#ExploitObserverAlert
CVE-2022-27166
DESCRIPTION: Exploit Observer has 2 entries in 2 file formats related to CVE-2022-27166. A carefully crafted request on XHRHtml2Markup.jsp could trigger an XSS vulnerability on Apache JSPWiki up to and including 2.11.2, which could allow the attacker to execute javascript in the victim's browser and get some sensitive information about the victim.
FIRST-EPSS: 0.003650000
NVD-IS: 2.7
NVD-ES: 2.8
CVE-2022-27166
DESCRIPTION: Exploit Observer has 2 entries in 2 file formats related to CVE-2022-27166. A carefully crafted request on XHRHtml2Markup.jsp could trigger an XSS vulnerability on Apache JSPWiki up to and including 2.11.2, which could allow the attacker to execute javascript in the victim's browser and get some sensitive information about the victim.
FIRST-EPSS: 0.003650000
NVD-IS: 2.7
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2022-40151
DESCRIPTION: Exploit Observer has 5 entries in 5 file formats related to CVE-2022-40151. Those using Xstream to seralize XML data may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow. This effect may support a denial of service attack.
FIRST-EPSS: 0.002700000
NVD-IS: 3.6
NVD-ES: 3.9
CVE-2022-40151
DESCRIPTION: Exploit Observer has 5 entries in 5 file formats related to CVE-2022-40151. Those using Xstream to seralize XML data may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow. This effect may support a denial of service attack.
FIRST-EPSS: 0.002700000
NVD-IS: 3.6
NVD-ES: 3.9
#ExploitObserverAlert
PSS-176794
DESCRIPTION: Exploit Observer has 2 entries in 2 file formats related to PSS-176794. Vinchin Backup And Recovery 7.2 Default MySQL Credentials. A critical security issue has been discovered in Vinchin Backup and Recovery version 7.2. The software has been found to use default MYSQL credentials, which could lead to significant security risks.
PSS-176794
DESCRIPTION: Exploit Observer has 2 entries in 2 file formats related to PSS-176794. Vinchin Backup And Recovery 7.2 Default MySQL Credentials. A critical security issue has been discovered in Vinchin Backup and Recovery version 7.2. The software has been found to use default MYSQL credentials, which could lead to significant security risks.
#ExploitObserverAlert
CVE-2021-44140
DESCRIPTION: Exploit Observer has 3 entries in 2 file formats related to CVE-2021-44140. Remote attackers may delete arbitrary files in a system hosting a JSPWiki instance, versions up to 2.11.0.M8, by using a carefuly crafted http request on logout, given that those files are reachable to the user running the JSPWiki instance. Apache JSPWiki users should upgrade to 2.11.0 or later.
FIRST-EPSS: 0.004630000
NVD-IS: 5.2
NVD-ES: 3.9
CVE-2021-44140
DESCRIPTION: Exploit Observer has 3 entries in 2 file formats related to CVE-2021-44140. Remote attackers may delete arbitrary files in a system hosting a JSPWiki instance, versions up to 2.11.0.M8, by using a carefuly crafted http request on logout, given that those files are reachable to the user running the JSPWiki instance. Apache JSPWiki users should upgrade to 2.11.0 or later.
FIRST-EPSS: 0.004630000
NVD-IS: 5.2
NVD-ES: 3.9
#ExploitObserverAlert
GHSA-v68g-wm8c-6x7j
DESCRIPTION: Exploit Observer has 3 entries in 2 file formats related to GHSA-v68g-wm8c-6x7j. Deserialization of Untrusted Data in GitHub repository huggingface/transformers prior to 4.36.
GHSA-v68g-wm8c-6x7j
DESCRIPTION: Exploit Observer has 3 entries in 2 file formats related to GHSA-v68g-wm8c-6x7j. Deserialization of Untrusted Data in GitHub repository huggingface/transformers prior to 4.36.
#ExploitObserverAlert
CVE-2021-3597
DESCRIPTION: Exploit Observer has 3 entries in 2 file formats related to CVE-2021-3597. A flaw was found in undertow. The HTTP2SourceChannel fails to write the final frame under some circumstances, resulting in a denial of service. The highest threat from this vulnerability is availability. This flaw affects Undertow versions prior to 2.0.35.SP1, prior to 2.2.6.SP1, prior to 2.2.7.SP1, prior to 2.0.36.SP1, prior to 2.2.9.Final and prior to 2.0.39.Final.
