#ExploitObserverAlert
CVE-2023-52440
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2023-52440. In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix slub overflow in ksmbd_decode_ntlmssp_auth_blob() If authblob->SessionKey.Length is bigger than session key size(CIFS_KEY_SIZE), slub overflow can happen in key exchange codes. cifs_arc4_crypt copy to session key array from SessionKey from client.
FIRST-EPSS: 0.000450000
CVE-2023-52440
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2023-52440. In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix slub overflow in ksmbd_decode_ntlmssp_auth_blob() If authblob->SessionKey.Length is bigger than session key size(CIFS_KEY_SIZE), slub overflow can happen in key exchange codes. cifs_arc4_crypt copy to session key array from SessionKey from client.
FIRST-EPSS: 0.000450000
#ExploitObserverAlert
CVE-2023-42498
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2023-42498. Reflected cross-site scripting (XSS) vulnerability in the Language Override edit screen in Liferay Portal 7.4.3.8 through 7.4.3.97, and Liferay DXP 2023.Q3 before patch 5, and 7.4 update 4 through 92 allows remote attackers to inject arbitrary web script or HTML via the _com_liferay_portal_language_override_web_internal_portlet_PLOPortlet_key parameter.
FIRST-EPSS: 0.000430000
CVE-2023-42498
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2023-42498. Reflected cross-site scripting (XSS) vulnerability in the Language Override edit screen in Liferay Portal 7.4.3.8 through 7.4.3.97, and Liferay DXP 2023.Q3 before patch 5, and 7.4 update 4 through 92 allows remote attackers to inject arbitrary web script or HTML via the _com_liferay_portal_language_override_web_internal_portlet_PLOPortlet_key parameter.
FIRST-EPSS: 0.000430000
#ExploitObserverAlert
CVE-2023-42859
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2023-42859. The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.1, macOS Monterey 12.7.1, macOS Ventura 13.6.1. An app may be able to modify protected parts of the file system.
FIRST-EPSS: 0.000450000
CVE-2023-42859
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2023-42859. The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.1, macOS Monterey 12.7.1, macOS Ventura 13.6.1. An app may be able to modify protected parts of the file system.
FIRST-EPSS: 0.000450000
#ExploitObserverAlert
CVE-2024-24837
DESCRIPTION: Exploit Observer has 2 entries in 1 file formats related to CVE-2024-24837. Cross-Site Request Forgery (CSRF) vulnerability in Frédéric GILLES FG PrestaShop to WooCommerce, Frédéric GILLES FG Drupal to WordPress, Frédéric GILLES FG Joomla to WordPress.This issue affects FG PrestaShop to WooCommerce: from n/a through 4.44.3; FG Drupal to WordPress: from n/a through 3.67.0; FG Joomla to WordPress: from n/a through 4.15.0.
FIRST-EPSS: 0.000450000
CVE-2024-24837
DESCRIPTION: Exploit Observer has 2 entries in 1 file formats related to CVE-2024-24837. Cross-Site Request Forgery (CSRF) vulnerability in Frédéric GILLES FG PrestaShop to WooCommerce, Frédéric GILLES FG Drupal to WordPress, Frédéric GILLES FG Joomla to WordPress.This issue affects FG PrestaShop to WooCommerce: from n/a through 4.44.3; FG Drupal to WordPress: from n/a through 3.67.0; FG Joomla to WordPress: from n/a through 4.15.0.
FIRST-EPSS: 0.000450000
#ExploitObserverAlert
CVE-2024-0407
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2024-0407. Certain HP Enterprise LaserJet, and HP LaserJet Managed Printers are potentially vulnerable to information disclosure, when connections made by the device back to services enabled by some solutions may have been trusted without the appropriate CA certificate in the device's certificate store.
FIRST-EPSS: 0.000430000
CVE-2024-0407
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2024-0407. Certain HP Enterprise LaserJet, and HP LaserJet Managed Printers are potentially vulnerable to information disclosure, when connections made by the device back to services enabled by some solutions may have been trusted without the appropriate CA certificate in the device's certificate store.
FIRST-EPSS: 0.000430000
#ExploitObserverAlert
CVE-2023-42953
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2023-42953. A permissions issue was addressed with additional restrictions. This issue is fixed in tvOS 17.1, watchOS 10.1, macOS Sonoma 14.1, iOS 17.1 and iPadOS 17.1. An app may be able to access sensitive user data.
FIRST-EPSS: 0.000450000
CVE-2023-42953
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2023-42953. A permissions issue was addressed with additional restrictions. This issue is fixed in tvOS 17.1, watchOS 10.1, macOS Sonoma 14.1, iOS 17.1 and iPadOS 17.1. An app may be able to access sensitive user data.
