#ExploitObserverAlert
CVE-2024-22254
DESCRIPTION: Exploit Observer has 3 entries in 1 file formats related to CVE-2024-22254. VMware ESXi contains an out-of-bounds write vulnerability. A malicious actor with privileges within the VMX process may trigger an out-of-bounds write leading to an escape of the sandbox.
CVE-2024-22254
DESCRIPTION: Exploit Observer has 3 entries in 1 file formats related to CVE-2024-22254. VMware ESXi contains an out-of-bounds write vulnerability. A malicious actor with privileges within the VMX process may trigger an out-of-bounds write leading to an escape of the sandbox.
#ExploitObserverAlert
CVE-2024-22255
DESCRIPTION: Exploit Observer has 3 entries in 1 file formats related to CVE-2024-22255. VMware ESXi, Workstation, and Fusion contain an information disclosure vulnerability in the UHCI USB controller. A malicious actor with administrative access to a virtual machine may be able to exploit this issue to leak memory from the vmx process.
CVE-2024-22255
DESCRIPTION: Exploit Observer has 3 entries in 1 file formats related to CVE-2024-22255. VMware ESXi, Workstation, and Fusion contain an information disclosure vulnerability in the UHCI USB controller. A malicious actor with administrative access to a virtual machine may be able to exploit this issue to leak memory from the vmx process.
#ExploitObserverAlert
EDB-51857
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to EDB-51857. Solar-Log 200 PM+ 3.6.0 Build 99 - 15.10.2019 - Stored XSS
EDB-51857
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to EDB-51857. Solar-Log 200 PM+ 3.6.0 Build 99 - 15.10.2019 - Stored XSS
#ExploitObserverAlert
GHSA-jw44-4f3j-q396
DESCRIPTION: Exploit Observer has 5 entries in 3 file formats related to GHSA-jw44-4f3j-q396. Helm shows secrets in clear text
GHSA-jw44-4f3j-q396
DESCRIPTION: Exploit Observer has 5 entries in 3 file formats related to GHSA-jw44-4f3j-q396. Helm shows secrets in clear text
#ExploitObserverAlert
CVE-2024-23225
DESCRIPTION: Exploit Observer has 3 entries in 1 file formats related to CVE-2024-23225. A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 16.7.6 and iPadOS 16.7.6, iOS 17.4 and iPadOS 17.4. An attacker with arbitrary kernel read and write capability may be able to bypass kernel memory protections. Apple is aware of a report that this issue may have been exploited.
CVE-2024-23225
DESCRIPTION: Exploit Observer has 3 entries in 1 file formats related to CVE-2024-23225. A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 16.7.6 and iPadOS 16.7.6, iOS 17.4 and iPadOS 17.4. An attacker with arbitrary kernel read and write capability may be able to bypass kernel memory protections. Apple is aware of a report that this issue may have been exploited.
#ExploitObserverAlert
CVE-2024-24783
DESCRIPTION: Exploit Observer has 4 entries in 2 file formats related to CVE-2024-24783. Verifying a certificate chain which contains a certificate with an unknown public key algorithm will cause Certificate.Verify to panic. This affects all crypto/tls clients, and servers that set Config.ClientAuth to VerifyClientCertIfGiven or RequireAndVerifyClientCert. The default behavior is for TLS servers to not verify client certificates.
FIRST-EPSS: 0.000450000
CVE-2024-24783
DESCRIPTION: Exploit Observer has 4 entries in 2 file formats related to CVE-2024-24783. Verifying a certificate chain which contains a certificate with an unknown public key algorithm will cause Certificate.Verify to panic. This affects all crypto/tls clients, and servers that set Config.ClientAuth to VerifyClientCertIfGiven or RequireAndVerifyClientCert. The default behavior is for TLS servers to not verify client certificates.
FIRST-EPSS: 0.000450000
#ExploitObserverAlert
PD/http/cves/2024/CVE-2024-27198
DESCRIPTION: Exploit Observer has 69 entries in 7 file formats related to PD/http/cves/2024/CVE-2024-27198. In JetBrains TeamCity before 2023.11.4 authentication bypass allowing to perform admin actions was possible
PD/http/cves/2024/CVE-2024-27198
DESCRIPTION: Exploit Observer has 69 entries in 7 file formats related to PD/http/cves/2024/CVE-2024-27198. In JetBrains TeamCity before 2023.11.4 authentication bypass allowing to perform admin actions was possible
#ExploitObserverAlert
PD/http/cves/2024/CVE-2024-27199
DESCRIPTION: Exploit Observer has 9 entries in 6 file formats related to PD/http/cves/2024/CVE-2024-27199. In JetBrains TeamCity before 2023.11.4 path traversal allowing to perform limited admin actions was possible
PD/http/cves/2024/CVE-2024-27199
DESCRIPTION: Exploit Observer has 9 entries in 6 file formats related to PD/http/cves/2024/CVE-2024-27199. In JetBrains TeamCity before 2023.11.4 path traversal allowing to perform limited admin actions was possible
#ExploitObserverAlert
CVE-2023-45290
DESCRIPTION: Exploit Observer has 3 entries in 1 file formats related to CVE-2023-45290. When parsing a multipart form (either explicitly with Request.ParseMultipartForm or implicitly with Request.FormValue, Request.PostFormValue, or Request.FormFile), limits on the total size of the parsed form were not applied to the memory consumed while reading a single form line. This permits a maliciously crafted input containing very long lines to cause allocation of arbitrarily large amounts of memory, potentially leading to memory exhaustion. With fix, the ParseMultipartForm function now correctly limits the maximum size of form lines.
