#ExploitObserverAlert
CVE-2021-4034
DESCRIPTION: Exploit Observer has 532 entries related to CVE-2021-4034. A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is a setuid tool designed to allow unprivileged users to run commands as privileged users according predefined policies. The current version of pkexec doesn't handle the calling parameters count correctly and ends trying to execute environment variables as commands. An attacker can leverage this by crafting environment variables in such a way it'll induce pkexec to execute arbitrary code. When successfully executed the attack can cause a local privilege escalation given unprivileged users administrative rights on the target machine.
FIRST-EPSS: 0.000460000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2021-4034
DESCRIPTION: Exploit Observer has 532 entries related to CVE-2021-4034. A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is a setuid tool designed to allow unprivileged users to run commands as privileged users according predefined policies. The current version of pkexec doesn't handle the calling parameters count correctly and ends trying to execute environment variables as commands. An attacker can leverage this by crafting environment variables in such a way it'll induce pkexec to execute arbitrary code. When successfully executed the attack can cause a local privilege escalation given unprivileged users administrative rights on the target machine.
FIRST-EPSS: 0.000460000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2023-46604
DESCRIPTION: Exploit Observer has 23 entries related to CVE-2023-46604. The Java OpenWire protocol marshaller is vulnerable to Remote Code Execution. This vulnerability may allow a remote attacker with network access to either a Java-based OpenWire broker or client to run arbitrary shell commands by manipulating serialized class types in the OpenWire protocol to cause either the client or the broker (respectively) to instantiate any class on the classpath. Users are recommended to upgrade both brokers and clients to version 5.15.16, 5.16.7, 5.17.6, or 5.18.3 which fixes this issue.
FIRST-EPSS: 0.965740000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2023-46604
DESCRIPTION: Exploit Observer has 23 entries related to CVE-2023-46604. The Java OpenWire protocol marshaller is vulnerable to Remote Code Execution. This vulnerability may allow a remote attacker with network access to either a Java-based OpenWire broker or client to run arbitrary shell commands by manipulating serialized class types in the OpenWire protocol to cause either the client or the broker (respectively) to instantiate any class on the classpath. Users are recommended to upgrade both brokers and clients to version 5.15.16, 5.16.7, 5.17.6, or 5.18.3 which fixes this issue.
FIRST-EPSS: 0.965740000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
GHSA-w9cp-3x79-2p8p
DESCRIPTION: Exploit Observer has 1 entries related to GHSA-W9CP-3X79-2P8P. Unsafe YAML deserialization in yaml.Loader in transmute-core before 1.13.5 allows attackers to execute arbitrary Python code.
GHSS: 9.8
GHSA-w9cp-3x79-2p8p
DESCRIPTION: Exploit Observer has 1 entries related to GHSA-W9CP-3X79-2P8P. Unsafe YAML deserialization in yaml.Loader in transmute-core before 1.13.5 allows attackers to execute arbitrary Python code.
GHSS: 9.8
#ExploitObserverAlert
GHSA-jwfv-vj48-p3xq
DESCRIPTION: Exploit Observer has 1 entries related to GHSA-JWFV-VJ48-P3XQ. Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30467 (and earlier) are affected by an Information Disclosure vulnerability. An unauthenticated attacker could leverage this vulnerability to obtain NTLMv2 credentials. Exploitation of this issue requires user interaction in that a victim must open a maliciously crafted Microsoft Office file, or visit an attacker controlled web page.
GHSS: 5.5
GHSA-jwfv-vj48-p3xq
DESCRIPTION: Exploit Observer has 1 entries related to GHSA-JWFV-VJ48-P3XQ. Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30467 (and earlier) are affected by an Information Disclosure vulnerability. An unauthenticated attacker could leverage this vulnerability to obtain NTLMv2 credentials. Exploitation of this issue requires user interaction in that a victim must open a maliciously crafted Microsoft Office file, or visit an attacker controlled web page.
