#ExploitObserverAlert
CVE-2023-0792
DESCRIPTION: Exploit Observer has 3 entries in 3 file formats related to CVE-2023-0792. Code Injection in GitHub repository thorsten/phpmyfaq prior to 3.1.11.
FIRST-EPSS: 0.000630000
NVD-IS: 2.5
NVD-ES: 2.8
CVE-2023-0792
DESCRIPTION: Exploit Observer has 3 entries in 3 file formats related to CVE-2023-0792. Code Injection in GitHub repository thorsten/phpmyfaq prior to 3.1.11.
FIRST-EPSS: 0.000630000
NVD-IS: 2.5
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2023-33759
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2023-33759. SpliceCom Maximiser Soft PBX v1.5 and before does not restrict excessive authentication attempts, allowing attackers to bypass authentication via a brute force attack.
CVE-2023-33759
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2023-33759. SpliceCom Maximiser Soft PBX v1.5 and before does not restrict excessive authentication attempts, allowing attackers to bypass authentication via a brute force attack.
#ExploitObserverAlert
CVE-2023-51702
DESCRIPTION: Exploit Observer has 3 entries in 2 file formats related to CVE-2023-51702. Since version 5.2.0, when using deferrable mode with the path of a Kubernetes configuration file for authentication, the Airflow worker serializes this configuration file as a dictionary and sends it to the triggerer by storing it in metadata without any encryption. Additionally, if used with an Airflow version between 2.3.0 and 2.6.0, the configuration dictionary will be logged as plain text in the triggerer service without masking. This allows anyone with access to the metadata or triggerer log to obtain the configuration file and use it to access the Kubernetes cluster. This behavior was changed in version 7.0.0, which stopped serializing the file contents and started providing the file path instead to read the contents into the trigger. Users are recommended to upgrade to version 7.0.0, which fixes this issue.
CVE-2023-51702
DESCRIPTION: Exploit Observer has 3 entries in 2 file formats related to CVE-2023-51702. Since version 5.2.0, when using deferrable mode with the path of a Kubernetes configuration file for authentication, the Airflow worker serializes this configuration file as a dictionary and sends it to the triggerer by storing it in metadata without any encryption. Additionally, if used with an Airflow version between 2.3.0 and 2.6.0, the configuration dictionary will be logged as plain text in the triggerer service without masking. This allows anyone with access to the metadata or triggerer log to obtain the configuration file and use it to access the Kubernetes cluster. This behavior was changed in version 7.0.0, which stopped serializing the file contents and started providing the file path instead to read the contents into the trigger. Users are recommended to upgrade to version 7.0.0, which fixes this issue.
#ExploitObserverAlert
CVE-2024-0705
DESCRIPTION: Exploit Observer has 5 entries in 3 file formats related to CVE-2024-0705. The Stripe Payment Plugin for WooCommerce plugin for WordPress is vulnerable to SQL Injection via the 'id' parameter in all versions up to, and including, 3.7.9 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
FIRST-EPSS: 0.000440000
CVE-2024-0705
DESCRIPTION: Exploit Observer has 5 entries in 3 file formats related to CVE-2024-0705. The Stripe Payment Plugin for WooCommerce plugin for WordPress is vulnerable to SQL Injection via the 'id' parameter in all versions up to, and including, 3.7.9 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
FIRST-EPSS: 0.000440000
#ExploitObserverAlert
CVE-2023-52038
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2023-52038. An issue discovered in TOTOLINK X6000R v9.4.0cu.852_B20230719 allows attackers to run arbitrary commands via the sub_415C80 function.
CVE-2023-52038
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2023-52038. An issue discovered in TOTOLINK X6000R v9.4.0cu.852_B20230719 allows attackers to run arbitrary commands via the sub_415C80 function.
