#ExploitObserverAlert
PSS-177175
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to PSS-177175. Gentoo Linux Security Advisory 202402-18. Gentoo Linux Security Advisory 202402-18 - Multiple vulnerabilities have been discovered in Exim, the worst of which can lead to remote code execution. Versions greater than or equal to 4.97.1 are affected.
PSS-177175
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to PSS-177175. Gentoo Linux Security Advisory 202402-18. Gentoo Linux Security Advisory 202402-18 - Multiple vulnerabilities have been discovered in Exim, the worst of which can lead to remote code execution. Versions greater than or equal to 4.97.1 are affected.
#ExploitObserverAlert
CVE-2023-6260
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2023-6260. Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Brivo ACS100, ACS300 allows OS Command Injection, Bypassing Physical Security.This issue affects ACS100 (Network Adjacent Access), ACS300 (Physical Access): from 5.2.4 before 6.2.4.3.
CVE-2023-6260
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2023-6260. Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Brivo ACS100, ACS300 allows OS Command Injection, Bypassing Physical Security.This issue affects ACS100 (Network Adjacent Access), ACS300 (Physical Access): from 5.2.4 before 6.2.4.3.
#ExploitObserverAlert
CVE-2024-25978
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2024-25978. Insufficient file size checks resulted in a denial of service risk in the file picker's unzip functionality.
CVE-2024-25978
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2024-25978. Insufficient file size checks resulted in a denial of service risk in the file picker's unzip functionality.
#ExploitObserverAlert
CVE-2023-6259
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2023-6259. Insufficiently Protected Credentials, : Improper Access Control vulnerability in Brivo ACS100, ACS300 allows Password Recovery Exploitation, Bypassing Physical Security.This issue affects ACS100, ACS300: from 5.2.4 before 6.2.4.3.
CVE-2023-6259
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2023-6259. Insufficiently Protected Credentials, : Improper Access Control vulnerability in Brivo ACS100, ACS300 allows Password Recovery Exploitation, Bypassing Physical Security.This issue affects ACS100, ACS300: from 5.2.4 before 6.2.4.3.
#ExploitObserverAlert
CVE-2024-1597
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2024-1597. pgjdbc, the PostgreSQL JDBC Driver, allows attacker to inject SQL if using PreferQueryMode=SIMPLE. Note this is not the default. In the default mode there is no vulnerability. A placeholder for a numeric value must be immediately preceded by a minus. There must be a second placeholder for a string value after the first placeholder; both must be on the same line. By constructing a matching string payload, the attacker can inject SQL to alter the query,bypassing the protections that parameterized queries bring against SQL Injection attacks. Versions before 42.7.2, 42.6.1, 42.5.5, 42.4.4, 42.3.9, and 42.2.8 are affected.
CVE-2024-1597
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2024-1597. pgjdbc, the PostgreSQL JDBC Driver, allows attacker to inject SQL if using PreferQueryMode=SIMPLE. Note this is not the default. In the default mode there is no vulnerability. A placeholder for a numeric value must be immediately preceded by a minus. There must be a second placeholder for a string value after the first placeholder; both must be on the same line. By constructing a matching string payload, the attacker can inject SQL to alter the query,bypassing the protections that parameterized queries bring against SQL Injection attacks. Versions before 42.7.2, 42.6.1, 42.5.5, 42.4.4, 42.3.9, and 42.2.8 are affected.
#ExploitObserverAlert
CVE-2024-1635
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2024-1635. A vulnerability was found in Undertow. This vulnerability impacts a server that supports the wildfly-http-client protocol. Whenever a malicious user opens and closes a connection with the HTTP port of the server and then closes the connection immediately, the server will end with both memory and open file limits exhausted at some point, depending on the amount of memory available. At HTTP upgrade to remoting, the WriteTimeoutStreamSinkConduit leaks connections if RemotingConnection is closed by Remoting ServerConnectionOpenListener. Because the remoting connection originates in Undertow as part of the HTTP upgrade, there is an external layer to the remoting connection. This connection is unaware of the outermost layer when closing the connection during the connection opening procedure. Hence, the Undertow WriteTimeoutStreamSinkConduit is not notified of the closed connection in this scenario. Because WriteTimeoutStreamSinkConduit creates a timeout task, the whole dependency tree leaks via that task, which is added to XNIO WorkerThread. So, the workerThread points to the Undertow conduit, which contains the connections and causes the leak.
