#ExploitObserverAlert
CVE-2023-39541
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2023-39541. A denial of service vulnerability exists in the ICMP and ICMPv6 parsing functionality of Weston Embedded uC-TCP-IP v3.06.01. A specially crafted network packet can lead to an out-of-bounds read. An attacker can send a malicious packet to trigger this vulnerability.This vulnerability concerns a denial of service within the parsing an IPv6 ICMPv6 packet.
NVD-IS: 3.6
NVD-ES: 2.2
CVE-2023-39541
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2023-39541. A denial of service vulnerability exists in the ICMP and ICMPv6 parsing functionality of Weston Embedded uC-TCP-IP v3.06.01. A specially crafted network packet can lead to an out-of-bounds read. An attacker can send a malicious packet to trigger this vulnerability.This vulnerability concerns a denial of service within the parsing an IPv6 ICMPv6 packet.
NVD-IS: 3.6
NVD-ES: 2.2
#ExploitObserverAlert
CVE-2024-26267
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2024-26267. In Liferay Portal 7.2.0 through 7.4.3.25, and older unsupported versions, and Liferay DXP 7.4 before update 26, 7.3 before update 5, 7.2 before fix pack 19, and older unsupported versions the default value of the portal property `http.header.version.verbosity` is set to `full`, which allows remote attackers to easily identify the version of the application that is running and the vulnerabilities that affect that version via 'Liferay-Portal` response header.
CVE-2024-26267
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2024-26267. In Liferay Portal 7.2.0 through 7.4.3.25, and older unsupported versions, and Liferay DXP 7.4 before update 26, 7.3 before update 5, 7.2 before fix pack 19, and older unsupported versions the default value of the portal property `http.header.version.verbosity` is set to `full`, which allows remote attackers to easily identify the version of the application that is running and the vulnerabilities that affect that version via 'Liferay-Portal` response header.
#ExploitObserverAlert
GHSA-8h95-jcp5-pjpr
DESCRIPTION: Exploit Observer has 6 entries in 3 file formats related to GHSA-8h95-jcp5-pjpr. Improper Validation of Array Index in github.com/greenpau/caddy-security
GHSA-8h95-jcp5-pjpr
DESCRIPTION: Exploit Observer has 6 entries in 3 file formats related to GHSA-8h95-jcp5-pjpr. Improper Validation of Array Index in github.com/greenpau/caddy-security
#ExploitObserverAlert
CVE-2023-45318
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2023-45318. A heap-based buffer overflow vulnerability exists in the HTTP Server functionality of Weston Embedded uC-HTTP git commit 80d4004. A specially crafted network packet can lead to arbitrary code execution. An attacker can send a malicious packet to trigger this vulnerability.
NVD-IS: 6.0
NVD-ES: 3.9
CVE-2023-45318
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2023-45318. A heap-based buffer overflow vulnerability exists in the HTTP Server functionality of Weston Embedded uC-HTTP git commit 80d4004. A specially crafted network packet can lead to arbitrary code execution. An attacker can send a malicious packet to trigger this vulnerability.
NVD-IS: 6.0
NVD-ES: 3.9
#ExploitObserverAlert
GHSA-4g9r-vxhx-9pgx
DESCRIPTION: Exploit Observer has 4 entries in 3 file formats related to GHSA-4g9r-vxhx-9pgx. Apache Commons Compress: Denial of service caused by an infinite loop for a corrupted DUMP file
GHSA-4g9r-vxhx-9pgx
DESCRIPTION: Exploit Observer has 4 entries in 3 file formats related to GHSA-4g9r-vxhx-9pgx. Apache Commons Compress: Denial of service caused by an infinite loop for a corrupted DUMP file
#ExploitObserverAlert
CVE-2024-25197
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2024-25197. Open Robotics Robotic Operating Sytstem 2 (ROS2) and Nav2 humble versions were discovered to contain a NULL pointer dereference via the isCurrent() function at /src/layered_costmap.cpp.