FIRST-EPSS: 0.000450000
CVE-2023-45290
DESCRIPTION: Exploit Observer has 3 entries in 1 file formats related to CVE-2023-45290. When parsing a multipart form (either explicitly with Request.ParseMultipartForm or implicitly with Request.FormValue, Request.PostFormValue, or Request.FormFile), limits on the total size of the parsed form were not applied to the memory consumed while reading a single form line. This permits a maliciously crafted input containing very long lines to cause allocation of arbitrarily large amounts of memory, potentially leading to memory exhaustion. With fix, the ParseMultipartForm function now correctly limits the maximum size of form lines.
FIRST-EPSS: 0.000450000
#ExploitObserverAlert
CVE-2023-45289
DESCRIPTION: Exploit Observer has 3 entries in 1 file formats related to CVE-2023-45289. When following an HTTP redirect to a domain which is not a subdomain match or exact match of the initial domain, an http.Client does not forward sensitive headers such as "Authorization" or "Cookie". For example, a redirect from foo.com to www.foo.com will forward the Authorization header, but a redirect to bar.com will not. A maliciously crafted HTTP redirect could cause sensitive headers to be unexpectedly forwarded.
FIRST-EPSS: 0.000450000
CVE-2023-45289
DESCRIPTION: Exploit Observer has 3 entries in 1 file formats related to CVE-2023-45289. When following an HTTP redirect to a domain which is not a subdomain match or exact match of the initial domain, an http.Client does not forward sensitive headers such as "Authorization" or "Cookie". For example, a redirect from foo.com to www.foo.com will forward the Authorization header, but a redirect to bar.com will not. A maliciously crafted HTTP redirect could cause sensitive headers to be unexpectedly forwarded.
FIRST-EPSS: 0.000450000
#ExploitObserverAlert
PD/http/vulnerabilities/chanjet-tplus/chanjet-tplus-unauth-update
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to PD/http/vulnerabilities/chanjet-tplus/chanjet-tplus-unauth-update. There is an unauthorized administrator password modification vulnerability in UF Chanjet T+ RecoverPassword.aspx. An attacker can use this vulnerability to modify the administrator account password to log in to the backend.
PD/http/vulnerabilities/chanjet-tplus/chanjet-tplus-unauth-update
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to PD/http/vulnerabilities/chanjet-tplus/chanjet-tplus-unauth-update. There is an unauthorized administrator password modification vulnerability in UF Chanjet T+ RecoverPassword.aspx. An attacker can use this vulnerability to modify the administrator account password to log in to the backend.
#ExploitObserverAlert
PD/http/cves/2024/CVE-2024-27497
DESCRIPTION: Exploit Observer has 6 entries in 4 file formats related to PD/http/cves/2024/CVE-2024-27497. Linksys E2000 Ver.1.0.06 build 1 is vulnerable to authentication bypass via the position.js file.
PD/http/cves/2024/CVE-2024-27497
DESCRIPTION: Exploit Observer has 6 entries in 4 file formats related to PD/http/cves/2024/CVE-2024-27497. Linksys E2000 Ver.1.0.06 build 1 is vulnerable to authentication bypass via the position.js file.
#ExploitObserverAlert
PD/http/vulnerabilities/other/lucee-unset-credentials
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to PD/http/vulnerabilities/other/lucee-unset-credentials. The Lucee admin panel has a first-time setup page which allows any user to set the administrator password.
PD/http/vulnerabilities/other/lucee-unset-credentials
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to PD/http/vulnerabilities/other/lucee-unset-credentials. The Lucee admin panel has a first-time setup page which allows any user to set the administrator password.
#ExploitObserverAlert
CVE-2024-20335
DESCRIPTION: Exploit Observer has 3 entries in 1 file formats related to CVE-2024-20335. A vulnerability in the web-based management interface of Cisco Small Business 100, 300, and 500 Series Wireless APs could allow an authenticated, remote attacker to perform command injection attacks against an affected device. In order to exploit this vulnerability, the attacker must have valid administrative credentials for the device. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web-based management interface of an affected device. A successful exploit could allow the attacker to execute arbitrary code as the root user on the underlying operating system.
