#ExploitObserverAlert
CVE-2024-26318
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2024-26318. Serenity before 6.8.0 allows XSS via an email link because LoginPage.tsx permits return URLs that do not begin with a / character.
FIRST-EPSS: 0.000430000
CVE-2024-26318
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2024-26318. Serenity before 6.8.0 allows XSS via an email link because LoginPage.tsx permits return URLs that do not begin with a / character.
FIRST-EPSS: 0.000430000
#ExploitObserverAlert
PSS-177176
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to PSS-177176. Gentoo Linux Security Advisory 202402-19. Gentoo Linux Security Advisory 202402-19 - A vulnerability has been discovered in libcaca which can lead to arbitrary code execution. Versions greater than or equal to 0.99_beta19-r4 are affected.
PSS-177176
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to PSS-177176. Gentoo Linux Security Advisory 202402-19. Gentoo Linux Security Advisory 202402-19 - A vulnerability has been discovered in libcaca which can lead to arbitrary code execution. Versions greater than or equal to 0.99_beta19-r4 are affected.
#ExploitObserverAlert
PSS-177169
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to PSS-177169. WonderCMS 4.3.2 Cross Site Scripting / Remote Code Execution. WonderCMS version 4.3.2 remote exploit that leverages cross site scripting to achieve remote code execution.
PSS-177169
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to PSS-177169. WonderCMS 4.3.2 Cross Site Scripting / Remote Code Execution. WonderCMS version 4.3.2 remote exploit that leverages cross site scripting to achieve remote code execution.
#ExploitObserverAlert
PSS-177180
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to PSS-177180. Gentoo Linux Security Advisory 202402-22. Gentoo Linux Security Advisory 202402-22 - Multiple vulnerabilities have been discovered in intel-microcode, the worst of which can lead to privilege escalation. Versions greater than or equal to 20230214_p20230212 are affected.
PSS-177180
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to PSS-177180. Gentoo Linux Security Advisory 202402-22. Gentoo Linux Security Advisory 202402-22 - Multiple vulnerabilities have been discovered in intel-microcode, the worst of which can lead to privilege escalation. Versions greater than or equal to 20230214_p20230212 are affected.
#ExploitObserverAlert
PSS-177192
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to PSS-177192. Gentoo Linux Security Advisory 202402-28. Gentoo Linux Security Advisory 202402-28 - Multiple vulnerabilities have been discovered in Samba, the worst of which can lead to remote code execution. Versions greater than or equal to 4.18.9 are affected.
PSS-177192
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to PSS-177192. Gentoo Linux Security Advisory 202402-28. Gentoo Linux Security Advisory 202402-28 - Multiple vulnerabilities have been discovered in Samba, the worst of which can lead to remote code execution. Versions greater than or equal to 4.18.9 are affected.
#ExploitObserverAlert
PSS-177184
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to PSS-177184. Gentoo Linux Security Advisory 202402-21. Gentoo Linux Security Advisory 202402-21 - Multiple vulnerabilities have been discovered in QtNetwork, the worst of which could lead to execution of arbitrary code. Versions greater than or equal to 6.6.1-r2 are affected.
PSS-177184
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to PSS-177184. Gentoo Linux Security Advisory 202402-21. Gentoo Linux Security Advisory 202402-21 - Multiple vulnerabilities have been discovered in QtNetwork, the worst of which could lead to execution of arbitrary code. Versions greater than or equal to 6.6.1-r2 are affected.
#ExploitObserverAlert
PSS-177191
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to PSS-177191. Debian Security Advisory 5626-1. Debian Linux Security Advisory 5626-1 - It was discovered that malformed DNSSEC records within a DNS zone could result in denial of service against PDNS Recursor, a resolving name server.
PSS-177191
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to PSS-177191. Debian Security Advisory 5626-1. Debian Linux Security Advisory 5626-1 - It was discovered that malformed DNSSEC records within a DNS zone could result in denial of service against PDNS Recursor, a resolving name server.
#ExploitObserverAlert
CVE-2024-24722
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2024-24722. An unquoted service path vulnerability in the 12d Synergy Server and File Replication Server components may allow an attacker to gain elevated privileges via the 12d Synergy Server and/or 12d Synergy File Replication Server executable service path. This is fixed in 4.3.10.192, 5.1.5.221, and 5.1.6.235.
FIRST-EPSS: 0.000450000
CVE-2024-24722
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2024-24722. An unquoted service path vulnerability in the 12d Synergy Server and File Replication Server components may allow an attacker to gain elevated privileges via the 12d Synergy Server and/or 12d Synergy File Replication Server executable service path. This is fixed in 4.3.10.192, 5.1.5.221, and 5.1.6.235.
