#ExploitObserverAlert
CVE-2024-23639
DESCRIPTION: Exploit Observer has 2 entries in 2 file formats related to CVE-2024-23639. Micronaut Framework is a modern, JVM-based, full stack Java framework designed for building modular, easily testable JVM applications with support for Java, Kotlin and the Groovy language. Enabled but unsecured management endpoints are susceptible to drive-by localhost attacks. While not typical of a production application, these attacks may have more impact on a development environment where such endpoints may be flipped on without much thought. A malicious/compromised website can make HTTP requests to `localhost`. Normally, such requests would trigger a CORS preflight check which would prevent the request; however, some requests are "simple" and do not require a preflight check. These endpoints, if enabled and not secured, are vulnerable to being triggered. Production environments typically disable unused endpoints and secure/restrict access to needed endpoints. A more likely victim is the developer in their local development host, who has enabled endpoints without security for the sake of easing development. This issue has been addressed in version 3.8.3. Users are advised to upgrade.
FIRST-EPSS: 0.000430000
CVE-2024-23639
DESCRIPTION: Exploit Observer has 2 entries in 2 file formats related to CVE-2024-23639. Micronaut Framework is a modern, JVM-based, full stack Java framework designed for building modular, easily testable JVM applications with support for Java, Kotlin and the Groovy language. Enabled but unsecured management endpoints are susceptible to drive-by localhost attacks. While not typical of a production application, these attacks may have more impact on a development environment where such endpoints may be flipped on without much thought. A malicious/compromised website can make HTTP requests to `localhost`. Normally, such requests would trigger a CORS preflight check which would prevent the request; however, some requests are "simple" and do not require a preflight check. These endpoints, if enabled and not secured, are vulnerable to being triggered. Production environments typically disable unused endpoints and secure/restrict access to needed endpoints. A more likely victim is the developer in their local development host, who has enabled endpoints without security for the sake of easing development. This issue has been addressed in version 3.8.3. Users are advised to upgrade.
FIRST-EPSS: 0.000430000
#ExploitObserverAlert
PD/http/cves/2023/CVE-2023-52085
DESCRIPTION: Exploit Observer has 4 entries in 4 file formats related to PD/http/cves/2023/CVE-2023-52085. Winter is a free, open-source content management system. Users with access to backend forms that include a ColorPicker FormWidget can provide a value that would then be included without further processing in the compilation of custom stylesheets via LESS. This had the potential to lead to a Local File Inclusion vulnerability. This issue has been patched in v1.2.4.
PD/http/cves/2023/CVE-2023-52085
DESCRIPTION: Exploit Observer has 4 entries in 4 file formats related to PD/http/cves/2023/CVE-2023-52085. Winter is a free, open-source content management system. Users with access to backend forms that include a ColorPicker FormWidget can provide a value that would then be included without further processing in the compilation of custom stylesheets via LESS. This had the potential to lead to a Local File Inclusion vulnerability. This issue has been patched in v1.2.4.
#ExploitObserverAlert
CVE-2024-24215
DESCRIPTION: Exploit Observer has 3 entries in 2 file formats related to CVE-2024-24215. An issue in the component /cgi-bin/GetJsonValue.cgi of Cellinx NVT Web Server 5.0.0.014 allows attackers to leak configuration information via a crafted POST request.
FIRST-EPSS: 0.000450000
CVE-2024-24215
DESCRIPTION: Exploit Observer has 3 entries in 2 file formats related to CVE-2024-24215. An issue in the component /cgi-bin/GetJsonValue.cgi of Cellinx NVT Web Server 5.0.0.014 allows attackers to leak configuration information via a crafted POST request.
FIRST-EPSS: 0.000450000
#ExploitObserverAlert
ZDI-24-118
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to ZDI-24-118. Centreon updateDirectory SQL Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Centreon. Authentication is required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 8.8. The following CVEs are assigned: CVE-2024-0637.
ZDI-24-118
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to ZDI-24-118. Centreon updateDirectory SQL Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Centreon. Authentication is required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 8.8. The following CVEs are assigned: CVE-2024-0637.
#ExploitObserverAlert
ZDI-24-114
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to ZDI-24-114. Centreon updateContactHostCommands SQL Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Centreon. Authentication is required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 7.2. The following CVEs are assigned: CVE-2024-23118.
ZDI-24-114
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to ZDI-24-114. Centreon updateContactHostCommands SQL Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Centreon. Authentication is required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 7.2. The following CVEs are assigned: CVE-2024-23118.
#ExploitObserverAlert
ZDI-24-102
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to ZDI-24-102. Allegra SiteConfigAction Improper Access Control Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Allegra. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 9.8. The following CVEs are assigned: CVE-2024-22512.
