#ExploitObserverAlert
EDB-51746
DESCRIPTION: Exploit Observer has 1 entries related to EDB-51746. OpenPLC WebServer 3 - Denial of Service
EDB-51746
DESCRIPTION: Exploit Observer has 1 entries related to EDB-51746. OpenPLC WebServer 3 - Denial of Service
#ExploitObserverAlert
CVE-2023-5375
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-5375. Open Redirect in GitHub repository mosparo/mosparo prior to 1.0.2.
FIRST-EPSS: 0.000460000
NVD-IS: 2.7
NVD-ES: 2.8
CVE-2023-5375
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-5375. Open Redirect in GitHub repository mosparo/mosparo prior to 1.0.2.
FIRST-EPSS: 0.000460000
NVD-IS: 2.7
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2014-9690
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2014-9690. Huawei home gateways WS318 with software V100R001C01B022 and earlier versions are affected by the PIN offline brute force cracking vulnerability of the WPS protocol because the random number generator (RNG) used in the supplier's solution is not random enough. As a result, brute force cracking the PIN code is easier. After an attacker cracks the PIN, the attacker can access the Internet via the cracked device.
FIRST-EPSS: 0.001680000
NVD-IS: 3.6
NVD-ES: 3.9
CVE-2014-9690
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2014-9690. Huawei home gateways WS318 with software V100R001C01B022 and earlier versions are affected by the PIN offline brute force cracking vulnerability of the WPS protocol because the random number generator (RNG) used in the supplier's solution is not random enough. As a result, brute force cracking the PIN code is easier. After an attacker cracks the PIN, the attacker can access the Internet via the cracked device.
FIRST-EPSS: 0.001680000
NVD-IS: 3.6
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2023-4357
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2023-4357. Insufficient validation of untrusted input in XML in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to bypass file access restrictions via a crafted HTML page. (Chromium security severity: Medium)
FIRST-EPSS: 0.001280000
NVD-IS: 5.9
NVD-ES: 2.8
CVE-2023-4357
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2023-4357. Insufficient validation of untrusted input in XML in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to bypass file access restrictions via a crafted HTML page. (Chromium security severity: Medium)
FIRST-EPSS: 0.001280000
NVD-IS: 5.9
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2021-41773
DESCRIPTION: Exploit Observer has 338 entries related to CVE-2021-41773. A flaw was found in a change made to path normalization in Apache HTTP Server 2.4.49. An attacker could use a path traversal attack to map URLs to files outside the directories configured by Alias-like directives. If files outside of these directories are not protected by the usual default configuration "require all denied", these requests can succeed. If CGI scripts are also enabled for these aliased pathes, this could allow for remote code execution. This issue is known to be exploited in the wild. This issue only affects Apache 2.4.49 and not earlier versions. The fix in Apache HTTP Server 2.4.50 was found to be incomplete, see CVE-2021-42013.
FIRST-EPSS: 0.974240000
NVD-IS: 3.6
NVD-ES: 3.9
CVE-2021-41773
DESCRIPTION: Exploit Observer has 338 entries related to CVE-2021-41773. A flaw was found in a change made to path normalization in Apache HTTP Server 2.4.49. An attacker could use a path traversal attack to map URLs to files outside the directories configured by Alias-like directives. If files outside of these directories are not protected by the usual default configuration "require all denied", these requests can succeed. If CGI scripts are also enabled for these aliased pathes, this could allow for remote code execution. This issue is known to be exploited in the wild. This issue only affects Apache 2.4.49 and not earlier versions. The fix in Apache HTTP Server 2.4.50 was found to be incomplete, see CVE-2021-42013.
FIRST-EPSS: 0.974240000
NVD-IS: 3.6
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2021-4034
DESCRIPTION: Exploit Observer has 532 entries related to CVE-2021-4034. A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is a setuid tool designed to allow unprivileged users to run commands as privileged users according predefined policies. The current version of pkexec doesn't handle the calling parameters count correctly and ends trying to execute environment variables as commands. An attacker can leverage this by crafting environment variables in such a way it'll induce pkexec to execute arbitrary code. When successfully executed the attack can cause a local privilege escalation given unprivileged users administrative rights on the target machine.