FIRST-EPSS: 0.000450000
#ExploitObserverAlert
CVE-2022-48624
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2022-48624. close_altfile in filename.c in less before 606 omits shell_quote calls for LESSCLOSE.
FIRST-EPSS: 0.000450000
CVE-2022-48624
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2022-48624. close_altfile in filename.c in less before 606 omits shell_quote calls for LESSCLOSE.
FIRST-EPSS: 0.000450000
#ExploitObserverAlert
PSS-177173
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to PSS-177173. Employee Management System 1.0 SQL Injection. Employee Management System version 1.0 suffers from a remote SQL injection vulnerability. Original discovery of this finding is attributed to Ozlem Balci in January of 2024.
PSS-177173
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to PSS-177173. Employee Management System 1.0 SQL Injection. Employee Management System version 1.0 suffers from a remote SQL injection vulnerability. Original discovery of this finding is attributed to Ozlem Balci in January of 2024.
#ExploitObserverAlert
PSS-177183
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to PSS-177183. InstantCMS 2.16.1 Cross Site Scripting. InstantCMS version 2.16.1 suffers from a persistent cross site scripting vulnerability that appears to require administrative access.
PSS-177183
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to PSS-177183. InstantCMS 2.16.1 Cross Site Scripting. InstantCMS version 2.16.1 suffers from a persistent cross site scripting vulnerability that appears to require administrative access.
#ExploitObserverAlert
PSS-177187
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to PSS-177187. Microsoft Windows Defender / Backdoor_JS.Relvelshe.A Detection / Mitigation Bypass. Back in 2022, the researcher released a proof of concept to bypass the Backdoor:JS/Relvelshe.A detection in Windows Defender but it no longer works as it was mitigated. However, adding a simple javascript try catch error statement and eval'ing the hex string, it executes as of the time of this post.
PSS-177187
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to PSS-177187. Microsoft Windows Defender / Backdoor_JS.Relvelshe.A Detection / Mitigation Bypass. Back in 2022, the researcher released a proof of concept to bypass the Backdoor:JS/Relvelshe.A detection in Windows Defender but it no longer works as it was mitigated. However, adding a simple javascript try catch error statement and eval'ing the hex string, it executes as of the time of this post.
#ExploitObserverAlert
PSS-177179
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to PSS-177179. SureMDM On-Premise CAPTCHA Bypass / User Enumeration. SureMDM On-Premise versions prior to 6.31 suffer from CAPTCHA bypass and user enumeration vulnerabilities.
PSS-177179
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to PSS-177179. SureMDM On-Premise CAPTCHA Bypass / User Enumeration. SureMDM On-Premise versions prior to 6.31 suffer from CAPTCHA bypass and user enumeration vulnerabilities.
#ExploitObserverAlert
PSS-177190
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to PSS-177190. Gentoo Linux Security Advisory 202402-27. Gentoo Linux Security Advisory 202402-27 - A vulnerability has been discovered in Glade which can lead to a denial of service. Versions greater than or equal to 3.38.2 are affected.
PSS-177190
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to PSS-177190. Gentoo Linux Security Advisory 202402-27. Gentoo Linux Security Advisory 202402-27 - A vulnerability has been discovered in Glade which can lead to a denial of service. Versions greater than or equal to 3.38.2 are affected.
#ExploitObserverAlert
PSS-177175
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to PSS-177175. Gentoo Linux Security Advisory 202402-18. Gentoo Linux Security Advisory 202402-18 - Multiple vulnerabilities have been discovered in Exim, the worst of which can lead to remote code execution. Versions greater than or equal to 4.97.1 are affected.
PSS-177175
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to PSS-177175. Gentoo Linux Security Advisory 202402-18. Gentoo Linux Security Advisory 202402-18 - Multiple vulnerabilities have been discovered in Exim, the worst of which can lead to remote code execution. Versions greater than or equal to 4.97.1 are affected.
#ExploitObserverAlert
CVE-2023-6260
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2023-6260. Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Brivo ACS100, ACS300 allows OS Command Injection, Bypassing Physical Security.This issue affects ACS100 (Network Adjacent Access), ACS300 (Physical Access): from 5.2.4 before 6.2.4.3.
CVE-2023-6260
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2023-6260. Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Brivo ACS100, ACS300 allows OS Command Injection, Bypassing Physical Security.This issue affects ACS100 (Network Adjacent Access), ACS300 (Physical Access): from 5.2.4 before 6.2.4.3.
