#ExploitObserverAlert
PD/http/cves/2024/CVE-2024-29269
DESCRIPTION: Exploit Observer has 6 entries in 4 file formats related to PD/http/cves/2024/CVE-2024-29269. Telesquare Tlr-2005Ksh is a Sk Telecom Lte router from South Korea's Telesquare company.Telesquare TLR-2005Ksh versions 1.0.0 and 1.1.4 have an unauthorized remote command execution vulnerability. An attacker can exploit this vulnerability to execute system commands without authorization through the Cmd parameter and obtain server permissions.
PD/http/cves/2024/CVE-2024-29269
DESCRIPTION: Exploit Observer has 6 entries in 4 file formats related to PD/http/cves/2024/CVE-2024-29269. Telesquare Tlr-2005Ksh is a Sk Telecom Lte router from South Korea's Telesquare company.Telesquare TLR-2005Ksh versions 1.0.0 and 1.1.4 have an unauthorized remote command execution vulnerability. An attacker can exploit this vulnerability to execute system commands without authorization through the Cmd parameter and obtain server permissions.
#ExploitObserverAlert
BDU:2024-02616
DESCRIPTION: Exploit Observer has 11 entries in 3 file formats related to BDU:2024-02616. Vulnerability of the Grafana monitoring and observation platform, related to the disclosure of confidential information to an unauthorized party, allows an attacker to access confidential data. The vulnerability in the Grafana monitoring and observation platform is linked to the use of a forgotten password on the login page, which sends a POST request to the URL `/api/user/password/sent-reset-email`. Exploiting the vulnerability can allow a remote attacker to access confidential data.
BDU:2024-02616
DESCRIPTION: Exploit Observer has 11 entries in 3 file formats related to BDU:2024-02616. Vulnerability of the Grafana monitoring and observation platform, related to the disclosure of confidential information to an unauthorized party, allows an attacker to access confidential data. The vulnerability in the Grafana monitoring and observation platform is linked to the use of a forgotten password on the login page, which sends a POST request to the URL `/api/user/password/sent-reset-email`. Exploiting the vulnerability can allow a remote attacker to access confidential data.
#ExploitObserverAlert
BDU:2024-02590
DESCRIPTION: Exploit Observer has 11 entries in 2 file formats related to BDU:2024-02590. There is a vulnerability in the Moodle virtual learning environment related to improper input neutralization during the creation of web pages, allowing an attacker to carry out cross-site scripting (XSS) attacks. The vulnerability in the Moodle virtual learning environment is associated with the lack of additional cleaning of Wiki comments. Exploiting this vulnerability could allow a remote attacker to conduct cross-site scripting (XSS) attacks.
BDU:2024-02590
DESCRIPTION: Exploit Observer has 11 entries in 2 file formats related to BDU:2024-02590. There is a vulnerability in the Moodle virtual learning environment related to improper input neutralization during the creation of web pages, allowing an attacker to carry out cross-site scripting (XSS) attacks. The vulnerability in the Moodle virtual learning environment is associated with the lack of additional cleaning of Wiki comments. Exploiting this vulnerability could allow a remote attacker to conduct cross-site scripting (XSS) attacks.
#ExploitObserverAlert
BDU:2024-02571
DESCRIPTION: Exploit Observer has 18 entries in 2 file formats related to BDU:2024-02571. A vulnerability in the VMware Tools utility set, related to incorrect privilege assignment, allows an attacker to bypass existing security restrictions. The vulnerability in the VMware Tools utility set is associated with the vulnerability of intercepting the file descriptor in the vmware-user-suid-wrapper shell. Exploiting this vulnerability may allow a remote attacker to bypass existing security restrictions.
BDU:2024-02571
DESCRIPTION: Exploit Observer has 18 entries in 2 file formats related to BDU:2024-02571. A vulnerability in the VMware Tools utility set, related to incorrect privilege assignment, allows an attacker to bypass existing security restrictions. The vulnerability in the VMware Tools utility set is associated with the vulnerability of intercepting the file descriptor in the vmware-user-suid-wrapper shell. Exploiting this vulnerability may allow a remote attacker to bypass existing security restrictions.