CVE-2024-1635
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2024-1635. A vulnerability was found in Undertow. This vulnerability impacts a server that supports the wildfly-http-client protocol. Whenever a malicious user opens and closes a connection with the HTTP port of the server and then closes the connection immediately, the server will end with both memory and open file limits exhausted at some point, depending on the amount of memory available. At HTTP upgrade to remoting, the WriteTimeoutStreamSinkConduit leaks connections if RemotingConnection is closed by Remoting ServerConnectionOpenListener. Because the remoting connection originates in Undertow as part of the HTTP upgrade, there is an external layer to the remoting connection. This connection is unaware of the outermost layer when closing the connection during the connection opening procedure. Hence, the Undertow WriteTimeoutStreamSinkConduit is not notified of the closed connection in this scenario. Because WriteTimeoutStreamSinkConduit creates a timeout task, the whole dependency tree leaks via that task, which is added to XNIO WorkerThread. So, the workerThread points to the Undertow conduit, which contains the connections and causes the leak.
#ExploitObserverAlert
CVE-2024-25983
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2024-25983. Insufficient checks in a web service made it possible to add comments to the comments block on another user's dashboard when it was not otherwise available (e.g., on their profile page).
CVE-2024-25983
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2024-25983. Insufficient checks in a web service made it possible to add comments to the comments block on another user's dashboard when it was not otherwise available (e.g., on their profile page).
#ExploitObserverAlert
CVE-2024-25980
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2024-25980. Separate Groups mode restrictions were not honored in the H5P attempts report, which would display users from other groups. By default this only provided additional access to non-editing teachers.
CVE-2024-25980
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2024-25980. Separate Groups mode restrictions were not honored in the H5P attempts report, which would display users from other groups. By default this only provided additional access to non-editing teachers.
#ExploitObserverAlert
CVE-2024-1346
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2024-1346. Weak MySQL database root password in LaborOfficeFree affects version 19.10. This vulnerability allows an attacker to calculate the root password of the MySQL database used by LaborOfficeFree using two constants.
CVE-2024-1346
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2024-1346. Weak MySQL database root password in LaborOfficeFree affects version 19.10. This vulnerability allows an attacker to calculate the root password of the MySQL database used by LaborOfficeFree using two constants.
#ExploitObserverAlert
EDB-51800
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to EDB-51800. XAMPP - Buffer Overflow POC
EDB-51800
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to EDB-51800. XAMPP - Buffer Overflow POC
#ExploitObserverAlert
CVE-2024-1633
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2024-1633. During the secure boot, bl2 (the second stage of the bootloader) loops over images defined in the table “bl2_mem_params_descs”. For each image, the bl2 reads the image length and destination from the image’s certificate. Because of the way of reading from the image, which base on 32-bit unsigned integer value, it can result to an integer overflow. An attacker can bypass memory range restriction and write data out of buffer bounds, which could result in bypass of secure boot. Affected git version from c2f286820471ed276c57e603762bd831873e5a17 until (not
CVE-2024-1633
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2024-1633. During the secure boot, bl2 (the second stage of the bootloader) loops over images defined in the table “bl2_mem_params_descs”. For each image, the bl2 reads the image length and destination from the image’s certificate. Because of the way of reading from the image, which base on 32-bit unsigned integer value, it can result to an integer overflow. An attacker can bypass memory range restriction and write data out of buffer bounds, which could result in bypass of secure boot. Affected git version from c2f286820471ed276c57e603762bd831873e5a17 until (not
#ExploitObserverAlert
PD/http/vulnerabilities/generic/xss-fuzz
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to PD/http/vulnerabilities/generic/xss-fuzz. Cross-site scripting was discovered via a search for reflected parameter values in the server response via GET-requests.
PD/http/vulnerabilities/generic/xss-fuzz
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to PD/http/vulnerabilities/generic/xss-fuzz. Cross-site scripting was discovered via a search for reflected parameter values in the server response via GET-requests.
#ExploitObserverAlert
EDB-51801
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to EDB-51801. Microsoft Windows Defender Bypass - Detection Mitigation Bypass
EDB-51801
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to EDB-51801. Microsoft Windows Defender Bypass - Detection Mitigation Bypass
#ExploitObserverAlert
CVE-2024-25981
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2024-25981. Separate Groups mode restrictions were not honored when performing a forum export, which would export forum data for all groups. By default this only provided additional access to non-editing teachers.
CVE-2024-25981
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2024-25981. Separate Groups mode restrictions were not honored when performing a forum export, which would export forum data for all groups. By default this only provided additional access to non-editing teachers.