FIRST-EPSS: 0.000450000
#ExploitObserverAlert
CVE-2023-42853
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2023-42853. A logic issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.1, macOS Monterey 12.7.1, macOS Ventura 13.6.1. An app may be able to access user-sensitive data.
FIRST-EPSS: 0.000450000
CVE-2023-42853
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2023-42853. A logic issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.1, macOS Monterey 12.7.1, macOS Ventura 13.6.1. An app may be able to access user-sensitive data.
FIRST-EPSS: 0.000450000
#ExploitObserverAlert
CVE-2024-1670
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2024-1670. Use after free in Mojo in Google Chrome prior to 122.0.6261.57 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
FIRST-EPSS: 0.000430000
CVE-2024-1670
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2024-1670. Use after free in Mojo in Google Chrome prior to 122.0.6261.57 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
FIRST-EPSS: 0.000430000
#ExploitObserverAlert
CVE-2024-25603
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2024-25603. Stored cross-site scripting (XSS) vulnerability in the Dynamic Data Mapping module's DDMForm in Liferay Portal 7.2.0 through 7.4.3.4, and older unsupported versions, and Liferay DXP 7.4.13, 7.3 before update 4, 7.2 before fix pack 17, and older unsupported versions allows remote authenticated users to inject arbitrary web script or HTML via the instanceId parameter.
FIRST-EPSS: 0.000430000
CVE-2024-25603
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2024-25603. Stored cross-site scripting (XSS) vulnerability in the Dynamic Data Mapping module's DDMForm in Liferay Portal 7.2.0 through 7.4.3.4, and older unsupported versions, and Liferay DXP 7.4.13, 7.3 before update 4, 7.2 before fix pack 17, and older unsupported versions allows remote authenticated users to inject arbitrary web script or HTML via the instanceId parameter.
FIRST-EPSS: 0.000430000
#ExploitObserverAlert
CVE-2024-1501
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2024-1501. The Database Reset plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.22. This is due to missing or incorrect nonce validation on the install_wpr() function. This makes it possible for unauthenticated attackers to install the WP Reset Plugin via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
FIRST-EPSS: 0.000450000
CVE-2024-1501
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2024-1501. The Database Reset plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.22. This is due to missing or incorrect nonce validation on the install_wpr() function. This makes it possible for unauthenticated attackers to install the WP Reset Plugin via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
FIRST-EPSS: 0.000450000
#ExploitObserverAlert
CVE-2023-52441
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2023-52441. In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix out of bounds in init_smb2_rsp_hdr() If client send smb2 negotiate request and then send smb1 negotiate request, init_smb2_rsp_hdr is called for smb1 negotiate request since need_neg is set to false. This patch ignore smb1 packets after ->need_neg is set to false.
FIRST-EPSS: 0.000450000
CVE-2023-52441
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2023-52441. In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix out of bounds in init_smb2_rsp_hdr() If client send smb2 negotiate request and then send smb1 negotiate request, init_smb2_rsp_hdr is called for smb1 negotiate request since need_neg is set to false. This patch ignore smb1 packets after ->need_neg is set to false.
FIRST-EPSS: 0.000450000
#ExploitObserverAlert
CVE-2024-0593
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2024-0593. The Simple Job Board plugin for WordPress is vulnerable to unauthorized access of data| due to insufficient authorization checking on the fetch_quick_job() function in all versions up to, and including, 2.10.8. This makes it possible for unauthenticated attackers to fetch arbitrary posts, which can be password protected or private and contain sensitive information.
FIRST-EPSS: 0.000430000
CVE-2024-0593
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2024-0593. The Simple Job Board plugin for WordPress is vulnerable to unauthorized access of data| due to insufficient authorization checking on the fetch_quick_job() function in all versions up to, and including, 2.10.8. This makes it possible for unauthenticated attackers to fetch arbitrary posts, which can be password protected or private and contain sensitive information.
FIRST-EPSS: 0.000430000
#ExploitObserverAlert
PSS-177232
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to PSS-177232. Ubuntu Security Notice USN-6647-1. Ubuntu Security Notice 6647-1 - It was discovered that a race condition existed in the ATM subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that a race condition existed in the Rose X.25 protocol implementation in the Linux kernel, leading to a use-after- free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.
PSS-177232
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to PSS-177232. Ubuntu Security Notice USN-6647-1. Ubuntu Security Notice 6647-1 - It was discovered that a race condition existed in the ATM subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that a race condition existed in the Rose X.25 protocol implementation in the Linux kernel, leading to a use-after- free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.
