#ExploitObserverAlert
PD/http/cves/2021/CVE-2021-46418
DESCRIPTION: Exploit Observer has 12 entries in 6 file formats related to PD/http/cves/2021/CVE-2021-46418. An unauthorized file creation vulnerability in Telesquare TLR-2855KS6 via PUT method can allow creation of CGI scripts.
PD/http/cves/2021/CVE-2021-46418
DESCRIPTION: Exploit Observer has 12 entries in 6 file formats related to PD/http/cves/2021/CVE-2021-46418. An unauthorized file creation vulnerability in Telesquare TLR-2855KS6 via PUT method can allow creation of CGI scripts.
#ExploitObserverAlert
BDU:2024-02615
DESCRIPTION: Exploit Observer has 9 entries in 3 file formats related to BDU:2024-02615. The vulnerability of the Grafana monitoring and observation platform, related to improper input sanitization during webpage creation, allows attackers to carry out cross-site scripting (XSS) attacks. The vulnerability of the Grafana monitoring and observation platform is associated with the presence of SVG files that were not properly sanitized, allowing arbitrary JavaScript execution in the context of the current authenticated user of the Grafana instance. Exploiting the vulnerability could enable a remote attacker to perform cross-site scripting (XSS) attacks.
BDU:2024-02615
DESCRIPTION: Exploit Observer has 9 entries in 3 file formats related to BDU:2024-02615. The vulnerability of the Grafana monitoring and observation platform, related to improper input sanitization during webpage creation, allows attackers to carry out cross-site scripting (XSS) attacks. The vulnerability of the Grafana monitoring and observation platform is associated with the presence of SVG files that were not properly sanitized, allowing arbitrary JavaScript execution in the context of the current authenticated user of the Grafana instance. Exploiting the vulnerability could enable a remote attacker to perform cross-site scripting (XSS) attacks.
#ExploitObserverAlert
BDU:2024-02574
DESCRIPTION: Exploit Observer has 13 entries in 2 file formats related to BDU:2024-02574. Software vulnerability in OpenVPN related to the use of memory after it has been freed, allowing an attacker to cause a denial of service. The software vulnerability in OpenVPN is related to using memory after it has been freed. Exploiting the vulnerability could enable a remote attacker to cause a denial of service.
BDU:2024-02574
DESCRIPTION: Exploit Observer has 13 entries in 2 file formats related to BDU:2024-02574. Software vulnerability in OpenVPN related to the use of memory after it has been freed, allowing an attacker to cause a denial of service. The software vulnerability in OpenVPN is related to using memory after it has been freed. Exploiting the vulnerability could enable a remote attacker to cause a denial of service.
#ExploitObserverAlert
BDU:2024-02596
DESCRIPTION: Exploit Observer has 14 entries in 4 file formats related to BDU:2024-02596. The vulnerability of the Grafana monitoring and observation platform, related to the disclosure of confidential information to an unauthorized entity, allows an attacker to expose protected information. The vulnerability of the Grafana monitoring and observation platform is linked to the forwarding of the OAuth identifier of the user who last logged into the system. Exploiting the vulnerability could allow a remote attacker to uncover protected information.
BDU:2024-02596
DESCRIPTION: Exploit Observer has 14 entries in 4 file formats related to BDU:2024-02596. The vulnerability of the Grafana monitoring and observation platform, related to the disclosure of confidential information to an unauthorized entity, allows an attacker to expose protected information. The vulnerability of the Grafana monitoring and observation platform is linked to the forwarding of the OAuth identifier of the user who last logged into the system. Exploiting the vulnerability could allow a remote attacker to uncover protected information.
#ExploitObserverAlert
BDU:2024-02582
DESCRIPTION: Exploit Observer has 9 entries in 2 file formats related to BDU:2024-02582. A vulnerability in the modular interface between Rack web servers and web applications is related to the inefficient complexity of regular expressions, allowing an attacker to cause a denial of service. The vulnerability in the modular interface between Rack web servers and web applications is linked to input data processing, which could take an unexpected amount of time. Exploiting the vulnerability could allow a remote attacker to cause a denial of service.