#ExploitObserverAlert
BDU:2024-02618
DESCRIPTION: Exploit Observer has 11 entries in 3 file formats related to BDU:2024-02618. The vulnerability of the Grafana monitoring and observation platform related to incorrect authentication allows an attacker to block login attempts. The vulnerability of the Grafana monitoring and observation platform is associated with registering someone else's email address as the username. Exploiting the vulnerability could allow a remote attacker to block login attempts.
BDU:2024-02618
DESCRIPTION: Exploit Observer has 11 entries in 3 file formats related to BDU:2024-02618. The vulnerability of the Grafana monitoring and observation platform related to incorrect authentication allows an attacker to block login attempts. The vulnerability of the Grafana monitoring and observation platform is associated with registering someone else's email address as the username. Exploiting the vulnerability could allow a remote attacker to block login attempts.
#ExploitObserverAlert
BDU:2024-02573
DESCRIPTION: Exploit Observer has 12 entries in 3 file formats related to BDU:2024-02573. Vulnerability in the Grafana monitoring and observation platform related to improper authorization allows an attacker to escalate their privileges. The vulnerability in the Grafana monitoring and observation platform is associated with improper authorization. Exploiting the vulnerability could enable a remote attacker to escalate their privileges.
BDU:2024-02573
DESCRIPTION: Exploit Observer has 12 entries in 3 file formats related to BDU:2024-02573. Vulnerability in the Grafana monitoring and observation platform related to improper authorization allows an attacker to escalate their privileges. The vulnerability in the Grafana monitoring and observation platform is associated with improper authorization. Exploiting the vulnerability could enable a remote attacker to escalate their privileges.
#ExploitObserverAlert
BDU:2024-02609
DESCRIPTION: Exploit Observer has 13 entries in 2 file formats related to BDU:2024-02609. The vulnerability of the LoadIndexFile() and DownloadIndexFile() functions in the repo package and the LoadDir() function in the plugin package of the Kubernetes Helm package manager allows an attacker to cause a denial of service. The vulnerability of the LoadIndexFile() and DownloadIndexFile() functions in the repo package and the LoadDir() function in the plugin package of the Kubernetes Helm package manager is related to the use of uninitialized variables when processing index.yaml and plugin.yaml files. Exploiting the vulnerability could allow a remote attacker to cause a denial of service.
BDU:2024-02609
DESCRIPTION: Exploit Observer has 13 entries in 2 file formats related to BDU:2024-02609. The vulnerability of the LoadIndexFile() and DownloadIndexFile() functions in the repo package and the LoadDir() function in the plugin package of the Kubernetes Helm package manager allows an attacker to cause a denial of service. The vulnerability of the LoadIndexFile() and DownloadIndexFile() functions in the repo package and the LoadDir() function in the plugin package of the Kubernetes Helm package manager is related to the use of uninitialized variables when processing index.yaml and plugin.yaml files. Exploiting the vulnerability could allow a remote attacker to cause a denial of service.
#ExploitObserverAlert
PD/http/cves/2022/CVE-2022-41412
DESCRIPTION: Exploit Observer has 11 entries in 4 file formats related to PD/http/cves/2022/CVE-2022-41412. An issue in the graphData.cgi component of perfSONAR v4.4.5 and prior allows attackers to access sensitive data and execute Server-Side Request Forgery (SSRF) attacks.
PD/http/cves/2022/CVE-2022-41412
DESCRIPTION: Exploit Observer has 11 entries in 4 file formats related to PD/http/cves/2022/CVE-2022-41412. An issue in the graphData.cgi component of perfSONAR v4.4.5 and prior allows attackers to access sensitive data and execute Server-Side Request Forgery (SSRF) attacks.
#ExploitObserverAlert
BDU:2024-02627
DESCRIPTION: Exploit Observer has 12 entries in 3 file formats related to BDU:2024-02627. The vulnerability in the Grafana monitoring and observation platform, associated with parallel execution using a shared resource with incorrect synchronization, allows an attacker to elevate their privileges. The vulnerability in the Grafana monitoring and observation platform is related to registering a foreign email address as a username. Exploiting the vulnerability could allow a remote attacker to escalate their privileges.