#ExploitObserverAlert
EDB-51805
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to EDB-51805. Wondercms 4.3.2 - XSS to RCE
EDB-51805
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to EDB-51805. Wondercms 4.3.2 - XSS to RCE
#ExploitObserverAlert
EDB-51802
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to EDB-51802. Microsoft Windows Defender - VBScript Detection Bypass
EDB-51802
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to EDB-51802. Microsoft Windows Defender - VBScript Detection Bypass
#ExploitObserverAlert
CVE-2024-25979
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2024-25979. The URL parameters accepted by forum search were not limited to the allowed parameters.
CVE-2024-25979
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2024-25979. The URL parameters accepted by forum search were not limited to the allowed parameters.
#ExploitObserverAlert
CVE-2024-1344
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2024-1344. Encrypted database credentials in LaborOfficeFree affecting version 19.10. This vulnerability allows an attacker to read and extract the username and password from the database of 'LOF_service.exe' and 'LaborOfficeFree.exe' located in the '%programfiles(x86)%\LaborOfficeFree\' directory. This user can log in remotely and has root-like privileges.
CVE-2024-1344
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2024-1344. Encrypted database credentials in LaborOfficeFree affecting version 19.10. This vulnerability allows an attacker to read and extract the username and password from the database of 'LOF_service.exe' and 'LaborOfficeFree.exe' located in the '%programfiles(x86)%\LaborOfficeFree\' directory. This user can log in remotely and has root-like privileges.
#ExploitObserverAlert
CVE-2024-1580
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2024-1580. An integer overflow in dav1d AV1 decoder that can occur when decoding videos with large frame size. This can lead to memory corruption within the AV1 decoder. We recommend upgrading past version 1.4.0 of dav1d.
CVE-2024-1580
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2024-1580. An integer overflow in dav1d AV1 decoder that can occur when decoding videos with large frame size. This can lead to memory corruption within the AV1 decoder. We recommend upgrading past version 1.4.0 of dav1d.
#ExploitObserverAlert
CVE-2024-1343
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2024-1343. A weak permission was found in the backup directory in LaborOfficeFree affecting version 19.10. This vulnerability allows any authenticated user to read backup files in the directory '%programfiles(x86)% LaborOfficeFree BackUp'.
CVE-2024-1343
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2024-1343. A weak permission was found in the backup directory in LaborOfficeFree affecting version 19.10. This vulnerability allows any authenticated user to read backup files in the directory '%programfiles(x86)% LaborOfficeFree BackUp'.
#ExploitObserverAlert
CVE-2024-25625
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2024-25625. Pimcore's Admin Classic Bundle provides a Backend UI for Pimcore. A potential security vulnerability has been discovered in `pimcore/admin-ui-classic-bundle` prior to version 1.3.4. The vulnerability involves a Host Header Injection in the `invitationLinkAction` function of the UserController, specifically in the way `$loginUrl` trusts user input. The host header from incoming HTTP requests is used unsafely when generating URLs. An attacker can manipulate the HTTP host header in requests to the /admin/user/invitationlink endpoint, resulting in the generation of URLs with the attacker's domain. In fact, if a host header is injected in the POST request, the $loginURL parameter is constructed with this unvalidated host header. It is then used to send an invitation email to the provided user. This vulnerability can be used to perform phishing attacks by making the URLs in the invitation links emails point to an attacker-controlled domain. Version 1.3.4 contains a patch for the vulnerability. The maintainers recommend validating the host header and ensuring it matches the application's domain. It would also be beneficial to use a default trusted host or hostname if the incoming host header is not recognized or is absent.
CVE-2024-25625
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2024-25625. Pimcore's Admin Classic Bundle provides a Backend UI for Pimcore. A potential security vulnerability has been discovered in `pimcore/admin-ui-classic-bundle` prior to version 1.3.4. The vulnerability involves a Host Header Injection in the `invitationLinkAction` function of the UserController, specifically in the way `$loginUrl` trusts user input. The host header from incoming HTTP requests is used unsafely when generating URLs. An attacker can manipulate the HTTP host header in requests to the /admin/user/invitationlink endpoint, resulting in the generation of URLs with the attacker's domain. In fact, if a host header is injected in the POST request, the $loginURL parameter is constructed with this unvalidated host header. It is then used to send an invitation email to the provided user. This vulnerability can be used to perform phishing attacks by making the URLs in the invitation links emails point to an attacker-controlled domain. Version 1.3.4 contains a patch for the vulnerability. The maintainers recommend validating the host header and ensuring it matches the application's domain. It would also be beneficial to use a default trusted host or hostname if the incoming host header is not recognized or is absent.