BDU:2024-02582
DESCRIPTION: Exploit Observer has 9 entries in 2 file formats related to BDU:2024-02582. A vulnerability in the modular interface between Rack web servers and web applications is related to the inefficient complexity of regular expressions, allowing an attacker to cause a denial of service. The vulnerability in the modular interface between Rack web servers and web applications is linked to input data processing, which could take an unexpected amount of time. Exploiting the vulnerability could allow a remote attacker to cause a denial of service.
#ExploitObserverAlert
BDU:2024-02592
DESCRIPTION: Exploit Observer has 11 entries in 2 file formats related to BDU:2024-02592. Vulnerability in the virtual learning environment Moodle, related to the exposure of confidential information to an unauthorized entity, allowing the intruder to gain unauthorized access to protected information. The vulnerability of the Moodle virtual learning environment is related to the absence of restricting the mode of separate groups in a summary report of the forum, which displayed users from other groups. Exploiting the vulnerability could allow a remote intruder to gain unauthorized access to protected information.
BDU:2024-02592
DESCRIPTION: Exploit Observer has 11 entries in 2 file formats related to BDU:2024-02592. Vulnerability in the virtual learning environment Moodle, related to the exposure of confidential information to an unauthorized entity, allowing the intruder to gain unauthorized access to protected information. The vulnerability of the Moodle virtual learning environment is related to the absence of restricting the mode of separate groups in a summary report of the forum, which displayed users from other groups. Exploiting the vulnerability could allow a remote intruder to gain unauthorized access to protected information.
#ExploitObserverAlert
BDU:2024-02625
DESCRIPTION: Exploit Observer has 12 entries in 3 file formats related to BDU:2024-02625. The vulnerability in the Vorbis-tools package, related to the possibility of writing beyond the memory buffer, allows an attacker to trigger a denial of service or execute arbitrary code. The vulnerability in the Vorbis-tools package is associated with the potential for writing beyond the memory buffer when converting WAV files to OGG files. Exploiting the vulnerability could allow an attacker to trigger a denial of service or execute arbitrary code.
BDU:2024-02625
DESCRIPTION: Exploit Observer has 12 entries in 3 file formats related to BDU:2024-02625. The vulnerability in the Vorbis-tools package, related to the possibility of writing beyond the memory buffer, allows an attacker to trigger a denial of service or execute arbitrary code. The vulnerability in the Vorbis-tools package is associated with the potential for writing beyond the memory buffer when converting WAV files to OGG files. Exploiting the vulnerability could allow an attacker to trigger a denial of service or execute arbitrary code.
#ExploitObserverAlert
BDU:2024-02579
DESCRIPTION: Exploit Observer has 13 entries in 3 file formats related to BDU:2024-02579. Vulnerability in the Range header analysis component of the modular interface between web servers and Rack web applications allows an attacker to cause a denial of service. The vulnerability in the Range header analysis component of the modular interface between web servers and Rack web applications is related to the processing of input data, which may take an unexpected amount of time. Exploiting the vulnerability could allow a remote attacker to cause a denial of service.
BDU:2024-02579
DESCRIPTION: Exploit Observer has 13 entries in 3 file formats related to BDU:2024-02579. Vulnerability in the Range header analysis component of the modular interface between web servers and Rack web applications allows an attacker to cause a denial of service. The vulnerability in the Range header analysis component of the modular interface between web servers and Rack web applications is related to the processing of input data, which may take an unexpected amount of time. Exploiting the vulnerability could allow a remote attacker to cause a denial of service.
#ExploitObserverAlert
BDU:2024-02607
DESCRIPTION: Exploit Observer has 22 entries in 5 file formats related to BDU:2024-02607. The vulnerability of microcode software in Intel Xeon D processors, related to incorrect computation, allows an attacker to gain unauthorized access to protected information. This vulnerability in the microcode software of Intel Xeon D processors is linked to incorrect computation. Exploiting this vulnerability could enable an attacker to gain unauthorized access to protected information.