FIRST-EPSS: 0.000430000
CVE-2024-20335
DESCRIPTION: Exploit Observer has 3 entries in 1 file formats related to CVE-2024-20335. A vulnerability in the web-based management interface of Cisco Small Business 100, 300, and 500 Series Wireless APs could allow an authenticated, remote attacker to perform command injection attacks against an affected device. In order to exploit this vulnerability, the attacker must have valid administrative credentials for the device. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web-based management interface of an affected device. A successful exploit could allow the attacker to execute arbitrary code as the root user on the underlying operating system.
FIRST-EPSS: 0.000430000
#ExploitObserverAlert
CVE-2024-20301
DESCRIPTION: Exploit Observer has 3 entries in 1 file formats related to CVE-2024-20301. A vulnerability in Cisco Duo Authentication for Windows Logon and RDP could allow an authenticated, physical attacker to bypass secondary authentication and access an affected Windows device. This vulnerability is due to a failure to invalidate locally created trusted sessions after a reboot of the affected device. An attacker with primary user credentials could exploit this vulnerability by attempting to authenticate to an affected device. A successful exploit could allow the attacker to access the affected device without valid permissions.
FIRST-EPSS: 0.000430000
CVE-2024-20301
DESCRIPTION: Exploit Observer has 3 entries in 1 file formats related to CVE-2024-20301. A vulnerability in Cisco Duo Authentication for Windows Logon and RDP could allow an authenticated, physical attacker to bypass secondary authentication and access an affected Windows device. This vulnerability is due to a failure to invalidate locally created trusted sessions after a reboot of the affected device. An attacker with primary user credentials could exploit this vulnerability by attempting to authenticate to an affected device. A successful exploit could allow the attacker to access the affected device without valid permissions.
FIRST-EPSS: 0.000430000
#ExploitObserverAlert
CVE-2024-20338
DESCRIPTION: Exploit Observer has 3 entries in 1 file formats related to CVE-2024-20338. A vulnerability in the ISE Posture (System Scan) module of Cisco Secure Client for Linux could allow an authenticated, local attacker to elevate privileges on an affected device. This vulnerability is due to the use of an uncontrolled search path element. An attacker could exploit this vulnerability by copying a malicious library file to a specific directory in the filesystem and persuading an administrator to restart a specific process. A successful exploit could allow the attacker to execute arbitrary code on an affected device with root privileges.
FIRST-EPSS: 0.000430000
CVE-2024-20338
DESCRIPTION: Exploit Observer has 3 entries in 1 file formats related to CVE-2024-20338. A vulnerability in the ISE Posture (System Scan) module of Cisco Secure Client for Linux could allow an authenticated, local attacker to elevate privileges on an affected device. This vulnerability is due to the use of an uncontrolled search path element. An attacker could exploit this vulnerability by copying a malicious library file to a specific directory in the filesystem and persuading an administrator to restart a specific process. A successful exploit could allow the attacker to execute arbitrary code on an affected device with root privileges.
FIRST-EPSS: 0.000430000
#ExploitObserverAlert
WLB-2024030012
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to WLB-2024030012. elFinder Web file manager Version 2.1.53 Remote Command Execution.
WLB-2024030012
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to WLB-2024030012. elFinder Web file manager Version 2.1.53 Remote Command Execution.
#ExploitObserverAlert
EDB-51865
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to EDB-51865. GLiNet - Router Authentication Bypass
EDB-51865
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to EDB-51865. GLiNet - Router Authentication Bypass
#ExploitObserverAlert
EDB-51864
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to EDB-51864. elFinder Web file manager Version - 2.1.53 Remote Command Execution
EDB-51864
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to EDB-51864. elFinder Web file manager Version - 2.1.53 Remote Command Execution
#ExploitObserverAlert
CVE-2024-2176
DESCRIPTION: Exploit Observer has 4 entries in 1 file formats related to CVE-2024-2176. Use after free in FedCM in Google Chrome prior to 122.0.6261.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
FIRST-EPSS: 0.000430000
CVE-2024-2176
DESCRIPTION: Exploit Observer has 4 entries in 1 file formats related to CVE-2024-2176. Use after free in FedCM in Google Chrome prior to 122.0.6261.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
FIRST-EPSS: 0.000430000
#ExploitObserverAlert
WLB-2024030010
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to WLB-2024030010. Artica Proxy 4.40 / 4.50 Local File Inclusion / Traversal.
WLB-2024030010
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to WLB-2024030010. Artica Proxy 4.40 / 4.50 Local File Inclusion / Traversal.