#ExploitObserverAlert
CVE-2024-0183
DESCRIPTION: Exploit Observer has 3 entries in 3 file formats related to CVE-2024-0183. A vulnerability was found in RRJ Nueva Ecija Engineer Online Portal 1.0. It has been classified as problematic. This affects an unknown part of the file /admin/students.php of the component NIA Office. The manipulation leads to basic cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-249441 was assigned to this vulnerability.
FIRST-EPSS: 0.000510000
NVD-IS: 2.7
NVD-ES: 1.7
CVE-2024-0183
DESCRIPTION: Exploit Observer has 3 entries in 3 file formats related to CVE-2024-0183. A vulnerability was found in RRJ Nueva Ecija Engineer Online Portal 1.0. It has been classified as problematic. This affects an unknown part of the file /admin/students.php of the component NIA Office. The manipulation leads to basic cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-249441 was assigned to this vulnerability.
FIRST-EPSS: 0.000510000
NVD-IS: 2.7
NVD-ES: 1.7
#ExploitObserverAlert
CVE-2023-0739
DESCRIPTION: Exploit Observer has 3 entries in 2 file formats related to CVE-2023-0739. Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') in GitHub repository answerdev/answer prior to 1.0.4.
FIRST-EPSS: 0.000560000
NVD-IS: 5.2
NVD-ES: 1.6
CVE-2023-0739
DESCRIPTION: Exploit Observer has 3 entries in 2 file formats related to CVE-2023-0739. Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') in GitHub repository answerdev/answer prior to 1.0.4.
FIRST-EPSS: 0.000560000
NVD-IS: 5.2
NVD-ES: 1.6
#ExploitObserverAlert
PSS-176711
DESCRIPTION: Exploit Observer has 3 entries in 2 file formats related to PSS-176711. Red Hat Security Advisory 2024-0387-03. Red Hat Security Advisory 2024-0387-03 - An update for the php:8.1 module is now available for Red Hat Enterprise Linux 9. Issues addressed include a denial of service vulnerability.
PSS-176711
DESCRIPTION: Exploit Observer has 3 entries in 2 file formats related to PSS-176711. Red Hat Security Advisory 2024-0387-03. Red Hat Security Advisory 2024-0387-03 - An update for the php:8.1 module is now available for Red Hat Enterprise Linux 9. Issues addressed include a denial of service vulnerability.
#ExploitObserverAlert
CVE-2023-43989
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2023-43989. An issue in mokumoku chohu mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access token.
CVE-2023-43989
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2023-43989. An issue in mokumoku chohu mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access token.
#ExploitObserverAlert
PD/http/cves/2023/CVE-2023-47211
DESCRIPTION: Exploit Observer has 4 entries in 4 file formats related to PD/HTTP/CVES/2023/CVE-2023-47211. A directory traversal vulnerability exists in the uploadMib functionality of ManageEngine OpManager 12.7.258. A specially crafted HTTP request can lead to arbitrary file creation. An attacker can send a malicious MiB file to trigger this vulnerability.
PD/http/cves/2023/CVE-2023-47211
DESCRIPTION: Exploit Observer has 4 entries in 4 file formats related to PD/HTTP/CVES/2023/CVE-2023-47211. A directory traversal vulnerability exists in the uploadMib functionality of ManageEngine OpManager 12.7.258. A specially crafted HTTP request can lead to arbitrary file creation. An attacker can send a malicious MiB file to trigger this vulnerability.
#ExploitObserverAlert
CVE-2024-21319
DESCRIPTION: Exploit Observer has 6 entries in 3 file formats related to CVE-2024-21319. Microsoft Identity Denial of service vulnerability
FIRST-EPSS: 0.000570000
NVD-IS: 4.0
NVD-ES: 2.3
CVE-2024-21319
DESCRIPTION: Exploit Observer has 6 entries in 3 file formats related to CVE-2024-21319. Microsoft Identity Denial of service vulnerability
FIRST-EPSS: 0.000570000
NVD-IS: 4.0
NVD-ES: 2.3
#ExploitObserverAlert
CVE-2024-0305
DESCRIPTION: Exploit Observer has 6 entries in 3 file formats related to CVE-2024-0305. A vulnerability was found in Guangzhou Yingke Electronic Technology Ncast up to 2017 and classified as problematic. Affected by this issue is some unknown functionality of the file /manage/IPSetup.php of the component Guest Login. The manipulation leads to information disclosure. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-249872.