ZDI-24-102
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to ZDI-24-102. Allegra SiteConfigAction Improper Access Control Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Allegra. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 9.8. The following CVEs are assigned: CVE-2024-22512.
#ExploitObserverAlert
CVE-2024-25447
DESCRIPTION: Exploit Observer has 2 entries in 2 file formats related to CVE-2024-25447. An issue in the imlib_load_image_with_error_return function of imlib2 v1.9.1 allows attackers to cause a heap buffer overflow via parsing a crafted image.
FIRST-EPSS: 0.000430000
CVE-2024-25447
DESCRIPTION: Exploit Observer has 2 entries in 2 file formats related to CVE-2024-25447. An issue in the imlib_load_image_with_error_return function of imlib2 v1.9.1 allows attackers to cause a heap buffer overflow via parsing a crafted image.
FIRST-EPSS: 0.000430000
#ExploitObserverAlert
CVE-2023-48974
DESCRIPTION: Exploit Observer has 3 entries in 2 file formats related to CVE-2023-48974. Cross Site Scripting vulnerability in Axigen WebMail v.10.5.7 and before allows a remote attacker to escalate privileges via a crafted script to the serverName_input parameter.
FIRST-EPSS: 0.000430000
CVE-2023-48974
DESCRIPTION: Exploit Observer has 3 entries in 2 file formats related to CVE-2023-48974. Cross Site Scripting vulnerability in Axigen WebMail v.10.5.7 and before allows a remote attacker to escalate privileges via a crafted script to the serverName_input parameter.
FIRST-EPSS: 0.000430000
#ExploitObserverAlert
WLB-2024020036
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to WLB-2024020036. GYM MS 1.0 Cross Site Scripting.
WLB-2024020036
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to WLB-2024020036. GYM MS 1.0 Cross Site Scripting.
#ExploitObserverAlert
PSS-177068
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to PSS-177068. Ubuntu Security Notice USN-6628-1. Ubuntu Security Notice 6628-1 - Quentin Minster discovered that a race condition existed in the KSMBD implementation in the Linux kernel when handling sessions operations. A remote attacker could use this to cause a denial of service or possibly execute arbitrary code. Marek Marczykowski-Górecki discovered that the Xen event channel infrastructure implementation in the Linux kernel contained a race condition. An attacker in a guest VM could possibly use this to cause a denial of service.
PSS-177068
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to PSS-177068. Ubuntu Security Notice USN-6628-1. Ubuntu Security Notice 6628-1 - Quentin Minster discovered that a race condition existed in the KSMBD implementation in the Linux kernel when handling sessions operations. A remote attacker could use this to cause a denial of service or possibly execute arbitrary code. Marek Marczykowski-Górecki discovered that the Xen event channel infrastructure implementation in the Linux kernel contained a race condition. An attacker in a guest VM could possibly use this to cause a denial of service.
#ExploitObserverAlert
PSS-177054
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to PSS-177054. Red Hat Security Advisory 2024-0750-03. Red Hat Security Advisory 2024-0750-03 - An update for libmaxminddb is now available for Red Hat Enterprise Linux 8.8 Extended Update Support.
PSS-177054
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to PSS-177054. Red Hat Security Advisory 2024-0750-03. Red Hat Security Advisory 2024-0750-03 - An update for libmaxminddb is now available for Red Hat Enterprise Linux 8.8 Extended Update Support.
#ExploitObserverAlert
ZDI-24-103
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to ZDI-24-103. Allegra uploadFile Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Allegra. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The ZDI has assigned a CVSS rating of 7.2. The following CVEs are assigned: CVE-2024-22510.
ZDI-24-103
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to ZDI-24-103. Allegra uploadFile Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Allegra. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The ZDI has assigned a CVSS rating of 7.2. The following CVEs are assigned: CVE-2024-22510.
#ExploitObserverAlert
CVE-2024-25679
DESCRIPTION: Exploit Observer has 2 entries in 2 file formats related to CVE-2024-25679. In PQUIC before 5bde5bb, retention of unused initial encryption keys allows attackers to disrupt a connection with a PSK configuration by sending a CONNECTION_CLOSE frame that is encrypted via the initial key computed. Network traffic sniffing is needed as part of exploitation.
FIRST-EPSS: 0.000450000
CVE-2024-25679
DESCRIPTION: Exploit Observer has 2 entries in 2 file formats related to CVE-2024-25679. In PQUIC before 5bde5bb, retention of unused initial encryption keys allows attackers to disrupt a connection with a PSK configuration by sending a CONNECTION_CLOSE frame that is encrypted via the initial key computed. Network traffic sniffing is needed as part of exploitation.
