#ExploitObserverAlert
CVE-2023-42794
DESCRIPTION: Exploit Observer has 12 entries in 4 file formats related to CVE-2023-42794. Incomplete Cleanup vulnerability in Apache Tomcat. The internal fork of Commons FileUpload packaged with Apache Tomcat 9.0.70 through 9.0.80 and 8.5.85 through 8.5.93 included an unreleased, in progress refactoring that exposed a potential denial of service on Windows if a web application opened a stream for an uploaded file but failed to close the stream. The file would never be deleted from disk creating the possibility of an eventual denial of service due to the disk being full. Users are recommended to upgrade to version 9.0.81 onwards or 8.5.94 onwards, which fixes the issue.
FIRST-EPSS: 0.000450000
NVD-IS: 3.6
NVD-ES: 2.2
CVE-2023-42794
DESCRIPTION: Exploit Observer has 12 entries in 4 file formats related to CVE-2023-42794. Incomplete Cleanup vulnerability in Apache Tomcat. The internal fork of Commons FileUpload packaged with Apache Tomcat 9.0.70 through 9.0.80 and 8.5.85 through 8.5.93 included an unreleased, in progress refactoring that exposed a potential denial of service on Windows if a web application opened a stream for an uploaded file but failed to close the stream. The file would never be deleted from disk creating the possibility of an eventual denial of service due to the disk being full. Users are recommended to upgrade to version 9.0.81 onwards or 8.5.94 onwards, which fixes the issue.
FIRST-EPSS: 0.000450000
NVD-IS: 3.6
NVD-ES: 2.2
#ExploitObserverAlert
CVE-2022-2256
DESCRIPTION: Exploit Observer has 3 entries in 3 file formats related to CVE-2022-2256. A Stored Cross-site scripting (XSS) vulnerability was found in keycloak as shipped in Red Hat Single Sign-On 7. This flaw allows a privileged attacker to execute malicious scripts in the admin console, abusing the default roles functionality.
FIRST-EPSS: 0.000530000
NVD-IS: 2.5
NVD-ES: 1.2
CVE-2022-2256
DESCRIPTION: Exploit Observer has 3 entries in 3 file formats related to CVE-2022-2256. A Stored Cross-site scripting (XSS) vulnerability was found in keycloak as shipped in Red Hat Single Sign-On 7. This flaw allows a privileged attacker to execute malicious scripts in the admin console, abusing the default roles functionality.
FIRST-EPSS: 0.000530000
NVD-IS: 2.5
NVD-ES: 1.2
#ExploitObserverAlert
CVE-2023-41080
DESCRIPTION: Exploit Observer has 11 entries in 3 file formats related to CVE-2023-41080. URL Redirection to Untrusted Site ('Open Redirect') vulnerability in FORM authentication feature Apache Tomcat.This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M10, from 10.1.0-M1 through 10.0.12, from 9.0.0-M1 through 9.0.79 and from 8.5.0 through 8.5.92. The vulnerability is limited to the ROOT (default) web application.
FIRST-EPSS: 0.002440000
NVD-IS: 2.7
NVD-ES: 2.8
CVE-2023-41080
DESCRIPTION: Exploit Observer has 11 entries in 3 file formats related to CVE-2023-41080. URL Redirection to Untrusted Site ('Open Redirect') vulnerability in FORM authentication feature Apache Tomcat.This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M10, from 10.1.0-M1 through 10.0.12, from 9.0.0-M1 through 9.0.79 and from 8.5.0 through 8.5.92. The vulnerability is limited to the ROOT (default) web application.
FIRST-EPSS: 0.002440000
NVD-IS: 2.7
NVD-ES: 2.8
#ExploitObserverAlert
GHSA-rgjq-f6gr-756j
DESCRIPTION: Exploit Observer has 4 entries in 3 file formats related to GHSA-rgjq-f6gr-756j. libyang from v2.0.164 to v2.1.30 was discovered to contain a NULL pointer dereference via the function lys_parse_mem at lys_parse_mem.c.
GHSA-rgjq-f6gr-756j
DESCRIPTION: Exploit Observer has 4 entries in 3 file formats related to GHSA-rgjq-f6gr-756j. libyang from v2.0.164 to v2.1.30 was discovered to contain a NULL pointer dereference via the function lys_parse_mem at lys_parse_mem.c.