#ExploitObserverAlert
PSS-177235
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to PSS-177235. Botan C++ Crypto Algorithms Library 3.3.0. Botan is a C++ library of cryptographic algorithms, including AES, DES, SHA-1, RSA, DSA, Diffie-Hellman, and many others. It also supports X.509 certificates and CRLs, and PKCS #10 certificate requests, and has a high level filter/pipe message processing system. The library is easily portable to most systems and compilers, and includes a substantial tutorial and API reference. This is the current 3.x.x release.
PSS-177235
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to PSS-177235. Botan C++ Crypto Algorithms Library 3.3.0. Botan is a C++ library of cryptographic algorithms, including AES, DES, SHA-1, RSA, DSA, Diffie-Hellman, and many others. It also supports X.509 certificates and CRLs, and PKCS #10 certificate requests, and has a high level filter/pipe message processing system. The library is easily portable to most systems and compilers, and includes a substantial tutorial and API reference. This is the current 3.x.x release.
#ExploitObserverAlert
PSS-177233
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to PSS-177233. OpenOLAT 18.1.5 Cross Site Scripting / Privilege Escalation. OpenOLAT versions 18.1.4 and below and versions 18.1.5 and below suffer from multiple persistent cross site scripting vulnerabilities.
PSS-177233
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to PSS-177233. OpenOLAT 18.1.5 Cross Site Scripting / Privilege Escalation. OpenOLAT versions 18.1.4 and below and versions 18.1.5 and below suffer from multiple persistent cross site scripting vulnerabilities.
#ExploitObserverAlert
ZDI-24-192
DESCRIPTION: Exploit Observer has 2 entries in 1 file formats related to ZDI-24-192. Schneider Electric EcoStruxure IT Gateway Hard-Coded Credentials Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Schneider Electric EcoStruxure IT Gateway. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2024-0865.
ZDI-24-192
DESCRIPTION: Exploit Observer has 2 entries in 1 file formats related to ZDI-24-192. Schneider Electric EcoStruxure IT Gateway Hard-Coded Credentials Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Schneider Electric EcoStruxure IT Gateway. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2024-0865.
#ExploitObserverAlert
PSS-177228
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to PSS-177228. Ubuntu Security Notice USN-6584-2. Ubuntu Security Notice 6584-2 - USN-6584-1 fixed several vulnerabilities in Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. This update provides the corresponding updates for CVE-2021-33912 andCVE-2021-33913 in Ubuntu 16.04 LTS. Philipp Jeitner and Haya Shulman discovered that Libspf2 incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service or execute arbitrary code.
PSS-177228
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to PSS-177228. Ubuntu Security Notice USN-6584-2. Ubuntu Security Notice 6584-2 - USN-6584-1 fixed several vulnerabilities in Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. This update provides the corresponding updates for CVE-2021-33912 andCVE-2021-33913 in Ubuntu 16.04 LTS. Philipp Jeitner and Haya Shulman discovered that Libspf2 incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service or execute arbitrary code.
#ExploitObserverAlert
GHSA-6vqw-3v5j-54x4
DESCRIPTION: Exploit Observer has 2 entries in 2 file formats related to GHSA-6vqw-3v5j-54x4. cryptography NULL pointer deference with pkcs12.serialize_key_and_certificates when called with a non-matching certificate and private key and an hmac_hash override
GHSA-6vqw-3v5j-54x4
DESCRIPTION: Exploit Observer has 2 entries in 2 file formats related to GHSA-6vqw-3v5j-54x4. cryptography NULL pointer deference with pkcs12.serialize_key_and_certificates when called with a non-matching certificate and private key and an hmac_hash override
#ExploitObserverAlert
PSS-177224
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to PSS-177224. ITFlow Cross Site Request Forgery. ITFlow versions prior to commit 432488eca3998c5be6b6b9e8f8ba01f54bc12378 suffer from a cross site request forgery vulnerability.
PSS-177224
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to PSS-177224. ITFlow Cross Site Request Forgery. ITFlow versions prior to commit 432488eca3998c5be6b6b9e8f8ba01f54bc12378 suffer from a cross site request forgery vulnerability.
#ExploitObserverAlert
PSS-177222
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to PSS-177222. Red Hat Security Advisory 2024-0930-03. Red Hat Security Advisory 2024-0930-03 - An update for kernel is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Issues addressed include integer overflow, null pointer, out of bounds access, privilege escalation, and use-after-free vulnerabilities.
PSS-177222
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to PSS-177222. Red Hat Security Advisory 2024-0930-03. Red Hat Security Advisory 2024-0930-03 - An update for kernel is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Issues addressed include integer overflow, null pointer, out of bounds access, privilege escalation, and use-after-free vulnerabilities.
#ExploitObserverAlert
ZDI-24-187
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to ZDI-24-187. Trimble SketchUp SKP File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trimble SketchUp. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8.
ZDI-24-187
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to ZDI-24-187. Trimble SketchUp SKP File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trimble SketchUp. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8.