FIRST-EPSS: 0.000450000
#ExploitObserverAlert
CVE-2024-25003
DESCRIPTION: Exploit Observer has 2 entries in 2 file formats related to CVE-2024-25003. KiTTY versions 0.76.1.13 and before is vulnerable to a stack-based buffer overflow via the hostname, occurs due to insufficient bounds checking and input sanitization. This allows an attacker to overwrite adjacent memory, which leads to arbitrary code execution.
FIRST-EPSS: 0.000430000
CVE-2024-25003
DESCRIPTION: Exploit Observer has 2 entries in 2 file formats related to CVE-2024-25003. KiTTY versions 0.76.1.13 and before is vulnerable to a stack-based buffer overflow via the hostname, occurs due to insufficient bounds checking and input sanitization. This allows an attacker to overwrite adjacent memory, which leads to arbitrary code execution.
FIRST-EPSS: 0.000430000
#ExploitObserverAlert
PSS-177062
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to PSS-177062. Red Hat Security Advisory 2024-0757-03. Red Hat Security Advisory 2024-0757-03 - An update for the container-tools:4.0 module is now available for Red Hat Enterprise Linux 8.6 Extended Update Support.
PSS-177062
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to PSS-177062. Red Hat Security Advisory 2024-0757-03. Red Hat Security Advisory 2024-0757-03 - An update for the container-tools:4.0 module is now available for Red Hat Enterprise Linux 8.6 Extended Update Support.
#ExploitObserverAlert
PSS-177055
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to PSS-177055. Red Hat Security Advisory 2024-0751-03. Red Hat Security Advisory 2024-0751-03 - An update for libmaxminddb is now available for Red Hat Enterprise Linux 8.6 Extended Update Support.
PSS-177055
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to PSS-177055. Red Hat Security Advisory 2024-0751-03. Red Hat Security Advisory 2024-0751-03 - An update for libmaxminddb is now available for Red Hat Enterprise Linux 8.6 Extended Update Support.
#ExploitObserverAlert
ZDI-24-106
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to ZDI-24-106. Allegra renderFieldMatch Deserialization of Unstrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Allegra. Although authentication is required to exploit this vulnerability, product implements a registration mechanism that can be used to create a user with a sufficient privilege level. The ZDI has assigned a CVSS rating of 9.8. The following CVEs are assigned: CVE-2024-22505.
ZDI-24-106
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to ZDI-24-106. Allegra renderFieldMatch Deserialization of Unstrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Allegra. Although authentication is required to exploit this vulnerability, product implements a registration mechanism that can be used to create a user with a sufficient privilege level. The ZDI has assigned a CVSS rating of 9.8. The following CVEs are assigned: CVE-2024-22505.
#ExploitObserverAlert
CVE-2024-24321
DESCRIPTION: Exploit Observer has 4 entries in 2 file formats related to CVE-2024-24321. An issue in Dlink DIR-816A2 v.1.10CNB05 allows a remote attacker to execute arbitrary code via the wizardstep4_ssid_2 parameter in the sub_42DA54 function.
FIRST-EPSS: 0.000450000
CVE-2024-24321
DESCRIPTION: Exploit Observer has 4 entries in 2 file formats related to CVE-2024-24321. An issue in Dlink DIR-816A2 v.1.10CNB05 allows a remote attacker to execute arbitrary code via the wizardstep4_ssid_2 parameter in the sub_42DA54 function.
FIRST-EPSS: 0.000450000
#ExploitObserverAlert
ZDI-24-115
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to ZDI-24-115. Centreon updateContactServiceCommands SQL Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Centreon. Authentication is required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 7.2. The following CVEs are assigned: CVE-2024-23117.
ZDI-24-115
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to ZDI-24-115. Centreon updateContactServiceCommands SQL Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Centreon. Authentication is required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 7.2. The following CVEs are assigned: CVE-2024-23117.
#ExploitObserverAlert
ZDI-24-113
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to ZDI-24-113. Centreon insertGraphTemplate SQL Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Centreon. Authentication is required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 8.8. The following CVEs are assigned: CVE-2024-23119.
ZDI-24-113
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to ZDI-24-113. Centreon insertGraphTemplate SQL Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Centreon. Authentication is required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 8.8. The following CVEs are assigned: CVE-2024-23119.
#ExploitObserverAlert
PSS-177049
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to PSS-177049. Red Hat Security Advisory 2024-0745-03. Red Hat Security Advisory 2024-0745-03 - An update is now available for Red Hat Ceph Storage 5.3 in the Red Hat Ecosystem Catalog.
PSS-177049
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to PSS-177049. Red Hat Security Advisory 2024-0745-03. Red Hat Security Advisory 2024-0745-03 - An update is now available for Red Hat Ceph Storage 5.3 in the Red Hat Ecosystem Catalog.