#ExploitObserverAlert
TALOS-2019-0867
DESCRIPTION: Exploit Observer has 2 entries in 2 file formats related to TALOS-2019-0867. Schneider Electric Modicon M580 UMAS REST API getcominfo information disclosure vulnerability. An exploitable information disclosure vulnerability exists in the UMAS REST API getcominfo functionality of the Schneider Electric Modicon M580 Programmable Automation Controller firmware version SV2.80. A specially crafted HTTP request can cause the device to return arbitrary memory, resulting in the potential disclosure of system addresses. An attacker can send unauthenticated commands to trigger this vulnerability.
TALOS-2019-0867
DESCRIPTION: Exploit Observer has 2 entries in 2 file formats related to TALOS-2019-0867. Schneider Electric Modicon M580 UMAS REST API getcominfo information disclosure vulnerability. An exploitable information disclosure vulnerability exists in the UMAS REST API getcominfo functionality of the Schneider Electric Modicon M580 Programmable Automation Controller firmware version SV2.80. A specially crafted HTTP request can cause the device to return arbitrary memory, resulting in the potential disclosure of system addresses. An attacker can send unauthenticated commands to trigger this vulnerability.
#ExploitObserverAlert
BDU:2024-01111
DESCRIPTION: Exploit Observer has 4 entries in 1 file formats related to BDU:2024-01111.
BDU:2024-01111
DESCRIPTION: Exploit Observer has 4 entries in 1 file formats related to BDU:2024-01111.
#CyberNewsAlert
The National Critical Information Infrastructure Protection Centre (NCIIPC) of India is seeking top quality Indian Cyber Security Researchers, Ethical Hackers, and Pentesters to participate in a 10 to 20-day exercise aimed at testing the security posture of Critical Information Infrastructure (CII) systems.
Participants, whether individual or team-based, will be rewarded up to Rs. 10 lakhs and given Commendation Certificates based on the severity/impact of vulnerabilities discovered. NCIIPC will cover expenses for travel, boarding, and lodging during the exercise, and top performers may be considered for further cyber security assignments.
Interested participants can enroll by emailing contact details to cii.assessment@nciipc.gov.in and will undergo a selection process based on previous experience and performance in the domain.
Official Announcements -
https://twitter.com/NCIIPC/status/1756256398176903335
https://nciipc.gov.in/NCIIPCPenTestingOfCIIs.html
The National Critical Information Infrastructure Protection Centre (NCIIPC) of India is seeking top quality Indian Cyber Security Researchers, Ethical Hackers, and Pentesters to participate in a 10 to 20-day exercise aimed at testing the security posture of Critical Information Infrastructure (CII) systems.
Participants, whether individual or team-based, will be rewarded up to Rs. 10 lakhs and given Commendation Certificates based on the severity/impact of vulnerabilities discovered. NCIIPC will cover expenses for travel, boarding, and lodging during the exercise, and top performers may be considered for further cyber security assignments.
Interested participants can enroll by emailing contact details to cii.assessment@nciipc.gov.in and will undergo a selection process based on previous experience and performance in the domain.
Official Announcements -
https://twitter.com/NCIIPC/status/1756256398176903335
https://nciipc.gov.in/NCIIPCPenTestingOfCIIs.html
X (formerly Twitter)
NCIIPC India (@NCIIPC) on X
#NCIIPC is looking for expert pen-testers, security researchers and ethical hackers to secure nation's CIIs. Join NCIIPC scheme for Crowdsourcing of Pen Testing of CIIs.
#ExploitObserverAlert
PSS-177189
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to PSS-177189. Proxmark3 4.18218 Custom Firmware. This is a custom firmware written for the Proxmark3 device. It extends the currently available firmware. This release is nicknamed "DEFCON is Cancelled".
PSS-177189
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to PSS-177189. Proxmark3 4.18218 Custom Firmware. This is a custom firmware written for the Proxmark3 device. It extends the currently available firmware. This release is nicknamed "DEFCON is Cancelled".
#ExploitObserverAlert
PSS-177178
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to PSS-177178. Gentoo Linux Security Advisory 202402-20. Gentoo Linux Security Advisory 202402-20 - A vulnerability has been discovered in Thunar which may lead to arbitrary code execution Versions greater than or equal to 4.17.3 are affected.
PSS-177178
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to PSS-177178. Gentoo Linux Security Advisory 202402-20. Gentoo Linux Security Advisory 202402-20 - A vulnerability has been discovered in Thunar which may lead to arbitrary code execution Versions greater than or equal to 4.17.3 are affected.
#ExploitObserverAlert
PSS-177172
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to PSS-177172. Chrome chrome.pageCapture.saveAsMHTML() Extension API Blocked Origin Bypass. Chrome has an issue where the chrome.pageCapture.saveAsMHTML() extension API can be used on blocked origins due to a racy access check.