GHSS: 5.5
#ExploitObserverAlert
GHSA-mf3w-j4fp-pv84
DESCRIPTION: Exploit Observer has 2 entries related to GHSA-MF3W-J4FP-PV84. In MtpPropertyValue of MtpProperty.h, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
GHSS: 7.8
GHSA-mf3w-j4fp-pv84
DESCRIPTION: Exploit Observer has 2 entries related to GHSA-MF3W-J4FP-PV84. In MtpPropertyValue of MtpProperty.h, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
GHSS: 7.8
#ExploitObserverAlert
GHSA-pfvh-chxv-ccfm
DESCRIPTION: Exploit Observer has 15 entries related to GHSA-PFVH-CHXV-CCFM. In IceWarp Webmail Server through 11.4.4.1, there is XSS in the /webmail/ color parameter.
GHSA-pfvh-chxv-ccfm
DESCRIPTION: Exploit Observer has 15 entries related to GHSA-PFVH-CHXV-CCFM. In IceWarp Webmail Server through 11.4.4.1, there is XSS in the /webmail/ color parameter.
#ExploitObserverAlert
GHSA-p97h-9fxf-wpq6
DESCRIPTION: Exploit Observer has 19 entries related to GHSA-P97H-9FXF-WPQ6. A command injection vulnerability in the wsConvertPpt component of Chamilo v1.11.* up to v1.11.18 allows attackers to execute arbitrary commands via a SOAP API call with a crafted PowerPoint name.
GHSS: 9.8
GHSA-p97h-9fxf-wpq6
DESCRIPTION: Exploit Observer has 19 entries related to GHSA-P97H-9FXF-WPQ6. A command injection vulnerability in the wsConvertPpt component of Chamilo v1.11.* up to v1.11.18 allows attackers to execute arbitrary commands via a SOAP API call with a crafted PowerPoint name.
GHSS: 9.8
#ExploitObserverAlert
GHSA-p8vw-m6qq-w42v
DESCRIPTION: Exploit Observer has 4 entries related to GHSA-P8VW-M6QQ-W42V. read_ints in plistlib.py in Python through 3.9.1 is vulnerable to a potential DoS attack via CPU and RAM exhaustion when processing malformed Apple Property List files in binary format.
GHSS: 6.5
GHSA-p8vw-m6qq-w42v
DESCRIPTION: Exploit Observer has 4 entries related to GHSA-P8VW-M6QQ-W42V. read_ints in plistlib.py in Python through 3.9.1 is vulnerable to a potential DoS attack via CPU and RAM exhaustion when processing malformed Apple Property List files in binary format.
GHSS: 6.5
#ExploitObserverAlert
CVE-2017-7921
DESCRIPTION: Exploit Observer has 40 entries related to CVE-2017-7921. An Improper Authentication issue was discovered in Hikvision DS-2CD2xx2F-I Series V5.2.0 build 140721 to V5.4.0 build 160530, DS-2CD2xx0F-I Series V5.2.0 build 140721 to V5.4.0 Build 160401, DS-2CD2xx2FWD Series V5.3.1 build 150410 to V5.4.4 Build 161125, DS-2CD4x2xFWD Series V5.2.0 build 140721 to V5.4.0 Build 160414, DS-2CD4xx5 Series V5.2.0 build 140721 to V5.4.0 Build 160421, DS-2DFx Series V5.2.0 build 140805 to V5.4.5 Build 160928, and DS-2CD63xx Series V5.0.9 build 140305 to V5.3.5 Build 160106 devices. The improper authentication vulnerability occurs when an application does not adequately or correctly authenticate users. This may allow a malicious user to escalate his or her privileges on the system and gain access to sensitive information.