FIRST-EPSS: 0.000910000
NVD-IS: 3.6
NVD-ES: 2.2
CVE-2021-3597
DESCRIPTION: Exploit Observer has 3 entries in 2 file formats related to CVE-2021-3597. A flaw was found in undertow. The HTTP2SourceChannel fails to write the final frame under some circumstances, resulting in a denial of service. The highest threat from this vulnerability is availability. This flaw affects Undertow versions prior to 2.0.35.SP1, prior to 2.2.6.SP1, prior to 2.2.7.SP1, prior to 2.0.36.SP1, prior to 2.2.9.Final and prior to 2.0.39.Final.
FIRST-EPSS: 0.000910000
NVD-IS: 3.6
NVD-ES: 2.2
#ExploitObserverAlert
CVE-2021-22096
DESCRIPTION: Exploit Observer has 8 entries in 4 file formats related to CVE-2021-22096. In Spring Framework versions 5.3.0 - 5.3.10, 5.2.0 - 5.2.17, and older unsupported versions, it is possible for a user to provide malicious input to cause the insertion of additional log entries.
FIRST-EPSS: 0.000790000
NVD-IS: 1.4
NVD-ES: 2.8
CVE-2021-22096
DESCRIPTION: Exploit Observer has 8 entries in 4 file formats related to CVE-2021-22096. In Spring Framework versions 5.3.0 - 5.3.10, 5.2.0 - 5.2.17, and older unsupported versions, it is possible for a user to provide malicious input to cause the insertion of additional log entries.
FIRST-EPSS: 0.000790000
NVD-IS: 1.4
NVD-ES: 2.8
#ExploitObserverAlert
PSS-176776
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to PSS-176776. Ubuntu Security Notice USN-6599-1. Ubuntu Security Notice 6599-1 - Yeting Li discovered that Jinja incorrectly handled certain regex. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. It was discovered that Jinja incorrectly handled certain HTML passed with xmlatter filter. An attacker could inject arbitrary HTML attributes keys and values potentially leading to XSS.
PSS-176776
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to PSS-176776. Ubuntu Security Notice USN-6599-1. Ubuntu Security Notice 6599-1 - Yeting Li discovered that Jinja incorrectly handled certain regex. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. It was discovered that Jinja incorrectly handled certain HTML passed with xmlatter filter. An attacker could inject arbitrary HTML attributes keys and values potentially leading to XSS.
#ExploitObserverAlert
CVE-2021-22146
DESCRIPTION: Exploit Observer has 7 entries in 4 file formats related to CVE-2021-22146. All versions of Elastic Cloud Enterprise has the Elasticsearch “anonymous” user enabled by default in deployed clusters. While in the default setting the anonymous user has no permissions and is unable to successfully query any Elasticsearch APIs, an attacker could leverage the anonymous user to gain insight into certain details of a deployed cluster.
FIRST-EPSS: 0.015230000
NVD-IS: 3.6
NVD-ES: 3.9
CVE-2021-22146
DESCRIPTION: Exploit Observer has 7 entries in 4 file formats related to CVE-2021-22146. All versions of Elastic Cloud Enterprise has the Elasticsearch “anonymous” user enabled by default in deployed clusters. While in the default setting the anonymous user has no permissions and is unable to successfully query any Elasticsearch APIs, an attacker could leverage the anonymous user to gain insight into certain details of a deployed cluster.
FIRST-EPSS: 0.015230000
NVD-IS: 3.6
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2022-24969
DESCRIPTION: Exploit Observer has 2 entries in 2 file formats related to CVE-2022-24969. bypass CVE-2021-25640 > In Apache Dubbo prior to 2.6.12 and 2.7.15, the usage of parseURL method will lead to the bypass of the white host check which can cause open redirect or SSRF vulnerability.