#ExploitObserverAlert
PSS-176779
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to PSS-176779. Ubuntu Security Notice USN-6602-1. Ubuntu Security Notice 6602-1 - Jana Hofmann, Emanuele Vannacci, Cedric Fournet, Boris Kopf, and Oleksii Oleksenko discovered that some AMD processors could leak stale data from division operations in certain situations. A local attacker could possibly use this to expose sensitive information. It was discovered that a race condition existed in the Linux kernel when performing operations with kernel objects, leading to an out-of-bounds write. A local attacker could use this to cause a denial of service or execute arbitrary code.
PSS-176779
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to PSS-176779. Ubuntu Security Notice USN-6602-1. Ubuntu Security Notice 6602-1 - Jana Hofmann, Emanuele Vannacci, Cedric Fournet, Boris Kopf, and Oleksii Oleksenko discovered that some AMD processors could leak stale data from division operations in certain situations. A local attacker could possibly use this to expose sensitive information. It was discovered that a race condition existed in the Linux kernel when performing operations with kernel objects, leading to an out-of-bounds write. A local attacker could use this to cause a denial of service or execute arbitrary code.
#ExploitObserverAlert
CVE-2023-36900
DESCRIPTION: Exploit Observer has 3 entries in 3 file formats related to CVE-2023-36900. Windows Common Log File System Driver Elevation of Privilege Vulnerability
FIRST-EPSS: 0.001970000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2023-36900
DESCRIPTION: Exploit Observer has 3 entries in 3 file formats related to CVE-2023-36900. Windows Common Log File System Driver Elevation of Privilege Vulnerability
FIRST-EPSS: 0.001970000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
GHSA-xjf4-cg52-rf4g
DESCRIPTION: Exploit Observer has 3 entries in 2 file formats related to GHSA-xjf4-cg52-rf4g. Path traversal vulnerability in ACERA 1320 firmware ver.01.26 and earlier, and ACERA 1310 firmware ver.01.26 and earlier allows a network-adjacent authenticated attacker to alter critical information such as system files by sending a specially crafted request. They are affected when running in ST(Standalone) mode.
GHSA-xjf4-cg52-rf4g
DESCRIPTION: Exploit Observer has 3 entries in 2 file formats related to GHSA-xjf4-cg52-rf4g. Path traversal vulnerability in ACERA 1320 firmware ver.01.26 and earlier, and ACERA 1310 firmware ver.01.26 and earlier allows a network-adjacent authenticated attacker to alter critical information such as system files by sending a specially crafted request. They are affected when running in ST(Standalone) mode.
#ExploitObserverAlert
PSS-176786
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to PSS-176786. Ubuntu Security Notice USN-6608-1. Ubuntu Security Notice 6608-1 - It was discovered that the CIFS network file system implementation in the Linux kernel did not properly validate the server frame size in certain situation, leading to an out-of-bounds read vulnerability. An attacker could use this to construct a malicious CIFS image that, when operated on, could cause a denial of service or possibly expose sensitive information. Xingyuan Mo discovered that the netfilter subsystem in the Linux kernel did not properly handle inactive elements in its PIPAPO data structure, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.
PSS-176786
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to PSS-176786. Ubuntu Security Notice USN-6608-1. Ubuntu Security Notice 6608-1 - It was discovered that the CIFS network file system implementation in the Linux kernel did not properly validate the server frame size in certain situation, leading to an out-of-bounds read vulnerability. An attacker could use this to construct a malicious CIFS image that, when operated on, could cause a denial of service or possibly expose sensitive information. Xingyuan Mo discovered that the netfilter subsystem in the Linux kernel did not properly handle inactive elements in its PIPAPO data structure, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.
#ExploitObserverAlert
CVE-2024-0587
DESCRIPTION: Exploit Observer has 3 entries in 2 file formats related to CVE-2024-0587. The AMP for WP – Accelerated Mobile Pages plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'disqus_name' parameter in all versions up to, and including, 1.0.92.1 due to insufficient input sanitization and output escaping on the executed JS file. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.
CVE-2024-0587
DESCRIPTION: Exploit Observer has 3 entries in 2 file formats related to CVE-2024-0587. The AMP for WP – Accelerated Mobile Pages plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'disqus_name' parameter in all versions up to, and including, 1.0.92.1 due to insufficient input sanitization and output escaping on the executed JS file. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.
