#ExploitObserverAlert
CVE-2023-48104
DESCRIPTION: Exploit Observer has 2 entries in 2 file formats related to CVE-2023-48104. Alinto SOGo 5.8.0 is vulnerable to HTML Injection.
FIRST-EPSS: 0.000430000
CVE-2023-48104
DESCRIPTION: Exploit Observer has 2 entries in 2 file formats related to CVE-2023-48104. Alinto SOGo 5.8.0 is vulnerable to HTML Injection.
FIRST-EPSS: 0.000430000
#ExploitObserverAlert
GHSA-ppxx-5m9h-6vxf
DESCRIPTION: Exploit Observer has 2 entries in 2 file formats related to GHSA-PPXX-5M9H-6VXF. An attacker can cause its peer to run out of memory sending a large number of PATH_CHALLENGE frames. The receiver is supposed to respond to each PATH_CHALLENGE frame with a PATH_RESPONSE frame. The attacker can prevent the receiver from sending out (the vast majority of) these PATH_RESPONSE frames by collapsing the peers congestion window (by selectively acknowledging received packets) and by manipulating the peer's RTT estimate.
GHSS: 6.4
GHSA-ppxx-5m9h-6vxf
DESCRIPTION: Exploit Observer has 2 entries in 2 file formats related to GHSA-PPXX-5M9H-6VXF. An attacker can cause its peer to run out of memory sending a large number of PATH_CHALLENGE frames. The receiver is supposed to respond to each PATH_CHALLENGE frame with a PATH_RESPONSE frame. The attacker can prevent the receiver from sending out (the vast majority of) these PATH_RESPONSE frames by collapsing the peers congestion window (by selectively acknowledging received packets) and by manipulating the peer's RTT estimate.
GHSS: 6.4
#ExploitObserverAlert
CVE-2023-6915
DESCRIPTION: Exploit Observer has 3 entries in 2 file formats related to CVE-2023-6915. A Null pointer dereference problem was found in ida_free in lib/idr.c in the Linux Kernel. This issue may allow an attacker using this library to cause a denial of service problem due to a missing check at a function return.
FIRST-EPSS: 0.000450000
CVE-2023-6915
DESCRIPTION: Exploit Observer has 3 entries in 2 file formats related to CVE-2023-6915. A Null pointer dereference problem was found in ida_free in lib/idr.c in the Linux Kernel. This issue may allow an attacker using this library to cause a denial of service problem due to a missing check at a function return.
FIRST-EPSS: 0.000450000
#ExploitObserverAlert
CVE-2023-5808
DESCRIPTION: Exploit Observer has 3 entries in 2 file formats related to CVE-2023-5808. SMU versions prior to 14.8.7825.01 are susceptible to unintended information disclosure, through URL manipulation. Authenticated users in a Storage administrative role are able to access HNAS configuration backup and diagnostic data, that would normally be barred to that specific administrative role.
FIRST-EPSS: 0.000490000
NVD-IS: 3.6
NVD-ES: 2.8
CVE-2023-5808
DESCRIPTION: Exploit Observer has 3 entries in 2 file formats related to CVE-2023-5808. SMU versions prior to 14.8.7825.01 are susceptible to unintended information disclosure, through URL manipulation. Authenticated users in a Storage administrative role are able to access HNAS configuration backup and diagnostic data, that would normally be barred to that specific administrative role.
FIRST-EPSS: 0.000490000
NVD-IS: 3.6
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2023-51257
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2023-51257. An invalid memory write issue in Jasper-Software Jasper v.4.1.1 and before allows a local attacker to execute arbitrary code.
FIRST-EPSS: 0.000420000
CVE-2023-51257
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2023-51257. An invalid memory write issue in Jasper-Software Jasper v.4.1.1 and before allows a local attacker to execute arbitrary code.
FIRST-EPSS: 0.000420000
#ExploitObserverAlert
CVE-2023-51059
DESCRIPTION: Exploit Observer has 2 entries in 2 file formats related to CVE-2023-51059. An issue in MOKO TECHNOLOGY LTD MOKOSmart MKGW1 BLE Gateway v.1.1.1 and before allows a remote attacker to escalate privileges via the session management component of the administrative web interface.