FIRST-EPSS: 0.001370000
NVD-IS: 2.7
NVD-ES: 2.8
CVE-2022-24969
DESCRIPTION: Exploit Observer has 2 entries in 2 file formats related to CVE-2022-24969. bypass CVE-2021-25640 > In Apache Dubbo prior to 2.6.12 and 2.7.15, the usage of parseURL method will lead to the bypass of the white host check which can cause open redirect or SSRF vulnerability.
FIRST-EPSS: 0.001370000
NVD-IS: 2.7
NVD-ES: 2.8
#ExploitObserverAlert
GHSA-8cr8-4vfw-mr7h
DESCRIPTION: Exploit Observer has 11 entries in 3 file formats related to GHSA-8cr8-4vfw-mr7h. The REXML gem before 3.2.5 in Ruby before 2.6.7, 2.7.x before 2.7.3, and 3.x before 3.0.1 does not properly address XML round-trip issues. An incorrect document can be produced after parsing and serializing.
GHSA-8cr8-4vfw-mr7h
DESCRIPTION: Exploit Observer has 11 entries in 3 file formats related to GHSA-8cr8-4vfw-mr7h. The REXML gem before 3.2.5 in Ruby before 2.6.7, 2.7.x before 2.7.3, and 3.x before 3.0.1 does not properly address XML round-trip issues. An incorrect document can be produced after parsing and serializing.
#ExploitObserverAlert
CVE-2022-41678
DESCRIPTION: Exploit Observer has 10 entries in 4 file formats related to CVE-2022-41678. Once an user is authenticated on Jolokia, he can potentially trigger arbitrary code execution. In details, in ActiveMQ configurations, jetty allows org.jolokia.http.AgentServlet to handler request to /api/jolokia org.jolokia.http.HttpRequestHandler#handlePostRequest is able to create JmxRequest through JSONObject. And calls to org.jolokia.http.HttpRequestHandler#executeRequest. Into deeper calling stacks, org.jolokia.handler.ExecHandler#doHandleRequest is able to invoke through refection. And then, RCE is able to be achieved via jdk.management.jfr.FlightRecorderMXBeanImpl which exists on Java version above 11. 1 Call newRecording. 2 Call setConfiguration. And a webshell data hides in it. 3 Call startRecording. 4 Call copyTo method. The webshell will be written to a .jsp file. The mitigation is to restrict (by default) the actions authorized on Jolokia, or disable Jolokia. A more restrictive Jolokia configuration has been defined in default ActiveMQ distribution. We encourage users to upgrade to ActiveMQ distributions version including updated Jolokia configuration: 5.16.6, 5.17.4, 5.18.0, 6.0.0.
FIRST-EPSS: 0.001030000
NVD-IS: 5.9
NVD-ES: 2.8
CVE-2022-41678
DESCRIPTION: Exploit Observer has 10 entries in 4 file formats related to CVE-2022-41678. Once an user is authenticated on Jolokia, he can potentially trigger arbitrary code execution. In details, in ActiveMQ configurations, jetty allows org.jolokia.http.AgentServlet to handler request to /api/jolokia org.jolokia.http.HttpRequestHandler#handlePostRequest is able to create JmxRequest through JSONObject. And calls to org.jolokia.http.HttpRequestHandler#executeRequest. Into deeper calling stacks, org.jolokia.handler.ExecHandler#doHandleRequest is able to invoke through refection. And then, RCE is able to be achieved via jdk.management.jfr.FlightRecorderMXBeanImpl which exists on Java version above 11. 1 Call newRecording. 2 Call setConfiguration. And a webshell data hides in it. 3 Call startRecording. 4 Call copyTo method. The webshell will be written to a .jsp file. The mitigation is to restrict (by default) the actions authorized on Jolokia, or disable Jolokia. A more restrictive Jolokia configuration has been defined in default ActiveMQ distribution. We encourage users to upgrade to ActiveMQ distributions version including updated Jolokia configuration: 5.16.6, 5.17.4, 5.18.0, 6.0.0.
FIRST-EPSS: 0.001030000
NVD-IS: 5.9
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2022-39975
DESCRIPTION: Exploit Observer has 3 entries in 2 file formats related to CVE-2022-39975. The Layout module in Liferay Portal v7.3.3 through v7.4.3.34, and Liferay DXP 7.3 before update 10, and 7.4 before update 35 does not check user permission before showing the preview of a "Content Page" type page, allowing attackers to view unpublished "Content Page" pages via URL manipulation.
