#ExploitObserverAlert
PSS-177225
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to PSS-177225. Ubuntu Security Notice USN-6645-1. Ubuntu Security Notice 6645-1 - It was discovered that the netfilter connection tracker for netlink in the Linux kernel did not properly perform reference counting in some error conditions. A local attacker could possibly use this to cause a denial of service.
PSS-177225
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to PSS-177225. Ubuntu Security Notice USN-6645-1. Ubuntu Security Notice 6645-1 - It was discovered that the netfilter connection tracker for netlink in the Linux kernel did not properly perform reference counting in some error conditions. A local attacker could possibly use this to cause a denial of service.
#ExploitObserverAlert
ZDI-24-188
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to ZDI-24-188. Trimble SketchUp SKP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trimble SketchUp. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8.
ZDI-24-188
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to ZDI-24-188. Trimble SketchUp SKP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trimble SketchUp. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8.
#ExploitObserverAlert
ZDI-24-186
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to ZDI-24-186. Trimble SketchUp SKP File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trimble SketchUp. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8.
ZDI-24-186
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to ZDI-24-186. Trimble SketchUp SKP File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trimble SketchUp. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8.
#ExploitObserverAlert
PSS-177234
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to PSS-177234. Botan C++ Crypto Algorithms Library 2.19.4. Botan is a C++ library of cryptographic algorithms, including AES, DES, SHA-1, RSA, DSA, Diffie-Hellman, and many others. It also supports X.509 certificates and CRLs, and PKCS #10 certificate requests, and has a high level filter/pipe message processing system. The library is easily portable to most systems and compilers, and includes a substantial tutorial and API reference. This is the current 2.19.x release.
PSS-177234
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to PSS-177234. Botan C++ Crypto Algorithms Library 2.19.4. Botan is a C++ library of cryptographic algorithms, including AES, DES, SHA-1, RSA, DSA, Diffie-Hellman, and many others. It also supports X.509 certificates and CRLs, and PKCS #10 certificate requests, and has a high level filter/pipe message processing system. The library is easily portable to most systems and compilers, and includes a substantial tutorial and API reference. This is the current 2.19.x release.
#ExploitObserverAlert
PSS-177219
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to PSS-177219. Red Hat Security Advisory 2024-0837-03. Red Hat Security Advisory 2024-0837-03 - Red Hat OpenShift Container Platform release 4.14.13 is now available with updates to packages and images that fix several bugs and add enhancements.
PSS-177219
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to PSS-177219. Red Hat Security Advisory 2024-0837-03. Red Hat Security Advisory 2024-0837-03 - Red Hat OpenShift Container Platform release 4.14.13 is now available with updates to packages and images that fix several bugs and add enhancements.
#ExploitObserverAlert
ZDI-24-189
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to ZDI-24-189. Trimble SketchUp SKP File Parsing Use-After-Free Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Trimble SketchUp. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 3.3.
ZDI-24-189
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to ZDI-24-189. Trimble SketchUp SKP File Parsing Use-After-Free Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Trimble SketchUp. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 3.3.
#ExploitObserverAlert
PSS-177226
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to PSS-177226. Fuelflow 1.0 SQL Injection. Fuelflow version 1.0 suffers from a remote SQL injection vulnerability.
PSS-177226
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to PSS-177226. Fuelflow 1.0 SQL Injection. Fuelflow version 1.0 suffers from a remote SQL injection vulnerability.
#ExploitObserverAlert
ZDI-24-184
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to ZDI-24-184. Inductive Automation Ignition getParams Argument Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition. User interaction is required to exploit this vulnerability in that the target must connect to a malicious server. The ZDI has assigned a CVSS rating of 8.8. The following CVEs are assigned: CVE-2023-50232.
ZDI-24-184
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to ZDI-24-184. Inductive Automation Ignition getParams Argument Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition. User interaction is required to exploit this vulnerability in that the target must connect to a malicious server. The ZDI has assigned a CVSS rating of 8.8. The following CVEs are assigned: CVE-2023-50232.