FIRST-EPSS: 0.000470000
CVE-2023-51059
DESCRIPTION: Exploit Observer has 2 entries in 2 file formats related to CVE-2023-51059. An issue in MOKO TECHNOLOGY LTD MOKOSmart MKGW1 BLE Gateway v.1.1.1 and before allows a remote attacker to escalate privileges via the session management component of the administrative web interface.
FIRST-EPSS: 0.000470000
#ExploitObserverAlert
CVE-2023-21266
DESCRIPTION: Exploit Observer has 3 entries in 2 file formats related to CVE-2023-21266. In killBackgroundProcesses of ActivityManagerService.java, there is a possible way to escape Google Play protection due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
FIRST-EPSS: 0.000420000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2023-21266
DESCRIPTION: Exploit Observer has 3 entries in 2 file formats related to CVE-2023-21266. In killBackgroundProcesses of ActivityManagerService.java, there is a possible way to escape Google Play protection due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
FIRST-EPSS: 0.000420000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2024-21305
DESCRIPTION: Exploit Observer has 3 entries in 2 file formats related to CVE-2024-21305. Hypervisor-Protected Code Integrity (HVCI) Security Feature Bypass Vulnerability
FIRST-EPSS: 0.000480000
NVD-IS: 3.6
NVD-ES: 0.8
CVE-2024-21305
DESCRIPTION: Exploit Observer has 3 entries in 2 file formats related to CVE-2024-21305. Hypervisor-Protected Code Integrity (HVCI) Security Feature Bypass Vulnerability
FIRST-EPSS: 0.000480000
NVD-IS: 3.6
NVD-ES: 0.8
#ExploitObserverAlert
GHSA-vwv2-9wcj-64vx
DESCRIPTION: Exploit Observer has 3 entries in 2 file formats related to GHSA-VWV2-9WCJ-64VX. Firefly III (aka firefly-iii) before 6.1.1 allows webhooks HTML Injection.
GHSS: 6.5
GHSA-vwv2-9wcj-64vx
DESCRIPTION: Exploit Observer has 3 entries in 2 file formats related to GHSA-VWV2-9WCJ-64VX. Firefly III (aka firefly-iii) before 6.1.1 allows webhooks HTML Injection.
GHSS: 6.5
#ExploitObserverAlert
CVE-2023-41619
DESCRIPTION: Exploit Observer has 2 entries in 2 file formats related to CVE-2023-41619. Emlog Pro v2.1.14 was discovered to contain a cross-site scripting (XSS) vulnerability via the component /admin/article.php?action=write.
FIRST-EPSS: 0.000430000
CVE-2023-41619
DESCRIPTION: Exploit Observer has 2 entries in 2 file formats related to CVE-2023-41619. Emlog Pro v2.1.14 was discovered to contain a cross-site scripting (XSS) vulnerability via the component /admin/article.php?action=write.
FIRST-EPSS: 0.000430000
#ExploitObserverAlert
CVE-2023-20963
DESCRIPTION: Exploit Observer has 4 entries in 2 file formats related to CVE-2023-20963. In WorkSource, there is a possible parcel mismatch. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-220302519
FIRST-EPSS: 0.002240000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2023-20963
DESCRIPTION: Exploit Observer has 4 entries in 2 file formats related to CVE-2023-20963. In WorkSource, there is a possible parcel mismatch. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-220302519
FIRST-EPSS: 0.002240000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2023-24023
DESCRIPTION: Exploit Observer has 7 entries in 2 file formats related to CVE-2023-24023. Bluetooth BR/EDR devices with Secure Simple Pairing and Secure Connections pairing in Bluetooth Core Specification 4.2 through 5.4 allow certain man-in-the-middle attacks that force a short key length, and might lead to discovery of the encryption key and live injection, aka BLUFFS.