CVE-2024-25197
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2024-25197. Open Robotics Robotic Operating Sytstem 2 (ROS2) and Nav2 humble versions were discovered to contain a NULL pointer dereference via the isCurrent() function at /src/layered_costmap.cpp.
#ExploitObserverAlert
GHSA-w3w6-26f2-p474
DESCRIPTION: Exploit Observer has 4 entries in 4 file formats related to GHSA-w3w6-26f2-p474. Broken Access Control in Spring Security With Direct Use of isFullyAuthenticated
GHSA-w3w6-26f2-p474
DESCRIPTION: Exploit Observer has 4 entries in 4 file formats related to GHSA-w3w6-26f2-p474. Broken Access Control in Spring Security With Direct Use of isFullyAuthenticated
#ExploitObserverAlert
GHSA-ff2w-wm48-jhqj
DESCRIPTION: Exploit Observer has 5 entries in 3 file formats related to GHSA-ff2w-wm48-jhqj. Arbitrary File Read Vulnerability in Apache Dolphinscheduler
GHSA-ff2w-wm48-jhqj
DESCRIPTION: Exploit Observer has 5 entries in 3 file formats related to GHSA-ff2w-wm48-jhqj. Arbitrary File Read Vulnerability in Apache Dolphinscheduler
#ExploitObserverAlert
GHSA-cp68-qrhr-g9h8
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to GHSA-cp68-qrhr-g9h8. MeshCentral cross-site websocket hijacking (CSWSH) vulnerability
GHSA-cp68-qrhr-g9h8
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to GHSA-cp68-qrhr-g9h8. MeshCentral cross-site websocket hijacking (CSWSH) vulnerability
#ExploitObserverAlert
GHSA-qwxx-xww6-8q8m
DESCRIPTION: Exploit Observer has 5 entries in 3 file formats related to GHSA-qwxx-xww6-8q8m. Remote Code Execution in Apache Dolphinscheduler
GHSA-qwxx-xww6-8q8m
DESCRIPTION: Exploit Observer has 5 entries in 3 file formats related to GHSA-qwxx-xww6-8q8m. Remote Code Execution in Apache Dolphinscheduler
#ExploitObserverAlert
GHSA-c9vv-fhgv-cjc3
DESCRIPTION: Exploit Observer has 2 entries in 2 file formats related to GHSA-c9vv-fhgv-cjc3. agent-js: Insecure Key Generation in `Ed25519KeyIdentity.generate`
GHSA-c9vv-fhgv-cjc3
DESCRIPTION: Exploit Observer has 2 entries in 2 file formats related to GHSA-c9vv-fhgv-cjc3. agent-js: Insecure Key Generation in `Ed25519KeyIdentity.generate`
#ExploitObserverAlert
PD/http/cves/2024/CVE-2024-1209
DESCRIPTION: Exploit Observer has 8 entries in 5 file formats related to PD/http/cves/2024/CVE-2024-1209. The LearnDash LMS plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.10.1 via direct file access due to insufficient protection of uploaded assignments. This makes it possible for unauthenticated attackers to obtain those uploads.
PD/http/cves/2024/CVE-2024-1209
DESCRIPTION: Exploit Observer has 8 entries in 5 file formats related to PD/http/cves/2024/CVE-2024-1209. The LearnDash LMS plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.10.1 via direct file access due to insufficient protection of uploaded assignments. This makes it possible for unauthenticated attackers to obtain those uploads.
