCRIPTION: Exploit Observer has 7 entries related to CVE-2019-7384. An authenticated shell command injection issue has been discovered in Raisecom ISCOM HT803G-U, HT803G-W, HT803G-1GE, and HT803G GPON products with the firmware version ISCOMHT803G-U_2.0.0_140521_R4.1.47.002 or below. The value of the fmgpon_loid parameter is used in a system call inside the boa binary. Because there is no user input validation, this leads to authenticated code execution on the device.
FIRST-EPSS: 0.000640000
NVD-IS: 5.9
NVD-ES: 1.8