FIRST-EPSS: 0.000460000
NVD-IS: 5.2
NVD-ES: 1.6
CVE-2023-24023
DESCRIPTION: Exploit Observer has 7 entries in 2 file formats related to CVE-2023-24023. Bluetooth BR/EDR devices with Secure Simple Pairing and Secure Connections pairing in Bluetooth Core Specification 4.2 through 5.4 allow certain man-in-the-middle attacks that force a short key length, and might lead to discovery of the encryption key and live injection, aka BLUFFS.
FIRST-EPSS: 0.000460000
NVD-IS: 5.2
NVD-ES: 1.6
#ExploitObserverAlert
CVE-2023-22527
DESCRIPTION: Exploit Observer has 5 entries in 2 file formats related to CVE-2023-22527. A template injection vulnerability on older versions of Confluence Data Center and Server allows an unauthenticated attacker to achieve RCE on an affected instance. Customers using an affected version must take immediate action. Most recent supported versions of Confluence Data Center and Server are not affected by this vulnerability as it was ultimately mitigated during regular version updates. However, Atlassian recommends that customers take care to install the latest version to protect their instances from non-critical vulnerabilities outlined in Atlassian’s January Security Bulletin.
FIRST-EPSS: 0.000440000
CVE-2023-22527
DESCRIPTION: Exploit Observer has 5 entries in 2 file formats related to CVE-2023-22527. A template injection vulnerability on older versions of Confluence Data Center and Server allows an unauthenticated attacker to achieve RCE on an affected instance. Customers using an affected version must take immediate action. Most recent supported versions of Confluence Data Center and Server are not affected by this vulnerability as it was ultimately mitigated during regular version updates. However, Atlassian recommends that customers take care to install the latest version to protect their instances from non-critical vulnerabilities outlined in Atlassian’s January Security Bulletin.
FIRST-EPSS: 0.000440000
#ExploitObserverAlert
CVE-2023-6395
DESCRIPTION: Exploit Observer has 5 entries in 2 file formats related to CVE-2023-6395. The Mock software contains a vulnerability wherein an attacker could potentially exploit privilege escalation, enabling the execution of arbitrary code with root user privileges. This weakness stems from the absence of proper sandboxing during the expansion and execution of Jinja2 templates, which may be included in certain configuration parameters. While the Mock documentation advises treating users added to the mock group as privileged, certain build systems invoking mock on behalf of users might inadvertently permit less privileged users to define configuration tags. These tags could then be passed as parameters to mock during execution, potentially leading to the utilization of Jinja2 templates for remote privilege escalation and the execution of arbitrary code as the root user on the build server.
FIRST-EPSS: 0.000640000
CVE-2023-6395
DESCRIPTION: Exploit Observer has 5 entries in 2 file formats related to CVE-2023-6395. The Mock software contains a vulnerability wherein an attacker could potentially exploit privilege escalation, enabling the execution of arbitrary code with root user privileges. This weakness stems from the absence of proper sandboxing during the expansion and execution of Jinja2 templates, which may be included in certain configuration parameters. While the Mock documentation advises treating users added to the mock group as privileged, certain build systems invoking mock on behalf of users might inadvertently permit less privileged users to define configuration tags. These tags could then be passed as parameters to mock during execution, potentially leading to the utilization of Jinja2 templates for remote privilege escalation and the execution of arbitrary code as the root user on the build server.
FIRST-EPSS: 0.000640000
#ExploitObserverAlert
CVE-2023-43955
DESCRIPTION: Exploit Observer has 3 entries in 2 file formats related to CVE-2023-43955. The com.phlox.tvwebbrowser TV Bro application through 2.0.0 for Android mishandles external intents through WebView. This allows attackers to execute arbitrary code, create arbitrary files. and perform arbitrary downloads via JavaScript that uses takeBlobDownloadData.
FIRST-EPSS: 0.002610000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2023-43955
DESCRIPTION: Exploit Observer has 3 entries in 2 file formats related to CVE-2023-43955. The com.phlox.tvwebbrowser TV Bro application through 2.0.0 for Android mishandles external intents through WebView. This allows attackers to execute arbitrary code, create arbitrary files. and perform arbitrary downloads via JavaScript that uses takeBlobDownloadData.