#ExploitObserverAlert
GHSA-24rp-q3w6-vc56
DESCRIPTION: Exploit Observer has 3 entries in 2 file formats related to GHSA-24rp-q3w6-vc56. org.postgresql:postgresql vulnerable to SQL Injection via line comment generation
GHSA-24rp-q3w6-vc56
DESCRIPTION: Exploit Observer has 3 entries in 2 file formats related to GHSA-24rp-q3w6-vc56. org.postgresql:postgresql vulnerable to SQL Injection via line comment generation
#ExploitObserverAlert
GHSA-84xv-jfrm-h4gm
DESCRIPTION: Exploit Observer has 4 entries in 3 file formats related to GHSA-84xv-jfrm-h4gm. registry-supper Path Traversal vulnerability
GHSA-84xv-jfrm-h4gm
DESCRIPTION: Exploit Observer has 4 entries in 3 file formats related to GHSA-84xv-jfrm-h4gm. registry-supper Path Traversal vulnerability
#ExploitObserverAlert
GHSA-rwhv-hvj2-qrqm
DESCRIPTION: Exploit Observer has 3 entries in 3 file formats related to GHSA-rwhv-hvj2-qrqm. Liferay Portal Frontend JS module's portlet.js and Liferay DXP vulnerable to Cross-site Scripting
GHSA-rwhv-hvj2-qrqm
DESCRIPTION: Exploit Observer has 3 entries in 3 file formats related to GHSA-rwhv-hvj2-qrqm. Liferay Portal Frontend JS module's portlet.js and Liferay DXP vulnerable to Cross-site Scripting
#ExploitObserverAlert
GHSA-hgr6-6hhw-883f
DESCRIPTION: Exploit Observer has 3 entries in 3 file formats related to GHSA-hgr6-6hhw-883f. Liferay Portal Calendar module and Liferay DXP vulnerable to Cross-site Scripting, content spoofing
GHSA-hgr6-6hhw-883f
DESCRIPTION: Exploit Observer has 3 entries in 3 file formats related to GHSA-hgr6-6hhw-883f. Liferay Portal Calendar module and Liferay DXP vulnerable to Cross-site Scripting, content spoofing
#ExploitObserverAlert
GHSA-r48h-jr2j-9g78
DESCRIPTION: Exploit Observer has 4 entries in 2 file formats related to GHSA-r48h-jr2j-9g78. HashiCorp Terraform Amazon Web Services (AWS) uses an insecure PRNG
GHSA-r48h-jr2j-9g78
DESCRIPTION: Exploit Observer has 4 entries in 2 file formats related to GHSA-r48h-jr2j-9g78. HashiCorp Terraform Amazon Web Services (AWS) uses an insecure PRNG
#ExploitObserverAlert
CVE-2023-51828
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2023-51828. A SQL Injection vulnerability in /admin/convert/export.class.php in PMB 7.4.7 and earlier versions allows remote unauthenticated attackers to execute arbitrary SQL commands via the query parameter in get_next_notice function.
CVE-2023-51828
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2023-51828. A SQL Injection vulnerability in /admin/convert/export.class.php in PMB 7.4.7 and earlier versions allows remote unauthenticated attackers to execute arbitrary SQL commands via the query parameter in get_next_notice function.
#ExploitObserverAlert
CVE-2024-1474
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2024-1474. In WS_FTP Server versions before 8.8.5, reflected cross-site scripting issues have been identified on various user supplied inputs on the WS_FTP Server administrative interface.
CVE-2024-1474
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2024-1474. In WS_FTP Server versions before 8.8.5, reflected cross-site scripting issues have been identified on various user supplied inputs on the WS_FTP Server administrative interface.
#ExploitObserverAlert
CVE-2024-25894
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2024-25894. ChurchCRM 5.5.0 /EventEditor.php is vulnerable to Blind SQL Injection (Time-based) via the EventCount POST parameter.
CVE-2024-25894
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2024-25894. ChurchCRM 5.5.0 /EventEditor.php is vulnerable to Blind SQL Injection (Time-based) via the EventCount POST parameter.