#ExploitObserverAlert
CVE-2024-20253
DESCRIPTION: Exploit Observer has 3 entries in 3 file formats related to CVE-2024-20253. A vulnerability in multiple Cisco Unified Communications and Contact Center Solutions products could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device. This vulnerability is due to the improper processing of user-provided data that is being read into memory. An attacker could exploit this vulnerability by sending a crafted message to a listening port of an affected device. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with the privileges of the web services user. With access to the underlying operating system, the attacker could also establish root access on the affected device.
CVE-2024-20253
DESCRIPTION: Exploit Observer has 3 entries in 3 file formats related to CVE-2024-20253. A vulnerability in multiple Cisco Unified Communications and Contact Center Solutions products could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device. This vulnerability is due to the improper processing of user-provided data that is being read into memory. An attacker could exploit this vulnerability by sending a crafted message to a listening port of an affected device. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with the privileges of the web services user. With access to the underlying operating system, the attacker could also establish root access on the affected device.
#ExploitObserverAlert
CVE-2024-0929
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2024-0929. A vulnerability was found in Tenda AC10U 15.03.06.49_multi_TDE01. It has been rated as critical. Affected by this issue is the function fromNatStaticSetting. The manipulation of the argument page leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-252134 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
CVE-2024-0929
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2024-0929. A vulnerability was found in Tenda AC10U 15.03.06.49_multi_TDE01. It has been rated as critical. Affected by this issue is the function fromNatStaticSetting. The manipulation of the argument page leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-252134 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
#ExploitObserverAlert
CVE-2024-0923
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2024-0923. A vulnerability, which was classified as critical, has been found in Tenda AC10U 15.03.06.49_multi_TDE01. Affected by this issue is the function formSetDeviceName. The manipulation of the argument devName leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-252128. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
CVE-2024-0923
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2024-0923. A vulnerability, which was classified as critical, has been found in Tenda AC10U 15.03.06.49_multi_TDE01. Affected by this issue is the function formSetDeviceName. The manipulation of the argument devName leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-252128. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
#ExploitObserverAlert
GHSA-4957-7vhp-7v59
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to GHSA-4957-7vhp-7v59. A vulnerability, which was classified as critical, has been found in van_der_Schaar LAB synthcity 0.2.9. Affected by this issue is the function load_from_file of the component PKL File Handler. The manipulation leads to deserialization. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-252182 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early and confirmed immediately the existence of the issue. A patch is planned to be released in February 2024.
GHSA-4957-7vhp-7v59
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to GHSA-4957-7vhp-7v59. A vulnerability, which was classified as critical, has been found in van_der_Schaar LAB synthcity 0.2.9. Affected by this issue is the function load_from_file of the component PKL File Handler. The manipulation leads to deserialization. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-252182 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early and confirmed immediately the existence of the issue. A patch is planned to be released in February 2024.
#ExploitObserverAlert
GHSA-2532-vm9m-g275
DESCRIPTION: Exploit Observer has 2 entries in 2 file formats related to GHSA-2532-vm9m-g275. A vulnerability, which was classified as critical, was found in Tenda AC10U 15.03.06.49_multi_TDE01. This affects the function formSetPPTPServer. The manipulation of the argument startIp leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-252129 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
GHSA-2532-vm9m-g275
DESCRIPTION: Exploit Observer has 2 entries in 2 file formats related to GHSA-2532-vm9m-g275. A vulnerability, which was classified as critical, was found in Tenda AC10U 15.03.06.49_multi_TDE01. This affects the function formSetPPTPServer. The manipulation of the argument startIp leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-252129 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
#ExploitObserverAlert
CVE-2024-0938
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2024-0938. A vulnerability, which was classified as critical, was found in Tongda OA 2017 up to 11.9. This affects an unknown part of the file /general/email/inbox/delete_webmail.php. The manipulation of the argument WEBBODY_ID_STR leads to sql injection. The exploit has been disclosed to the public and may be used. Upgrading to version 11.10 is able to address this issue. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-252183. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