PSS-177172
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to PSS-177172. Chrome chrome.pageCapture.saveAsMHTML() Extension API Blocked Origin Bypass. Chrome has an issue where the chrome.pageCapture.saveAsMHTML() extension API can be used on blocked origins due to a racy access check.
#ExploitObserverAlert
CVE-2024-26328
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2024-26328. An issue was discovered in QEMU 7.1.0 through 8.2.1. register_vfs in hw/pci/pcie_sriov.c does not set NumVFs to PCI_SRIOV_TOTAL_VF, and thus interaction with hw/nvme/ctrl.c is mishandled.
FIRST-EPSS: 0.000430000
CVE-2024-26328
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2024-26328. An issue was discovered in QEMU 7.1.0 through 8.2.1. register_vfs in hw/pci/pcie_sriov.c does not set NumVFs to PCI_SRIOV_TOTAL_VF, and thus interaction with hw/nvme/ctrl.c is mishandled.
FIRST-EPSS: 0.000430000
#ExploitObserverAlert
PSS-177181
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to PSS-177181. Gentoo Linux Security Advisory 202402-23. Gentoo Linux Security Advisory 202402-23 - Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution. Versions greater than or equal to 121.0.6167.139 are affected.
PSS-177181
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to PSS-177181. Gentoo Linux Security Advisory 202402-23. Gentoo Linux Security Advisory 202402-23 - Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution. Versions greater than or equal to 121.0.6167.139 are affected.
#ExploitObserverAlert
CVE-2020-36774
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2020-36774. plugins/gtk+/glade-gtk-box.c in GNOME Glade before 3.38.1 and 3.39.x before 3.40.0 mishandles widget rebuilding for GladeGtkBox, leading to a denial of service (application crash).
FIRST-EPSS: 0.000430000
CVE-2020-36774
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2020-36774. plugins/gtk+/glade-gtk-box.c in GNOME Glade before 3.38.1 and 3.39.x before 3.40.0 mishandles widget rebuilding for GladeGtkBox, leading to a denial of service (application crash).
FIRST-EPSS: 0.000430000
#ExploitObserverAlert
PSS-177171
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to PSS-177171. Gentoo Linux Security Advisory 202402-16. Gentoo Linux Security Advisory 202402-16 - Multiple vulnerabilities have been discovered in Apache Log4j, the worst of which can lead to remote code execution. Versions less than or equal to 1.2.17 are affected.
PSS-177171
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to PSS-177171. Gentoo Linux Security Advisory 202402-16. Gentoo Linux Security Advisory 202402-16 - Multiple vulnerabilities have been discovered in Apache Log4j, the worst of which can lead to remote code execution. Versions less than or equal to 1.2.17 are affected.
#ExploitObserverAlert
PSS-177170
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to PSS-177170. Gentoo Linux Security Advisory 202402-15. Gentoo Linux Security Advisory 202402-15 - A vulnerability has been discovered in e2fsprogs which can lead to arbitrary code execution. Versions greater than or equal to 1.46.6 are affected.
PSS-177170
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to PSS-177170. Gentoo Linux Security Advisory 202402-15. Gentoo Linux Security Advisory 202402-15 - A vulnerability has been discovered in e2fsprogs which can lead to arbitrary code execution. Versions greater than or equal to 1.46.6 are affected.
#ExploitObserverAlert
CVE-2024-25710
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2024-25710. Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in Apache Commons Compress.This issue affects Apache Commons Compress: from 1.3 through 1.25.0. Users are recommended to upgrade to version 1.26.0 which fixes the issue.
CVE-2024-25710
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2024-25710. Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in Apache Commons Compress.This issue affects Apache Commons Compress: from 1.3 through 1.25.0. Users are recommended to upgrade to version 1.26.0 which fixes the issue.
#ExploitObserverAlert
PSS-177185
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to PSS-177185. Gentoo Linux Security Advisory 202402-25. Gentoo Linux Security Advisory 202402-25 - Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution. Versions greater than or equal to 115.7.0 are affected.
PSS-177185
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to PSS-177185. Gentoo Linux Security Advisory 202402-25. Gentoo Linux Security Advisory 202402-25 - Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution. Versions greater than or equal to 115.7.0 are affected.
#ExploitObserverAlert
PSS-177168
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to PSS-177168. User Registration And Login And User Management System 3.1 SQL Injection. User Registration and Login and User Management System version 3.1 suffers from a remote SQL injection vulnerability.
PSS-177168
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to PSS-177168. User Registration And Login And User Management System 3.1 SQL Injection. User Registration and Login and User Management System version 3.1 suffers from a remote SQL injection vulnerability.