FIRST-EPSS: 0.000640000
NVD-IS: 3.6
NVD-ES: 3.9
CVE-2024-0305
DESCRIPTION: Exploit Observer has 6 entries in 3 file formats related to CVE-2024-0305. A vulnerability was found in Guangzhou Yingke Electronic Technology Ncast up to 2017 and classified as problematic. Affected by this issue is some unknown functionality of the file /manage/IPSetup.php of the component Guest Login. The manipulation leads to information disclosure. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-249872.
FIRST-EPSS: 0.000640000
NVD-IS: 3.6
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2023-6147
DESCRIPTION: Exploit Observer has 5 entries in 2 file formats related to CVE-2023-6147. Qualys Jenkins Plugin for Policy Compliance prior to version and including 1.0.5 was identified to be affected by a security flaw, which was missing a permission check while performing a connectivity check to Qualys Cloud Services. This allowed any user with login access to configure or edit jobs to utilize the plugin and configure potential a rouge endpoint via which it was possible to control response for certain request which could be injected with XXE payloads leading to XXE while processing the response data
FIRST-EPSS: 0.000460000
NVD-IS: 3.6
NVD-ES: 2.8
CVE-2023-6147
DESCRIPTION: Exploit Observer has 5 entries in 2 file formats related to CVE-2023-6147. Qualys Jenkins Plugin for Policy Compliance prior to version and including 1.0.5 was identified to be affected by a security flaw, which was missing a permission check while performing a connectivity check to Qualys Cloud Services. This allowed any user with login access to configure or edit jobs to utilize the plugin and configure potential a rouge endpoint via which it was possible to control response for certain request which could be injected with XXE payloads leading to XXE while processing the response data
FIRST-EPSS: 0.000460000
NVD-IS: 3.6
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2024-0188
DESCRIPTION: Exploit Observer has 2 entries in 2 file formats related to CVE-2024-0188. A vulnerability, which was classified as problematic, was found in RRJ Nueva Ecija Engineer Online Portal 1.0. This affects an unknown part of the file change_password_teacher.php. The manipulation leads to weak password requirements. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. The identifier VDB-249501 was assigned to this vulnerability.
FIRST-EPSS: 0.000630000
NVD-IS: 5.9
NVD-ES: 2.2
CVE-2024-0188
DESCRIPTION: Exploit Observer has 2 entries in 2 file formats related to CVE-2024-0188. A vulnerability, which was classified as problematic, was found in RRJ Nueva Ecija Engineer Online Portal 1.0. This affects an unknown part of the file change_password_teacher.php. The manipulation leads to weak password requirements. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. The identifier VDB-249501 was assigned to this vulnerability.
FIRST-EPSS: 0.000630000
NVD-IS: 5.9
NVD-ES: 2.2
#ExploitObserverAlert
CVE-2022-42905
DESCRIPTION: Exploit Observer has 6 entries in 4 file formats related to CVE-2022-42905. In wolfSSL before 5.5.2, if callback functions are enabled (via the WOLFSSL_CALLBACKS flag), then a malicious TLS 1.3 client or network attacker can trigger a buffer over-read on the heap of 5 bytes. (WOLFSSL_CALLBACKS is only intended for debugging.)
FIRST-EPSS: 0.001410000
NVD-IS: 5.2
NVD-ES: 3.9
CVE-2022-42905
DESCRIPTION: Exploit Observer has 6 entries in 4 file formats related to CVE-2022-42905. In wolfSSL before 5.5.2, if callback functions are enabled (via the WOLFSSL_CALLBACKS flag), then a malicious TLS 1.3 client or network attacker can trigger a buffer over-read on the heap of 5 bytes. (WOLFSSL_CALLBACKS is only intended for debugging.)