FIRST-EPSS: 0.000530000
NVD-IS: 1.4
NVD-ES: 2.8
CVE-2022-39975
DESCRIPTION: Exploit Observer has 3 entries in 2 file formats related to CVE-2022-39975. The Layout module in Liferay Portal v7.3.3 through v7.4.3.34, and Liferay DXP 7.3 before update 10, and 7.4 before update 35 does not check user permission before showing the preview of a "Content Page" type page, allowing attackers to view unpublished "Content Page" pages via URL manipulation.
FIRST-EPSS: 0.000530000
NVD-IS: 1.4
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2022-40152
DESCRIPTION: Exploit Observer has 6 entries in 5 file formats related to CVE-2022-40152. Those using Woodstox to parse XML data may be vulnerable to Denial of Service attacks (DOS) if DTD support is enabled. If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow. This effect may support a denial of service attack.
FIRST-EPSS: 0.002460000
NVD-IS: 3.6
NVD-ES: 3.9
CVE-2022-40152
DESCRIPTION: Exploit Observer has 6 entries in 5 file formats related to CVE-2022-40152. Those using Woodstox to parse XML data may be vulnerable to Denial of Service attacks (DOS) if DTD support is enabled. If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow. This effect may support a denial of service attack.
FIRST-EPSS: 0.002460000
NVD-IS: 3.6
NVD-ES: 3.9
#ExploitObserverAlert
GHSA-6wrq-j9qq-5v7v
DESCRIPTION: Exploit Observer has 4 entries in 2 file formats related to GHSA-6wrq-j9qq-5v7v. The "WebSub (FKA. PubSubHubbub)" plugin for WordPress is vulnerable to Stored Cross-Site Scripting via plugin settings in all versions up to, and including, 3.1.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
GHSA-6wrq-j9qq-5v7v
DESCRIPTION: Exploit Observer has 4 entries in 2 file formats related to GHSA-6wrq-j9qq-5v7v. The "WebSub (FKA. PubSubHubbub)" plugin for WordPress is vulnerable to Stored Cross-Site Scripting via plugin settings in all versions up to, and including, 3.1.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
#ExploitObserverAlert
CVE-2023-42794
DESCRIPTION: Exploit Observer has 12 entries in 4 file formats related to CVE-2023-42794. Incomplete Cleanup vulnerability in Apache Tomcat. The internal fork of Commons FileUpload packaged with Apache Tomcat 9.0.70 through 9.0.80 and 8.5.85 through 8.5.93 included an unreleased, in progress refactoring that exposed a potential denial of service on Windows if a web application opened a stream for an uploaded file but failed to close the stream. The file would never be deleted from disk creating the possibility of an eventual denial of service due to the disk being full. Users are recommended to upgrade to version 9.0.81 onwards or 8.5.94 onwards, which fixes the issue.
FIRST-EPSS: 0.000450000
NVD-IS: 3.6
NVD-ES: 2.2
CVE-2023-42794
DESCRIPTION: Exploit Observer has 12 entries in 4 file formats related to CVE-2023-42794. Incomplete Cleanup vulnerability in Apache Tomcat. The internal fork of Commons FileUpload packaged with Apache Tomcat 9.0.70 through 9.0.80 and 8.5.85 through 8.5.93 included an unreleased, in progress refactoring that exposed a potential denial of service on Windows if a web application opened a stream for an uploaded file but failed to close the stream. The file would never be deleted from disk creating the possibility of an eventual denial of service due to the disk being full. Users are recommended to upgrade to version 9.0.81 onwards or 8.5.94 onwards, which fixes the issue.
FIRST-EPSS: 0.000450000
NVD-IS: 3.6
NVD-ES: 2.2
#ExploitObserverAlert
CVE-2022-2256
DESCRIPTION: Exploit Observer has 3 entries in 3 file formats related to CVE-2022-2256. A Stored Cross-site scripting (XSS) vulnerability was found in keycloak as shipped in Red Hat Single Sign-On 7. This flaw allows a privileged attacker to execute malicious scripts in the admin console, abusing the default roles functionality.