BDU:2024-02607
DESCRIPTION: Exploit Observer has 22 entries in 5 file formats related to BDU:2024-02607. The vulnerability of microcode software in Intel Xeon D processors, related to incorrect computation, allows an attacker to gain unauthorized access to protected information. This vulnerability in the microcode software of Intel Xeon D processors is linked to incorrect computation. Exploiting this vulnerability could enable an attacker to gain unauthorized access to protected information.
#ExploitObserverAlert
BDU:2024-02576
DESCRIPTION: Exploit Observer has 10 entries in 3 file formats related to BDU:2024-02576. Vulnerability in the ZeroMQ asynchronous message exchange library, related to a stack buffer overflow on the server, allows an attacker to impact system confidentiality, integrity, and availability. The vulnerability in the ZeroMQ asynchronous message exchange library is associated with a stack buffer overflow on the server. Exploiting this vulnerability can enable a remote attacker to affect system confidentiality, integrity, and availability by sending specially crafted subscription requests to topics and then unsubscribing.
BDU:2024-02576
DESCRIPTION: Exploit Observer has 10 entries in 3 file formats related to BDU:2024-02576. Vulnerability in the ZeroMQ asynchronous message exchange library, related to a stack buffer overflow on the server, allows an attacker to impact system confidentiality, integrity, and availability. The vulnerability in the ZeroMQ asynchronous message exchange library is associated with a stack buffer overflow on the server. Exploiting this vulnerability can enable a remote attacker to affect system confidentiality, integrity, and availability by sending specially crafted subscription requests to topics and then unsubscribing.
#ExploitObserverAlert
PD/http/cves/2024/CVE-2024-29269
DESCRIPTION: Exploit Observer has 6 entries in 4 file formats related to PD/http/cves/2024/CVE-2024-29269. Telesquare Tlr-2005Ksh is a Sk Telecom Lte router from South Korea's Telesquare company.Telesquare TLR-2005Ksh versions 1.0.0 and 1.1.4 have an unauthorized remote command execution vulnerability. An attacker can exploit this vulnerability to execute system commands without authorization through the Cmd parameter and obtain server permissions.
PD/http/cves/2024/CVE-2024-29269
DESCRIPTION: Exploit Observer has 6 entries in 4 file formats related to PD/http/cves/2024/CVE-2024-29269. Telesquare Tlr-2005Ksh is a Sk Telecom Lte router from South Korea's Telesquare company.Telesquare TLR-2005Ksh versions 1.0.0 and 1.1.4 have an unauthorized remote command execution vulnerability. An attacker can exploit this vulnerability to execute system commands without authorization through the Cmd parameter and obtain server permissions.
#ExploitObserverAlert
BDU:2024-02616
DESCRIPTION: Exploit Observer has 11 entries in 3 file formats related to BDU:2024-02616. Vulnerability of the Grafana monitoring and observation platform, related to the disclosure of confidential information to an unauthorized party, allows an attacker to access confidential data. The vulnerability in the Grafana monitoring and observation platform is linked to the use of a forgotten password on the login page, which sends a POST request to the URL `/api/user/password/sent-reset-email`. Exploiting the vulnerability can allow a remote attacker to access confidential data.
BDU:2024-02616
DESCRIPTION: Exploit Observer has 11 entries in 3 file formats related to BDU:2024-02616. Vulnerability of the Grafana monitoring and observation platform, related to the disclosure of confidential information to an unauthorized party, allows an attacker to access confidential data. The vulnerability in the Grafana monitoring and observation platform is linked to the use of a forgotten password on the login page, which sends a POST request to the URL `/api/user/password/sent-reset-email`. Exploiting the vulnerability can allow a remote attacker to access confidential data.
#ExploitObserverAlert
BDU:2024-02590
DESCRIPTION: Exploit Observer has 11 entries in 2 file formats related to BDU:2024-02590. There is a vulnerability in the Moodle virtual learning environment related to improper input neutralization during the creation of web pages, allowing an attacker to carry out cross-site scripting (XSS) attacks. The vulnerability in the Moodle virtual learning environment is associated with the lack of additional cleaning of Wiki comments. Exploiting this vulnerability could allow a remote attacker to conduct cross-site scripting (XSS) attacks.