#ExploitObserverAlert
GHSA-43v2-6grp-9pp9
DESCRIPTION: Exploit Observer has 13 entries in 3 file formats related to GHSA-43v2-6grp-9pp9. Apache Tomcat does not enforce the maxHttpHeaderSize limit
GHSA-43v2-6grp-9pp9
DESCRIPTION: Exploit Observer has 13 entries in 3 file formats related to GHSA-43v2-6grp-9pp9. Apache Tomcat does not enforce the maxHttpHeaderSize limit
#ExploitObserverAlert
CVE-2024-1702
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2024-1702. A vulnerability was found in keerti1924 PHP-MYSQL-User-Login-System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /edit.php. The manipulation leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-254390 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
CVE-2024-1702
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2024-1702. A vulnerability was found in keerti1924 PHP-MYSQL-User-Login-System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /edit.php. The manipulation leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-254390 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
#ExploitObserverAlert
CVE-2024-26584
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2024-26584. In the Linux kernel, the following vulnerability has been resolved: net: tls: handle backlogging of crypto requests Since we're setting the CRYPTO_TFM_REQ_MAY_BACKLOG flag on our requests to the crypto API, crypto_aead_{encrypt,decrypt} can return -EBUSY instead of -EINPROGRESS in valid situations. For example, when the cryptd queue for AESNI is full (easy to trigger with an artificially low cryptd.cryptd_max_cpu_qlen), requests will be enqueued to the backlog but still processed. In that case, the async callback will also be called twice: first with err == -EINPROGRESS, which it seems we can just ignore, then with err == 0. Compared to Sabrina's original patch this version uses the new tls_*crypt_async_wait() helpers and converts the EBUSY to EINPROGRESS to avoid having to modify all the error handling paths. The handling is identical.
CVE-2024-26584
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2024-26584. In the Linux kernel, the following vulnerability has been resolved: net: tls: handle backlogging of crypto requests Since we're setting the CRYPTO_TFM_REQ_MAY_BACKLOG flag on our requests to the crypto API, crypto_aead_{encrypt,decrypt} can return -EBUSY instead of -EINPROGRESS in valid situations. For example, when the cryptd queue for AESNI is full (easy to trigger with an artificially low cryptd.cryptd_max_cpu_qlen), requests will be enqueued to the backlog but still processed. In that case, the async callback will also be called twice: first with err == -EINPROGRESS, which it seems we can just ignore, then with err == 0. Compared to Sabrina's original patch this version uses the new tls_*crypt_async_wait() helpers and converts the EBUSY to EINPROGRESS to avoid having to modify all the error handling paths. The handling is identical.
#ExploitObserverAlert
CVE-2022-45179
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2022-45179. An issue was discovered in LIVEBOX Collaboration vDesk through v031. A basic XSS vulnerability exists under the /api/v1/vdeskintegration/todo/createorupdate endpoint via the title parameter and /dashboard/reminders. A remote user (authenticated to the product) can store arbitrary HTML code in the reminder section title in order to corrupt the web page (for example, by creating phishing sections to exfiltrate victims' credentials).
CVE-2022-45179
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2022-45179. An issue was discovered in LIVEBOX Collaboration vDesk through v031. A basic XSS vulnerability exists under the /api/v1/vdeskintegration/todo/createorupdate endpoint via the title parameter and /dashboard/reminders. A remote user (authenticated to the product) can store arbitrary HTML code in the reminder section title in order to corrupt the web page (for example, by creating phishing sections to exfiltrate victims' credentials).
#ExploitObserverAlert
CVE-2023-49100
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2023-49100. Trusted Firmware-A (TF-A) before 2.10 has a potential read out-of-bounds in the SDEI service. The input parameter passed in register x1 is not validated well enough in the function sdei_interrupt_bind. The parameter is passed to a call to plat_ic_get_interrupt_type. It can be any arbitrary value passing checks in the function plat_ic_is_sgi. A compromised Normal World (Linux kernel) can enable a root-privileged attacker to issue arbitrary SMC calls. Using this primitive, he can control the content of registers x0 through x6, which are used to send parameters to TF-A. Out-of-bounds addresses can be read in the context of TF-A (EL3). Because the read value is never returned to non-secure memory or in registers, no leak is possible. An attacker can still crash TF-A, however.
CVE-2023-49100
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2023-49100. Trusted Firmware-A (TF-A) before 2.10 has a potential read out-of-bounds in the SDEI service. The input parameter passed in register x1 is not validated well enough in the function sdei_interrupt_bind. The parameter is passed to a call to plat_ic_get_interrupt_type. It can be any arbitrary value passing checks in the function plat_ic_is_sgi. A compromised Normal World (Linux kernel) can enable a root-privileged attacker to issue arbitrary SMC calls. Using this primitive, he can control the content of registers x0 through x6, which are used to send parameters to TF-A. Out-of-bounds addresses can be read in the context of TF-A (EL3). Because the read value is never returned to non-secure memory or in registers, no leak is possible. An attacker can still crash TF-A, however.