FIRST-EPSS: 0.013610000
NVD-IS: 6.0
NVD-ES: 3.9
CVE-2017-7921
DESCRIPTION: Exploit Observer has 40 entries related to CVE-2017-7921. An Improper Authentication issue was discovered in Hikvision DS-2CD2xx2F-I Series V5.2.0 build 140721 to V5.4.0 build 160530, DS-2CD2xx0F-I Series V5.2.0 build 140721 to V5.4.0 Build 160401, DS-2CD2xx2FWD Series V5.3.1 build 150410 to V5.4.4 Build 161125, DS-2CD4x2xFWD Series V5.2.0 build 140721 to V5.4.0 Build 160414, DS-2CD4xx5 Series V5.2.0 build 140721 to V5.4.0 Build 160421, DS-2DFx Series V5.2.0 build 140805 to V5.4.5 Build 160928, and DS-2CD63xx Series V5.0.9 build 140305 to V5.3.5 Build 160106 devices. The improper authentication vulnerability occurs when an application does not adequately or correctly authenticate users. This may allow a malicious user to escalate his or her privileges on the system and gain access to sensitive information.
FIRST-EPSS: 0.013610000
NVD-IS: 6.0
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2023-1177
DESCRIPTION: Exploit Observer has 9 entries related to CVE-2023-1177. Path Traversal: '\..\filename' in GitHub repository mlflow/mlflow prior to 2.2.1.
FIRST-EPSS: 0.022630000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2023-1177
DESCRIPTION: Exploit Observer has 9 entries related to CVE-2023-1177. Path Traversal: '\..\filename' in GitHub repository mlflow/mlflow prior to 2.2.1.
FIRST-EPSS: 0.022630000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2017-8917
DESCRIPTION: Exploit Observer has 56 entries related to CVE-2017-8917. SQL injection vulnerability in Joomla! 3.7.x before 3.7.1 allows attackers to execute arbitrary SQL commands via unspecified vectors.
FIRST-EPSS: 0.975550000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2017-8917
DESCRIPTION: Exploit Observer has 56 entries related to CVE-2017-8917. SQL injection vulnerability in Joomla! 3.7.x before 3.7.1 allows attackers to execute arbitrary SQL commands via unspecified vectors.
FIRST-EPSS: 0.975550000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
GHSA-rcjv-mgp8-qvmr
DESCRIPTION: Exploit Observer has 1 entries related to GHSA-RCJV-MGP8-QVMR.
GHSS: 7.5
GHSA-rcjv-mgp8-qvmr
DESCRIPTION: Exploit Observer has 1 entries related to GHSA-RCJV-MGP8-QVMR.
GHSS: 7.5
#ExploitObserverAlert
CVE-2023-5142
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-5142. A vulnerability classified as problematic was found in H3C GR-1100-P, GR-1108-P, GR-1200W, GR-1800AX, GR-2200, GR-3200, GR-5200, GR-8300, ER2100n, ER2200G2, ER3200G2, ER3260G2, ER5100G2, ER5200G2 and ER6300G2 up to 20230908. This vulnerability affects unknown code of the file /userLogin.asp of the component Config File Handler. The manipulation leads to path traversal. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. VDB-240238 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
FIRST-EPSS: 0.000520000
NVD-IS: 1.4
NVD-ES: 3.9
CVE-2023-5142
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-5142. A vulnerability classified as problematic was found in H3C GR-1100-P, GR-1108-P, GR-1200W, GR-1800AX, GR-2200, GR-3200, GR-5200, GR-8300, ER2100n, ER2200G2, ER3200G2, ER3260G2, ER5100G2, ER5200G2 and ER6300G2 up to 20230908. This vulnerability affects unknown code of the file /userLogin.asp of the component Config File Handler. The manipulation leads to path traversal. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. VDB-240238 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
FIRST-EPSS: 0.000520000
NVD-IS: 1.4
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2022-0337
DESCRIPTION: Exploit Observer has 12 entries related to CVE-2022-0337. Inappropriate implementation in File System API in Google Chrome on Windows prior to 97.0.4692.71 allowed a remote attacker to obtain potentially sensitive information via a crafted HTML page. (Chrome security severity: High)
FIRST-EPSS: 0.000680000
NVD-IS: 3.6
NVD-ES: 2.8
CVE-2022-0337
DESCRIPTION: Exploit Observer has 12 entries related to CVE-2022-0337. Inappropriate implementation in File System API in Google Chrome on Windows prior to 97.0.4692.71 allowed a remote attacker to obtain potentially sensitive information via a crafted HTML page. (Chrome security severity: High)
FIRST-EPSS: 0.000680000
NVD-IS: 3.6
NVD-ES: 2.8
#ExploitObserverAlert
GHSA-qqvq-6xgj-jw8g
DESCRIPTION: Exploit Observer has 16 entries related to GHSA-QQVQ-6XGJ-JW8G.