BDU:2024-02590
DESCRIPTION: Exploit Observer has 11 entries in 2 file formats related to BDU:2024-02590. There is a vulnerability in the Moodle virtual learning environment related to improper input neutralization during the creation of web pages, allowing an attacker to carry out cross-site scripting (XSS) attacks. The vulnerability in the Moodle virtual learning environment is associated with the lack of additional cleaning of Wiki comments. Exploiting this vulnerability could allow a remote attacker to conduct cross-site scripting (XSS) attacks.
#ExploitObserverAlert
BDU:2024-02571
DESCRIPTION: Exploit Observer has 18 entries in 2 file formats related to BDU:2024-02571. A vulnerability in the VMware Tools utility set, related to incorrect privilege assignment, allows an attacker to bypass existing security restrictions. The vulnerability in the VMware Tools utility set is associated with the vulnerability of intercepting the file descriptor in the vmware-user-suid-wrapper shell. Exploiting this vulnerability may allow a remote attacker to bypass existing security restrictions.
BDU:2024-02571
DESCRIPTION: Exploit Observer has 18 entries in 2 file formats related to BDU:2024-02571. A vulnerability in the VMware Tools utility set, related to incorrect privilege assignment, allows an attacker to bypass existing security restrictions. The vulnerability in the VMware Tools utility set is associated with the vulnerability of intercepting the file descriptor in the vmware-user-suid-wrapper shell. Exploiting this vulnerability may allow a remote attacker to bypass existing security restrictions.
#ExploitObserverAlert
BDU:2024-02618
DESCRIPTION: Exploit Observer has 11 entries in 3 file formats related to BDU:2024-02618. The vulnerability of the Grafana monitoring and observation platform related to incorrect authentication allows an attacker to block login attempts. The vulnerability of the Grafana monitoring and observation platform is associated with registering someone else's email address as the username. Exploiting the vulnerability could allow a remote attacker to block login attempts.
BDU:2024-02618
DESCRIPTION: Exploit Observer has 11 entries in 3 file formats related to BDU:2024-02618. The vulnerability of the Grafana monitoring and observation platform related to incorrect authentication allows an attacker to block login attempts. The vulnerability of the Grafana monitoring and observation platform is associated with registering someone else's email address as the username. Exploiting the vulnerability could allow a remote attacker to block login attempts.
#ExploitObserverAlert
BDU:2024-02573
DESCRIPTION: Exploit Observer has 12 entries in 3 file formats related to BDU:2024-02573. Vulnerability in the Grafana monitoring and observation platform related to improper authorization allows an attacker to escalate their privileges. The vulnerability in the Grafana monitoring and observation platform is associated with improper authorization. Exploiting the vulnerability could enable a remote attacker to escalate their privileges.
BDU:2024-02573
DESCRIPTION: Exploit Observer has 12 entries in 3 file formats related to BDU:2024-02573. Vulnerability in the Grafana monitoring and observation platform related to improper authorization allows an attacker to escalate their privileges. The vulnerability in the Grafana monitoring and observation platform is associated with improper authorization. Exploiting the vulnerability could enable a remote attacker to escalate their privileges.
#ExploitObserverAlert
BDU:2024-02609
DESCRIPTION: Exploit Observer has 13 entries in 2 file formats related to BDU:2024-02609. The vulnerability of the LoadIndexFile() and DownloadIndexFile() functions in the repo package and the LoadDir() function in the plugin package of the Kubernetes Helm package manager allows an attacker to cause a denial of service. The vulnerability of the LoadIndexFile() and DownloadIndexFile() functions in the repo package and the LoadDir() function in the plugin package of the Kubernetes Helm package manager is related to the use of uninitialized variables when processing index.yaml and plugin.yaml files. Exploiting the vulnerability could allow a remote attacker to cause a denial of service.