FIRST-EPSS: 0.000460000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2021-4034
DESCRIPTION: Exploit Observer has 532 entries related to CVE-2021-4034. A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is a setuid tool designed to allow unprivileged users to run commands as privileged users according predefined policies. The current version of pkexec doesn't handle the calling parameters count correctly and ends trying to execute environment variables as commands. An attacker can leverage this by crafting environment variables in such a way it'll induce pkexec to execute arbitrary code. When successfully executed the attack can cause a local privilege escalation given unprivileged users administrative rights on the target machine.
FIRST-EPSS: 0.000460000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2023-46604
DESCRIPTION: Exploit Observer has 23 entries related to CVE-2023-46604. The Java OpenWire protocol marshaller is vulnerable to Remote Code Execution. This vulnerability may allow a remote attacker with network access to either a Java-based OpenWire broker or client to run arbitrary shell commands by manipulating serialized class types in the OpenWire protocol to cause either the client or the broker (respectively) to instantiate any class on the classpath. Users are recommended to upgrade both brokers and clients to version 5.15.16, 5.16.7, 5.17.6, or 5.18.3 which fixes this issue.
FIRST-EPSS: 0.965740000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2023-46604
DESCRIPTION: Exploit Observer has 23 entries related to CVE-2023-46604. The Java OpenWire protocol marshaller is vulnerable to Remote Code Execution. This vulnerability may allow a remote attacker with network access to either a Java-based OpenWire broker or client to run arbitrary shell commands by manipulating serialized class types in the OpenWire protocol to cause either the client or the broker (respectively) to instantiate any class on the classpath. Users are recommended to upgrade both brokers and clients to version 5.15.16, 5.16.7, 5.17.6, or 5.18.3 which fixes this issue.
FIRST-EPSS: 0.965740000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
GHSA-w9cp-3x79-2p8p
DESCRIPTION: Exploit Observer has 1 entries related to GHSA-W9CP-3X79-2P8P. Unsafe YAML deserialization in yaml.Loader in transmute-core before 1.13.5 allows attackers to execute arbitrary Python code.
GHSS: 9.8
GHSA-w9cp-3x79-2p8p
DESCRIPTION: Exploit Observer has 1 entries related to GHSA-W9CP-3X79-2P8P. Unsafe YAML deserialization in yaml.Loader in transmute-core before 1.13.5 allows attackers to execute arbitrary Python code.
GHSS: 9.8
#ExploitObserverAlert
GHSA-jwfv-vj48-p3xq
DESCRIPTION: Exploit Observer has 1 entries related to GHSA-JWFV-VJ48-P3XQ. Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30467 (and earlier) are affected by an Information Disclosure vulnerability. An unauthenticated attacker could leverage this vulnerability to obtain NTLMv2 credentials. Exploitation of this issue requires user interaction in that a victim must open a maliciously crafted Microsoft Office file, or visit an attacker controlled web page.
GHSS: 5.5
GHSA-jwfv-vj48-p3xq
DESCRIPTION: Exploit Observer has 1 entries related to GHSA-JWFV-VJ48-P3XQ. Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30467 (and earlier) are affected by an Information Disclosure vulnerability. An unauthenticated attacker could leverage this vulnerability to obtain NTLMv2 credentials. Exploitation of this issue requires user interaction in that a victim must open a maliciously crafted Microsoft Office file, or visit an attacker controlled web page.
GHSS: 5.5
#ExploitObserverAlert
GHSA-mf3w-j4fp-pv84
DESCRIPTION: Exploit Observer has 2 entries related to GHSA-MF3W-J4FP-PV84. In MtpPropertyValue of MtpProperty.h, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
GHSS: 7.8
GHSA-mf3w-j4fp-pv84
DESCRIPTION: Exploit Observer has 2 entries related to GHSA-MF3W-J4FP-PV84. In MtpPropertyValue of MtpProperty.h, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
GHSS: 7.8
#ExploitObserverAlert
GHSA-pfvh-chxv-ccfm
DESCRIPTION: Exploit Observer has 15 entries related to GHSA-PFVH-CHXV-CCFM. In IceWarp Webmail Server through 11.4.4.1, there is XSS in the /webmail/ color parameter.