FIRST-EPSS: 0.002610000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
MSF/exploit_linux/local/ansible_node_deployer
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to MSF/EXPLOIT_LINUX/LOCAL/ANSIBLE_NODE_DEPLOYER. This exploit module creates an ansible module for deployment to nodes in the network. It creates a new yaml playbook which copies our payload, chmods it, then runs it on all targets which have been selected (default all).
MSF/exploit_linux/local/ansible_node_deployer
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to MSF/EXPLOIT_LINUX/LOCAL/ANSIBLE_NODE_DEPLOYER. This exploit module creates an ansible module for deployment to nodes in the network. It creates a new yaml playbook which copies our payload, chmods it, then runs it on all targets which have been selected (default all).
#ExploitObserverAlert
GHSA-85rf-xh54-whp3
DESCRIPTION: Exploit Observer has 3 entries in 2 file formats related to GHSA-85RF-XH54-WHP3. A path traversal vulnerability was detected in iodine's static file service. This vulnerability effects any application running iodine's static file server on an effected iodine version.
GHSA-85rf-xh54-whp3
DESCRIPTION: Exploit Observer has 3 entries in 2 file formats related to GHSA-85RF-XH54-WHP3. A path traversal vulnerability was detected in iodine's static file service. This vulnerability effects any application running iodine's static file server on an effected iodine version.
#ExploitObserverAlert
CVE-2022-1223
DESCRIPTION: Exploit Observer has 3 entries in 3 file formats related to CVE-2022-1223. Incorrect Authorization in GitHub repository phpipam/phpipam prior to 1.4.6.
FIRST-EPSS: 0.000610000
NVD-IS: 3.6
NVD-ES: 2.8
CVE-2022-1223
DESCRIPTION: Exploit Observer has 3 entries in 3 file formats related to CVE-2022-1223. Incorrect Authorization in GitHub repository phpipam/phpipam prior to 1.4.6.
FIRST-EPSS: 0.000610000
NVD-IS: 3.6
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2024-22409
DESCRIPTION: Exploit Observer has 2 entries in 2 file formats related to CVE-2024-22409. DataHub is an open-source metadata platform. In affected versions a low privileged user could remove a user, edit group members, or edit another user's profile information. The default privileges gave too many broad permissions to low privileged users. These have been constrained in PR #9067 to prevent abuse. This issue can result in privilege escalation for lower privileged users up to admin privileges, potentially, if a group with admin privileges exists. May not impact instances that have modified default privileges. This issue has been addressed in datahub version 0.12.1. Users are advised to upgrade.
CVE-2024-22409
DESCRIPTION: Exploit Observer has 2 entries in 2 file formats related to CVE-2024-22409. DataHub is an open-source metadata platform. In affected versions a low privileged user could remove a user, edit group members, or edit another user's profile information. The default privileges gave too many broad permissions to low privileged users. These have been constrained in PR #9067 to prevent abuse. This issue can result in privilege escalation for lower privileged users up to admin privileges, potentially, if a group with admin privileges exists. May not impact instances that have modified default privileges. This issue has been addressed in datahub version 0.12.1. Users are advised to upgrade.
#ExploitObserverAlert
ZDI-23-1836
DESCRIPTION: Exploit Observer has 2 entries in 2 file formats related to ZDI-23-1836. Linux Mint Xreader CBT File Parsing Argument Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Linux Mint Xreader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2023-44452.
ZDI-23-1836
DESCRIPTION: Exploit Observer has 2 entries in 2 file formats related to ZDI-23-1836. Linux Mint Xreader CBT File Parsing Argument Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Linux Mint Xreader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2023-44452.
#ExploitObserverAlert
CVE-2024-22920
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2024-22920. swftools 0.9.2 was discovered to contain a heap-use-after-free via the function bufferWriteData in swftools/lib/action/compile.c.
CVE-2024-22920
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2024-22920. swftools 0.9.2 was discovered to contain a heap-use-after-free via the function bufferWriteData in swftools/lib/action/compile.c.