BDU:2024-02609
DESCRIPTION: Exploit Observer has 13 entries in 2 file formats related to BDU:2024-02609. The vulnerability of the LoadIndexFile() and DownloadIndexFile() functions in the repo package and the LoadDir() function in the plugin package of the Kubernetes Helm package manager allows an attacker to cause a denial of service. The vulnerability of the LoadIndexFile() and DownloadIndexFile() functions in the repo package and the LoadDir() function in the plugin package of the Kubernetes Helm package manager is related to the use of uninitialized variables when processing index.yaml and plugin.yaml files. Exploiting the vulnerability could allow a remote attacker to cause a denial of service.
#ExploitObserverAlert
PD/http/cves/2022/CVE-2022-41412
DESCRIPTION: Exploit Observer has 11 entries in 4 file formats related to PD/http/cves/2022/CVE-2022-41412. An issue in the graphData.cgi component of perfSONAR v4.4.5 and prior allows attackers to access sensitive data and execute Server-Side Request Forgery (SSRF) attacks.
PD/http/cves/2022/CVE-2022-41412
DESCRIPTION: Exploit Observer has 11 entries in 4 file formats related to PD/http/cves/2022/CVE-2022-41412. An issue in the graphData.cgi component of perfSONAR v4.4.5 and prior allows attackers to access sensitive data and execute Server-Side Request Forgery (SSRF) attacks.
#ExploitObserverAlert
BDU:2024-02627
DESCRIPTION: Exploit Observer has 12 entries in 3 file formats related to BDU:2024-02627. The vulnerability in the Grafana monitoring and observation platform, associated with parallel execution using a shared resource with incorrect synchronization, allows an attacker to elevate their privileges. The vulnerability in the Grafana monitoring and observation platform is related to registering a foreign email address as a username. Exploiting the vulnerability could allow a remote attacker to escalate their privileges.
BDU:2024-02627
DESCRIPTION: Exploit Observer has 12 entries in 3 file formats related to BDU:2024-02627. The vulnerability in the Grafana monitoring and observation platform, associated with parallel execution using a shared resource with incorrect synchronization, allows an attacker to elevate their privileges. The vulnerability in the Grafana monitoring and observation platform is related to registering a foreign email address as a username. Exploiting the vulnerability could allow a remote attacker to escalate their privileges.
#ExploitObserverAlert
BDU:2024-02593
DESCRIPTION: Exploit Observer has 12 entries in 3 file formats related to BDU:2024-02593. Vulnerability of the Grafana monitoring and observability platform, related to exposing confidential information to an unauthorized entity, allows an attacker to gain unauthorized access to protected information. The vulnerability of the Grafana monitoring and observability platform is associated with the ability to search for JWT in the auth_token URL query parameter and use it as an authentication token. Exploiting this vulnerability may enable a remote attacker to gain unauthorized access to protected information.
BDU:2024-02593
DESCRIPTION: Exploit Observer has 12 entries in 3 file formats related to BDU:2024-02593. Vulnerability of the Grafana monitoring and observability platform, related to exposing confidential information to an unauthorized entity, allows an attacker to gain unauthorized access to protected information. The vulnerability of the Grafana monitoring and observability platform is associated with the ability to search for JWT in the auth_token URL query parameter and use it as an authentication token. Exploiting this vulnerability may enable a remote attacker to gain unauthorized access to protected information.
#ExploitObserverAlert
BDU:2024-02648
DESCRIPTION: Exploit Observer has 8 entries in 3 file formats related to BDU:2024-02648. The vulnerability of the open-source Kubernetes data orchestrator and accelerator for data-intensive Fluid applications is related to improper authorization, allowing an attacker to gain full privileged access to the entire cluster. Exploiting this vulnerability can enable an attacker to gain full privileged access to the entire cluster.
BDU:2024-02648
DESCRIPTION: Exploit Observer has 8 entries in 3 file formats related to BDU:2024-02648. The vulnerability of the open-source Kubernetes data orchestrator and accelerator for data-intensive Fluid applications is related to improper authorization, allowing an attacker to gain full privileged access to the entire cluster. Exploiting this vulnerability can enable an attacker to gain full privileged access to the entire cluster.