GHSA-pfvh-chxv-ccfm
DESCRIPTION: Exploit Observer has 15 entries related to GHSA-PFVH-CHXV-CCFM. In IceWarp Webmail Server through 11.4.4.1, there is XSS in the /webmail/ color parameter.
#ExploitObserverAlert
GHSA-p97h-9fxf-wpq6
DESCRIPTION: Exploit Observer has 19 entries related to GHSA-P97H-9FXF-WPQ6. A command injection vulnerability in the wsConvertPpt component of Chamilo v1.11.* up to v1.11.18 allows attackers to execute arbitrary commands via a SOAP API call with a crafted PowerPoint name.
GHSS: 9.8
GHSA-p97h-9fxf-wpq6
DESCRIPTION: Exploit Observer has 19 entries related to GHSA-P97H-9FXF-WPQ6. A command injection vulnerability in the wsConvertPpt component of Chamilo v1.11.* up to v1.11.18 allows attackers to execute arbitrary commands via a SOAP API call with a crafted PowerPoint name.
GHSS: 9.8
#ExploitObserverAlert
GHSA-p8vw-m6qq-w42v
DESCRIPTION: Exploit Observer has 4 entries related to GHSA-P8VW-M6QQ-W42V. read_ints in plistlib.py in Python through 3.9.1 is vulnerable to a potential DoS attack via CPU and RAM exhaustion when processing malformed Apple Property List files in binary format.
GHSS: 6.5
GHSA-p8vw-m6qq-w42v
DESCRIPTION: Exploit Observer has 4 entries related to GHSA-P8VW-M6QQ-W42V. read_ints in plistlib.py in Python through 3.9.1 is vulnerable to a potential DoS attack via CPU and RAM exhaustion when processing malformed Apple Property List files in binary format.
GHSS: 6.5
#ExploitObserverAlert
CVE-2017-7921
DESCRIPTION: Exploit Observer has 40 entries related to CVE-2017-7921. An Improper Authentication issue was discovered in Hikvision DS-2CD2xx2F-I Series V5.2.0 build 140721 to V5.4.0 build 160530, DS-2CD2xx0F-I Series V5.2.0 build 140721 to V5.4.0 Build 160401, DS-2CD2xx2FWD Series V5.3.1 build 150410 to V5.4.4 Build 161125, DS-2CD4x2xFWD Series V5.2.0 build 140721 to V5.4.0 Build 160414, DS-2CD4xx5 Series V5.2.0 build 140721 to V5.4.0 Build 160421, DS-2DFx Series V5.2.0 build 140805 to V5.4.5 Build 160928, and DS-2CD63xx Series V5.0.9 build 140305 to V5.3.5 Build 160106 devices. The improper authentication vulnerability occurs when an application does not adequately or correctly authenticate users. This may allow a malicious user to escalate his or her privileges on the system and gain access to sensitive information.
FIRST-EPSS: 0.013610000
NVD-IS: 6.0
NVD-ES: 3.9
CVE-2017-7921
DESCRIPTION: Exploit Observer has 40 entries related to CVE-2017-7921. An Improper Authentication issue was discovered in Hikvision DS-2CD2xx2F-I Series V5.2.0 build 140721 to V5.4.0 build 160530, DS-2CD2xx0F-I Series V5.2.0 build 140721 to V5.4.0 Build 160401, DS-2CD2xx2FWD Series V5.3.1 build 150410 to V5.4.4 Build 161125, DS-2CD4x2xFWD Series V5.2.0 build 140721 to V5.4.0 Build 160414, DS-2CD4xx5 Series V5.2.0 build 140721 to V5.4.0 Build 160421, DS-2DFx Series V5.2.0 build 140805 to V5.4.5 Build 160928, and DS-2CD63xx Series V5.0.9 build 140305 to V5.3.5 Build 160106 devices. The improper authentication vulnerability occurs when an application does not adequately or correctly authenticate users. This may allow a malicious user to escalate his or her privileges on the system and gain access to sensitive information.
FIRST-EPSS: 0.013610000
NVD-IS: 6.0
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2023-1177
DESCRIPTION: Exploit Observer has 9 entries related to CVE-2023-1177. Path Traversal: '\..\filename' in GitHub repository mlflow/mlflow prior to 2.2.1.