GHSS: 8.8
GHSA-qqvq-6xgj-jw8g
DESCRIPTION: Exploit Observer has 16 entries related to GHSA-QQVQ-6XGJ-JW8G.
GHSS: 8.8
#ExploitObserverAlert
CVE-2023-4357
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2023-4357. Insufficient validation of untrusted input in XML in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to bypass file access restrictions via a crafted HTML page. (Chromium security severity: Medium)
FIRST-EPSS: 0.001280000
NVD-IS: 5.9
NVD-ES: 2.8
CVE-2023-4357
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2023-4357. Insufficient validation of untrusted input in XML in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to bypass file access restrictions via a crafted HTML page. (Chromium security severity: Medium)
FIRST-EPSS: 0.001280000
NVD-IS: 5.9
NVD-ES: 2.8
#ExploitObserverAlert
GHSA-q847-2q57-wmr3
DESCRIPTION: Exploit Observer has 1 entries related to GHSA-Q847-2Q57-WMR3.
GHSS: 6.1
GHSA-q847-2q57-wmr3
DESCRIPTION: Exploit Observer has 1 entries related to GHSA-Q847-2Q57-WMR3.
GHSS: 6.1
#ExploitObserverAlert
GHSA-wj42-v2p3-fq2w
DESCRIPTION: Exploit Observer has 2 entries related to GHSA-WJ42-V2P3-FQ2W.
GHSS: 9.8
GHSA-wj42-v2p3-fq2w
DESCRIPTION: Exploit Observer has 2 entries related to GHSA-WJ42-V2P3-FQ2W.
GHSS: 9.8
#ExploitObserverAlert
GHSA-9wh7-397j-722m
DESCRIPTION: Exploit Observer has 1 entries related to GHSA-9WH7-397J-722M.
GHSS: 6.0
GHSA-9wh7-397j-722m
DESCRIPTION: Exploit Observer has 1 entries related to GHSA-9WH7-397J-722M.
GHSS: 6.0
#ExploitObserverAlert
CVE-2023-4622
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-4622. A use-after-free vulnerability in the Linux kernel's af_unix component can be exploited to achieve local privilege escalation. The unix_stream_sendpage() function tries to add data to the last skb in the peer's recv queue without locking the queue. Thus there is a race where unix_stream_sendpage() could access an skb locklessly that is being released by garbage collection, resulting in use-after-free. We recommend upgrading past commit 790c2f9d15b594350ae9bca7b236f2b1859de02c.
FIRST-EPSS: 0.000420000
NVD-IS: 5.9
NVD-ES: 1.0
CVE-2023-4622
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-4622. A use-after-free vulnerability in the Linux kernel's af_unix component can be exploited to achieve local privilege escalation. The unix_stream_sendpage() function tries to add data to the last skb in the peer's recv queue without locking the queue. Thus there is a race where unix_stream_sendpage() could access an skb locklessly that is being released by garbage collection, resulting in use-after-free. We recommend upgrading past commit 790c2f9d15b594350ae9bca7b236f2b1859de02c.
FIRST-EPSS: 0.000420000
NVD-IS: 5.9
NVD-ES: 1.0
#ExploitObserverAlert
GHSA-9xv9-423q-x48x
DESCRIPTION: Exploit Observer has 2 entries related to GHSA-9XV9-423Q-X48X.
GHSS: 7.3
GHSA-9xv9-423q-x48x
DESCRIPTION: Exploit Observer has 2 entries related to GHSA-9XV9-423Q-X48X.
GHSS: 7.3