FIRST-EPSS: 0.001410000
NVD-IS: 5.2
NVD-ES: 3.9
#ExploitObserverAlert
WLB-2024010074
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to WLB-2024010074. GL.iNet Unauthenticated Remote Command Execution.
WLB-2024010074
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to WLB-2024010074. GL.iNet Unauthenticated Remote Command Execution.
#ExploitObserverAlert
CVE-2023-0564
DESCRIPTION: Exploit Observer has 4 entries in 4 file formats related to CVE-2023-0564. Weak Password Requirements in GitHub repository froxlor/froxlor prior to 2.0.10.
FIRST-EPSS: 0.000540000
NVD-IS: 3.6
NVD-ES: 3.9
CVE-2023-0564
DESCRIPTION: Exploit Observer has 4 entries in 4 file formats related to CVE-2023-0564. Weak Password Requirements in GitHub repository froxlor/froxlor prior to 2.0.10.
FIRST-EPSS: 0.000540000
NVD-IS: 3.6
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2024-0531
DESCRIPTION: Exploit Observer has 2 entries in 2 file formats related to CVE-2024-0531. A vulnerability was found in Tenda A15 15.13.07.13. It has been classified as critical. This affects an unknown part of the file /goform/setBlackRule of the component Web-based Management Interface. The manipulation of the argument deviceList leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-250701 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
FIRST-EPSS: 0.001140000
NVD-IS: 5.9
NVD-ES: 1.2
CVE-2024-0531
DESCRIPTION: Exploit Observer has 2 entries in 2 file formats related to CVE-2024-0531. A vulnerability was found in Tenda A15 15.13.07.13. It has been classified as critical. This affects an unknown part of the file /goform/setBlackRule of the component Web-based Management Interface. The manipulation of the argument deviceList leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-250701 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
FIRST-EPSS: 0.001140000
NVD-IS: 5.9
NVD-ES: 1.2
#ExploitObserverAlert
GHSA-x6wx-5g28-fwp2
DESCRIPTION: Exploit Observer has 3 entries in 2 file formats related to GHSA-X6WX-5G28-FWP2. Adobe After Effects versions 22.0 (and earlier) and 18.4.2 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
GHSA-x6wx-5g28-fwp2
DESCRIPTION: Exploit Observer has 3 entries in 2 file formats related to GHSA-X6WX-5G28-FWP2. Adobe After Effects versions 22.0 (and earlier) and 18.4.2 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
#ExploitObserverAlert
PSS-176720
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to PSS-176720. GNU Privacy Guard 2.4.4. GnuPG (the GNU Privacy Guard or GPG) is GNU's tool for secure communication and data storage. It can be used to encrypt data and to create digital signatures. It includes an advanced key management facility and is compliant with the proposed OpenPGP Internet standard as described in RFC2440. As such, it is meant to be compatible with PGP from NAI, Inc. Because it does not use any patented algorithms, it can be used without any restrictions.
PSS-176720
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to PSS-176720. GNU Privacy Guard 2.4.4. GnuPG (the GNU Privacy Guard or GPG) is GNU's tool for secure communication and data storage. It can be used to encrypt data and to create digital signatures. It includes an advanced key management facility and is compliant with the proposed OpenPGP Internet standard as described in RFC2440. As such, it is meant to be compatible with PGP from NAI, Inc. Because it does not use any patented algorithms, it can be used without any restrictions.
#ExploitObserverAlert
CVE-2023-33760
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2023-33760. SpliceCom Maximiser Soft PBX v1.5 and before was discovered to utilize a default SSL certificate. This issue can allow attackers to eavesdrop on communications via a man-in-the-middle attack.
CVE-2023-33760
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2023-33760. SpliceCom Maximiser Soft PBX v1.5 and before was discovered to utilize a default SSL certificate. This issue can allow attackers to eavesdrop on communications via a man-in-the-middle attack.