#ExploitObserverAlert
CVE-2024-25978
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2024-25978. Insufficient file size checks resulted in a denial of service risk in the file picker's unzip functionality.
CVE-2024-25978
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2024-25978. Insufficient file size checks resulted in a denial of service risk in the file picker's unzip functionality.
#ExploitObserverAlert
CVE-2023-6259
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2023-6259. Insufficiently Protected Credentials, : Improper Access Control vulnerability in Brivo ACS100, ACS300 allows Password Recovery Exploitation, Bypassing Physical Security.This issue affects ACS100, ACS300: from 5.2.4 before 6.2.4.3.
CVE-2023-6259
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2023-6259. Insufficiently Protected Credentials, : Improper Access Control vulnerability in Brivo ACS100, ACS300 allows Password Recovery Exploitation, Bypassing Physical Security.This issue affects ACS100, ACS300: from 5.2.4 before 6.2.4.3.
#ExploitObserverAlert
CVE-2024-1597
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2024-1597. pgjdbc, the PostgreSQL JDBC Driver, allows attacker to inject SQL if using PreferQueryMode=SIMPLE. Note this is not the default. In the default mode there is no vulnerability. A placeholder for a numeric value must be immediately preceded by a minus. There must be a second placeholder for a string value after the first placeholder; both must be on the same line. By constructing a matching string payload, the attacker can inject SQL to alter the query,bypassing the protections that parameterized queries bring against SQL Injection attacks. Versions before 42.7.2, 42.6.1, 42.5.5, 42.4.4, 42.3.9, and 42.2.8 are affected.
CVE-2024-1597
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2024-1597. pgjdbc, the PostgreSQL JDBC Driver, allows attacker to inject SQL if using PreferQueryMode=SIMPLE. Note this is not the default. In the default mode there is no vulnerability. A placeholder for a numeric value must be immediately preceded by a minus. There must be a second placeholder for a string value after the first placeholder; both must be on the same line. By constructing a matching string payload, the attacker can inject SQL to alter the query,bypassing the protections that parameterized queries bring against SQL Injection attacks. Versions before 42.7.2, 42.6.1, 42.5.5, 42.4.4, 42.3.9, and 42.2.8 are affected.
#ExploitObserverAlert
CVE-2024-1635
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2024-1635. A vulnerability was found in Undertow. This vulnerability impacts a server that supports the wildfly-http-client protocol. Whenever a malicious user opens and closes a connection with the HTTP port of the server and then closes the connection immediately, the server will end with both memory and open file limits exhausted at some point, depending on the amount of memory available. At HTTP upgrade to remoting, the WriteTimeoutStreamSinkConduit leaks connections if RemotingConnection is closed by Remoting ServerConnectionOpenListener. Because the remoting connection originates in Undertow as part of the HTTP upgrade, there is an external layer to the remoting connection. This connection is unaware of the outermost layer when closing the connection during the connection opening procedure. Hence, the Undertow WriteTimeoutStreamSinkConduit is not notified of the closed connection in this scenario. Because WriteTimeoutStreamSinkConduit creates a timeout task, the whole dependency tree leaks via that task, which is added to XNIO WorkerThread. So, the workerThread points to the Undertow conduit, which contains the connections and causes the leak.
CVE-2024-1635
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2024-1635. A vulnerability was found in Undertow. This vulnerability impacts a server that supports the wildfly-http-client protocol. Whenever a malicious user opens and closes a connection with the HTTP port of the server and then closes the connection immediately, the server will end with both memory and open file limits exhausted at some point, depending on the amount of memory available. At HTTP upgrade to remoting, the WriteTimeoutStreamSinkConduit leaks connections if RemotingConnection is closed by Remoting ServerConnectionOpenListener. Because the remoting connection originates in Undertow as part of the HTTP upgrade, there is an external layer to the remoting connection. This connection is unaware of the outermost layer when closing the connection during the connection opening procedure. Hence, the Undertow WriteTimeoutStreamSinkConduit is not notified of the closed connection in this scenario. Because WriteTimeoutStreamSinkConduit creates a timeout task, the whole dependency tree leaks via that task, which is added to XNIO WorkerThread. So, the workerThread points to the Undertow conduit, which contains the connections and causes the leak.
#ExploitObserverAlert
CVE-2024-25983
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2024-25983. Insufficient checks in a web service made it possible to add comments to the comments block on another user's dashboard when it was not otherwise available (e.g., on their profile page).
CVE-2024-25983
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2024-25983. Insufficient checks in a web service made it possible to add comments to the comments block on another user's dashboard when it was not otherwise available (e.g., on their profile page).