#ExploitObserverAlert
GHSA-vjqc-g788-f378
DESCRIPTION: Exploit Observer has 5 entries in 3 file formats related to GHSA-vjqc-g788-f378. Session Fixation Apache DolphinScheduler
GHSA-vjqc-g788-f378
DESCRIPTION: Exploit Observer has 5 entries in 3 file formats related to GHSA-vjqc-g788-f378. Session Fixation Apache DolphinScheduler
#ExploitObserverAlert
GHSA-p3rv-qj56-2fqx
DESCRIPTION: Exploit Observer has 3 entries in 2 file formats related to GHSA-p3rv-qj56-2fqx. Cross-site Scripting in Pyhtml2pdf
GHSA-p3rv-qj56-2fqx
DESCRIPTION: Exploit Observer has 3 entries in 2 file formats related to GHSA-p3rv-qj56-2fqx. Cross-site Scripting in Pyhtml2pdf
#ExploitObserverAlert
GHSA-5rwm-2xw8-hh9p
DESCRIPTION: Exploit Observer has 3 entries in 3 file formats related to GHSA-5rwm-2xw8-hh9p. Deserialization of Untrusted Data in Torrentpier
GHSA-5rwm-2xw8-hh9p
DESCRIPTION: Exploit Observer has 3 entries in 3 file formats related to GHSA-5rwm-2xw8-hh9p. Deserialization of Untrusted Data in Torrentpier
#ExploitObserverAlert
GHSA-3jcv-5f9p-2f2p
DESCRIPTION: Exploit Observer has 3 entries in 2 file formats related to GHSA-3jcv-5f9p-2f2p. Cross-site Scripting in electron-pdf
GHSA-3jcv-5f9p-2f2p
DESCRIPTION: Exploit Observer has 3 entries in 2 file formats related to GHSA-3jcv-5f9p-2f2p. Cross-site Scripting in electron-pdf
#ExploitObserverAlert
GHSA-m43p-55rf-8c2j
DESCRIPTION: Exploit Observer has 5 entries in 3 file formats related to GHSA-m43p-55rf-8c2j. Deserialization of Untrusted Data in Apache Camel CassandraQL
GHSA-m43p-55rf-8c2j
DESCRIPTION: Exploit Observer has 5 entries in 3 file formats related to GHSA-m43p-55rf-8c2j. Deserialization of Untrusted Data in Apache Camel CassandraQL
#ExploitObserverAlert
PD/http/cves/2024/CVE-2024-1210
DESCRIPTION: Exploit Observer has 8 entries in 5 file formats related to PD/http/cves/2024/CVE-2024-1210. The LearnDash LMS plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.10.1 via API. This makes it possible for unauthenticated attackers to obtain access to quizzes.
PD/http/cves/2024/CVE-2024-1210
DESCRIPTION: Exploit Observer has 8 entries in 5 file formats related to PD/http/cves/2024/CVE-2024-1210. The LearnDash LMS plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.10.1 via API. This makes it possible for unauthenticated attackers to obtain access to quizzes.
#ExploitObserverAlert
GHSA-x5pm-h33q-cjrw
DESCRIPTION: Exploit Observer has 4 entries in 3 file formats related to GHSA-x5pm-h33q-cjrw. Improper Certificate Validation in apache airflow mongo hook
GHSA-x5pm-h33q-cjrw
DESCRIPTION: Exploit Observer has 4 entries in 3 file formats related to GHSA-x5pm-h33q-cjrw. Improper Certificate Validation in apache airflow mongo hook
#ExploitObserverAlert
GHSA-37gx-jqx9-fwmg
DESCRIPTION: Exploit Observer has 4 entries in 3 file formats related to GHSA-37gx-jqx9-fwmg. Improper Certificate Validation in Apache DolphinScheduler
GHSA-37gx-jqx9-fwmg
DESCRIPTION: Exploit Observer has 4 entries in 3 file formats related to GHSA-37gx-jqx9-fwmg. Improper Certificate Validation in Apache DolphinScheduler
#ExploitObserverAlert
GHSA-375g-39jq-vq7m
DESCRIPTION: Exploit Observer has 2 entries in 2 file formats related to GHSA-375g-39jq-vq7m. Potential buffer overflow in CBOR2 decoder
GHSA-375g-39jq-vq7m
DESCRIPTION: Exploit Observer has 2 entries in 2 file formats related to GHSA-375g-39jq-vq7m. Potential buffer overflow in CBOR2 decoder