FIRST-EPSS: 0.000530000
NVD-IS: 2.5
NVD-ES: 1.2
CVE-2022-2256
DESCRIPTION: Exploit Observer has 3 entries in 3 file formats related to CVE-2022-2256. A Stored Cross-site scripting (XSS) vulnerability was found in keycloak as shipped in Red Hat Single Sign-On 7. This flaw allows a privileged attacker to execute malicious scripts in the admin console, abusing the default roles functionality.
FIRST-EPSS: 0.000530000
NVD-IS: 2.5
NVD-ES: 1.2
#ExploitObserverAlert
CVE-2023-41080
DESCRIPTION: Exploit Observer has 11 entries in 3 file formats related to CVE-2023-41080. URL Redirection to Untrusted Site ('Open Redirect') vulnerability in FORM authentication feature Apache Tomcat.This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M10, from 10.1.0-M1 through 10.0.12, from 9.0.0-M1 through 9.0.79 and from 8.5.0 through 8.5.92. The vulnerability is limited to the ROOT (default) web application.
FIRST-EPSS: 0.002440000
NVD-IS: 2.7
NVD-ES: 2.8
CVE-2023-41080
DESCRIPTION: Exploit Observer has 11 entries in 3 file formats related to CVE-2023-41080. URL Redirection to Untrusted Site ('Open Redirect') vulnerability in FORM authentication feature Apache Tomcat.This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M10, from 10.1.0-M1 through 10.0.12, from 9.0.0-M1 through 9.0.79 and from 8.5.0 through 8.5.92. The vulnerability is limited to the ROOT (default) web application.
FIRST-EPSS: 0.002440000
NVD-IS: 2.7
NVD-ES: 2.8
#ExploitObserverAlert
GHSA-rgjq-f6gr-756j
DESCRIPTION: Exploit Observer has 4 entries in 3 file formats related to GHSA-rgjq-f6gr-756j. libyang from v2.0.164 to v2.1.30 was discovered to contain a NULL pointer dereference via the function lys_parse_mem at lys_parse_mem.c.
GHSA-rgjq-f6gr-756j
DESCRIPTION: Exploit Observer has 4 entries in 3 file formats related to GHSA-rgjq-f6gr-756j. libyang from v2.0.164 to v2.1.30 was discovered to contain a NULL pointer dereference via the function lys_parse_mem at lys_parse_mem.c.
#ExploitObserverAlert
PSS-176779
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to PSS-176779. Ubuntu Security Notice USN-6602-1. Ubuntu Security Notice 6602-1 - Jana Hofmann, Emanuele Vannacci, Cedric Fournet, Boris Kopf, and Oleksii Oleksenko discovered that some AMD processors could leak stale data from division operations in certain situations. A local attacker could possibly use this to expose sensitive information. It was discovered that a race condition existed in the Linux kernel when performing operations with kernel objects, leading to an out-of-bounds write. A local attacker could use this to cause a denial of service or execute arbitrary code.
PSS-176779
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to PSS-176779. Ubuntu Security Notice USN-6602-1. Ubuntu Security Notice 6602-1 - Jana Hofmann, Emanuele Vannacci, Cedric Fournet, Boris Kopf, and Oleksii Oleksenko discovered that some AMD processors could leak stale data from division operations in certain situations. A local attacker could possibly use this to expose sensitive information. It was discovered that a race condition existed in the Linux kernel when performing operations with kernel objects, leading to an out-of-bounds write. A local attacker could use this to cause a denial of service or execute arbitrary code.
#ExploitObserverAlert
CVE-2023-36900
DESCRIPTION: Exploit Observer has 3 entries in 3 file formats related to CVE-2023-36900. Windows Common Log File System Driver Elevation of Privilege Vulnerability
FIRST-EPSS: 0.001970000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2023-36900
DESCRIPTION: Exploit Observer has 3 entries in 3 file formats related to CVE-2023-36900. Windows Common Log File System Driver Elevation of Privilege Vulnerability
FIRST-EPSS: 0.001970000
NVD-IS: 5.9
NVD-ES: 1.8