FIRST-EPSS: 0.022630000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2023-1177
DESCRIPTION: Exploit Observer has 9 entries related to CVE-2023-1177. Path Traversal: '\..\filename' in GitHub repository mlflow/mlflow prior to 2.2.1.
FIRST-EPSS: 0.022630000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2017-8917
DESCRIPTION: Exploit Observer has 56 entries related to CVE-2017-8917. SQL injection vulnerability in Joomla! 3.7.x before 3.7.1 allows attackers to execute arbitrary SQL commands via unspecified vectors.
FIRST-EPSS: 0.975550000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2017-8917
DESCRIPTION: Exploit Observer has 56 entries related to CVE-2017-8917. SQL injection vulnerability in Joomla! 3.7.x before 3.7.1 allows attackers to execute arbitrary SQL commands via unspecified vectors.
FIRST-EPSS: 0.975550000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
GHSA-rcjv-mgp8-qvmr
DESCRIPTION: Exploit Observer has 1 entries related to GHSA-RCJV-MGP8-QVMR.
GHSS: 7.5
GHSA-rcjv-mgp8-qvmr
DESCRIPTION: Exploit Observer has 1 entries related to GHSA-RCJV-MGP8-QVMR.
GHSS: 7.5
#ExploitObserverAlert
CVE-2023-5142
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-5142. A vulnerability classified as problematic was found in H3C GR-1100-P, GR-1108-P, GR-1200W, GR-1800AX, GR-2200, GR-3200, GR-5200, GR-8300, ER2100n, ER2200G2, ER3200G2, ER3260G2, ER5100G2, ER5200G2 and ER6300G2 up to 20230908. This vulnerability affects unknown code of the file /userLogin.asp of the component Config File Handler. The manipulation leads to path traversal. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. VDB-240238 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
FIRST-EPSS: 0.000520000
NVD-IS: 1.4
NVD-ES: 3.9
CVE-2023-5142
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-5142. A vulnerability classified as problematic was found in H3C GR-1100-P, GR-1108-P, GR-1200W, GR-1800AX, GR-2200, GR-3200, GR-5200, GR-8300, ER2100n, ER2200G2, ER3200G2, ER3260G2, ER5100G2, ER5200G2 and ER6300G2 up to 20230908. This vulnerability affects unknown code of the file /userLogin.asp of the component Config File Handler. The manipulation leads to path traversal. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. VDB-240238 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
FIRST-EPSS: 0.000520000
NVD-IS: 1.4
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2022-0337
DESCRIPTION: Exploit Observer has 12 entries related to CVE-2022-0337. Inappropriate implementation in File System API in Google Chrome on Windows prior to 97.0.4692.71 allowed a remote attacker to obtain potentially sensitive information via a crafted HTML page. (Chrome security severity: High)
FIRST-EPSS: 0.000680000
NVD-IS: 3.6
NVD-ES: 2.8
CVE-2022-0337
DESCRIPTION: Exploit Observer has 12 entries related to CVE-2022-0337. Inappropriate implementation in File System API in Google Chrome on Windows prior to 97.0.4692.71 allowed a remote attacker to obtain potentially sensitive information via a crafted HTML page. (Chrome security severity: High)
FIRST-EPSS: 0.000680000
NVD-IS: 3.6
NVD-ES: 2.8
#ExploitObserverAlert
GHSA-qqvq-6xgj-jw8g
DESCRIPTION: Exploit Observer has 16 entries related to GHSA-QQVQ-6XGJ-JW8G.
GHSS: 8.8
GHSA-qqvq-6xgj-jw8g
DESCRIPTION: Exploit Observer has 16 entries related to GHSA-QQVQ-6XGJ-JW8G.
GHSS: 8.8
#ExploitObserverAlert
CVE-2023-4357
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2023-4357. Insufficient validation of untrusted input in XML in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to bypass file access restrictions via a crafted HTML page. (Chromium security severity: Medium)
FIRST-EPSS: 0.001280000
NVD-IS: 5.9
NVD-ES: 2.8
CVE-2023-4357
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2023-4357. Insufficient validation of untrusted input in XML in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to bypass file access restrictions via a crafted HTML page. (Chromium security severity: Medium)
FIRST-EPSS: 0.001280000
NVD-IS: 5.9
NVD-ES: 2.8