CVE-2024-0938
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2024-0938. A vulnerability, which was classified as critical, was found in Tongda OA 2017 up to 11.9. This affects an unknown part of the file /general/email/inbox/delete_webmail.php. The manipulation of the argument WEBBODY_ID_STR leads to sql injection. The exploit has been disclosed to the public and may be used. Upgrading to version 11.10 is able to address this issue. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-252183. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
#ExploitObserverAlert
CVE-2022-34729
DESCRIPTION: Exploit Observer has 4 entries in 2 file formats related to CVE-2022-34729. Windows GDI Elevation of Privilege Vulnerability
FIRST-EPSS: 0.000430000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2022-34729
DESCRIPTION: Exploit Observer has 4 entries in 2 file formats related to CVE-2022-34729. Windows GDI Elevation of Privilege Vulnerability
FIRST-EPSS: 0.000430000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2024-0941
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2024-0941. A vulnerability was found in Novel-Plus 4.3.0-RC1 and classified as critical. This issue affects some unknown processing of the file /novel/bookComment/list. The manipulation of the argument sort leads to sql injection. The exploit has been disclosed to the public and may be used. The identifier VDB-252185 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
CVE-2024-0941
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2024-0941. A vulnerability was found in Novel-Plus 4.3.0-RC1 and classified as critical. This issue affects some unknown processing of the file /novel/bookComment/list. The manipulation of the argument sort leads to sql injection. The exploit has been disclosed to the public and may be used. The identifier VDB-252185 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
#ExploitObserverAlert
CVE-2024-22860
DESCRIPTION: Exploit Observer has 3 entries in 3 file formats related to CVE-2024-22860. Integer overflow vulnerability in FFmpeg before n6.1, allows remote attackers to execute arbitrary code via the jpegxl_anim_read_packet component in the JPEG XL Animation decoder.
CVE-2024-22860
DESCRIPTION: Exploit Observer has 3 entries in 3 file formats related to CVE-2024-22860. Integer overflow vulnerability in FFmpeg before n6.1, allows remote attackers to execute arbitrary code via the jpegxl_anim_read_packet component in the JPEG XL Animation decoder.
#ExploitObserverAlert
CVE-2024-0930
DESCRIPTION: Exploit Observer has 2 entries in 2 file formats related to CVE-2024-0930. A vulnerability classified as critical has been found in Tenda AC10U 15.03.06.49_multi_TDE01. This affects the function fromSetWirelessRepeat. The manipulation of the argument wpapsk_crypto leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-252135. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
CVE-2024-0930
DESCRIPTION: Exploit Observer has 2 entries in 2 file formats related to CVE-2024-0930. A vulnerability classified as critical has been found in Tenda AC10U 15.03.06.49_multi_TDE01. This affects the function fromSetWirelessRepeat. The manipulation of the argument wpapsk_crypto leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-252135. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
#ExploitObserverAlert
CVE-2024-0623
DESCRIPTION: Exploit Observer has 4 entries in 2 file formats related to CVE-2024-0623. The VK Block Patterns plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.31.1.1. This is due to missing or incorrect nonce validation on the vbp_clear_patterns_cache() function. This makes it possible for unauthenticated attackers to clear the patterns cache via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
FIRST-EPSS: 0.000520000
NVD-IS: 1.4
NVD-ES: 2.8
CVE-2024-0623
DESCRIPTION: Exploit Observer has 4 entries in 2 file formats related to CVE-2024-0623. The VK Block Patterns plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.31.1.1. This is due to missing or incorrect nonce validation on the vbp_clear_patterns_cache() function. This makes it possible for unauthenticated attackers to clear the patterns cache via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
FIRST-EPSS: 0.000520000
NVD-IS: 1.4
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2024-0918
DESCRIPTION: Exploit Observer has 2 entries in 2 file formats related to CVE-2024-0918. A vulnerability was found in TRENDnet TEW-800MB 1.0.1.0 and classified as critical. Affected by this issue is some unknown functionality of the component POST Request Handler. The manipulation of the argument DeviceURL leads to os command injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-252122 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
CVE-2024-0918
DESCRIPTION: Exploit Observer has 2 entries in 2 file formats related to CVE-2024-0918. A vulnerability was found in TRENDnet TEW-800MB 1.0.1.0 and classified as critical. Affected by this issue is some unknown functionality of the component POST Request Handler. The manipulation of the argument DeviceURL leads to os command injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-252122 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.