#ExploitObserverAlert
CVE-2024-26327
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2024-26327. An issue was discovered in QEMU 7.1.0 through 8.2.1. register_vfs in hw/pci/pcie_sriov.c mishandles the situation where a guest writes NumVFs greater than TotalVFs, leading to a buffer overflow in VF implementations.
FIRST-EPSS: 0.000430000
CVE-2024-26327
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2024-26327. An issue was discovered in QEMU 7.1.0 through 8.2.1. register_vfs in hw/pci/pcie_sriov.c mishandles the situation where a guest writes NumVFs greater than TotalVFs, leading to a buffer overflow in VF implementations.
FIRST-EPSS: 0.000430000
#ExploitObserverAlert
PSS-177177
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to PSS-177177. Online Library Management System 3 Password Reset. Online Library Management System version 3 suffers from a password reset vulnerability due to a logic flaw of allowing the same email address to be set for multiple users.
PSS-177177
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to PSS-177177. Online Library Management System 3 Password Reset. Online Library Management System version 3 suffers from a password reset vulnerability due to a logic flaw of allowing the same email address to be set for multiple users.
#ExploitObserverAlert
PSS-177182
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to PSS-177182. Gentoo Linux Security Advisory 202402-24. Gentoo Linux Security Advisory 202402-24 - Multiple vulnerabilities have been discovered in Seamonkey, the worst of which can lead to remote code execution. Versions greater than or equal to 2.53.10.2 are affected.
PSS-177182
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to PSS-177182. Gentoo Linux Security Advisory 202402-24. Gentoo Linux Security Advisory 202402-24 - Multiple vulnerabilities have been discovered in Seamonkey, the worst of which can lead to remote code execution. Versions greater than or equal to 2.53.10.2 are affected.
#ExploitObserverAlert
CVE-2024-26308
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2024-26308. Allocation of Resources Without Limits or Throttling vulnerability in Apache Commons Compress.This issue affects Apache Commons Compress: from 1.21 before 1.26. Users are recommended to upgrade to version 1.26, which fixes the issue.
CVE-2024-26308
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2024-26308. Allocation of Resources Without Limits or Throttling vulnerability in Apache Commons Compress.This issue affects Apache Commons Compress: from 1.21 before 1.26. Users are recommended to upgrade to version 1.26, which fixes the issue.
#ExploitObserverAlert
PSS-177174
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to PSS-177174. Gentoo Linux Security Advisory 202402-17. Gentoo Linux Security Advisory 202402-17 - Multiple vulnerabilities have been discovered in CUPS, the worst of which can lead to arbitrary code execution. Versions greater than or equal to 2.4.7 are affected.
PSS-177174
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to PSS-177174. Gentoo Linux Security Advisory 202402-17. Gentoo Linux Security Advisory 202402-17 - Multiple vulnerabilities have been discovered in CUPS, the worst of which can lead to arbitrary code execution. Versions greater than or equal to 2.4.7 are affected.
#ExploitObserverAlert
PSS-177188
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to PSS-177188. Gentoo Linux Security Advisory 202402-26. Gentoo Linux Security Advisory 202402-26 - Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which could result in arbitrary code execution. Versions greater than or equal to 115.7.0:esr are affected.
PSS-177188
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to PSS-177188. Gentoo Linux Security Advisory 202402-26. Gentoo Linux Security Advisory 202402-26 - Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which could result in arbitrary code execution. Versions greater than or equal to 115.7.0:esr are affected.
#ExploitObserverAlert
PSS-177186
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to PSS-177186. Microsoft Windows Defender / Trojan.Win32/Powessere.G VBScript Detection Bypass. This is additional research regarding a mitigation bypass in Windows Defender. Back in 2022, the researcher disclosed how it could be easily bypassed by passing an extra path traversal when referencing mshtml but that issue has since been mitigated. However, the researcher discovered using multiple commas can also be used to achieve the bypass. This issue was addressed. The fix was short lived as the researcher found yet another third trivial bypass. Previously, the researcher disclosed 3 bypasses using rundll32 javascript, but this example leverages the VBSCRIPT and ActiveX engines.
PSS-177186
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to PSS-177186. Microsoft Windows Defender / Trojan.Win32/Powessere.G VBScript Detection Bypass. This is additional research regarding a mitigation bypass in Windows Defender. Back in 2022, the researcher disclosed how it could be easily bypassed by passing an extra path traversal when referencing mshtml but that issue has since been mitigated. However, the researcher discovered using multiple commas can also be used to achieve the bypass. This issue was addressed. The fix was short lived as the researcher found yet another third trivial bypass. Previously, the researcher disclosed 3 bypasses using rundll32 javascript, but this example leverages the VBSCRIPT and ActiveX engines.