BDU:2024-02627
DESCRIPTION: Exploit Observer has 12 entries in 3 file formats related to BDU:2024-02627. The vulnerability in the Grafana monitoring and observation platform, associated with parallel execution using a shared resource with incorrect synchronization, allows an attacker to elevate their privileges. The vulnerability in the Grafana monitoring and observation platform is related to registering a foreign email address as a username. Exploiting the vulnerability could allow a remote attacker to escalate their privileges.
#ExploitObserverAlert
BDU:2024-02593
DESCRIPTION: Exploit Observer has 12 entries in 3 file formats related to BDU:2024-02593. Vulnerability of the Grafana monitoring and observability platform, related to exposing confidential information to an unauthorized entity, allows an attacker to gain unauthorized access to protected information. The vulnerability of the Grafana monitoring and observability platform is associated with the ability to search for JWT in the auth_token URL query parameter and use it as an authentication token. Exploiting this vulnerability may enable a remote attacker to gain unauthorized access to protected information.
BDU:2024-02593
DESCRIPTION: Exploit Observer has 12 entries in 3 file formats related to BDU:2024-02593. Vulnerability of the Grafana monitoring and observability platform, related to exposing confidential information to an unauthorized entity, allows an attacker to gain unauthorized access to protected information. The vulnerability of the Grafana monitoring and observability platform is associated with the ability to search for JWT in the auth_token URL query parameter and use it as an authentication token. Exploiting this vulnerability may enable a remote attacker to gain unauthorized access to protected information.
#ExploitObserverAlert
BDU:2024-02648
DESCRIPTION: Exploit Observer has 8 entries in 3 file formats related to BDU:2024-02648. The vulnerability of the open-source Kubernetes data orchestrator and accelerator for data-intensive Fluid applications is related to improper authorization, allowing an attacker to gain full privileged access to the entire cluster. Exploiting this vulnerability can enable an attacker to gain full privileged access to the entire cluster.
BDU:2024-02648
DESCRIPTION: Exploit Observer has 8 entries in 3 file formats related to BDU:2024-02648. The vulnerability of the open-source Kubernetes data orchestrator and accelerator for data-intensive Fluid applications is related to improper authorization, allowing an attacker to gain full privileged access to the entire cluster. Exploiting this vulnerability can enable an attacker to gain full privileged access to the entire cluster.
#ExploitObserverAlert
BDU:2024-02575
DESCRIPTION: Exploit Observer has 15 entries in 5 file formats related to BDU:2024-02575. The vulnerability in the Grafana monitoring and observation platform, associated with improper input neutralization during webpage creation, allows an attacker to conduct cross-site scripting (XSS) attacks. The vulnerability in the Grafana monitoring and observation platform is related to the need to select a forged function and hover the mouse pointer over the description. Exploiting the vulnerability can enable a remote attacker to carry out cross-site scripting (XSS) attacks.
BDU:2024-02575
DESCRIPTION: Exploit Observer has 15 entries in 5 file formats related to BDU:2024-02575. The vulnerability in the Grafana monitoring and observation platform, associated with improper input neutralization during webpage creation, allows an attacker to conduct cross-site scripting (XSS) attacks. The vulnerability in the Grafana monitoring and observation platform is related to the need to select a forged function and hover the mouse pointer over the description. Exploiting the vulnerability can enable a remote attacker to carry out cross-site scripting (XSS) attacks.
#ExploitObserverAlert
BDU:2024-02577
DESCRIPTION: Exploit Observer has 14 entries in 3 file formats related to BDU:2024-02577. The vulnerability in the bgpd/bgp_packet.c file of the FRRouting network routing implementation software on Unix-like systems allows an attacker to cause a denial of service. The vulnerability in the bgpd/bgp_packet.c file of the FRRouting network routing implementation software on Unix-like systems is related to the processing of NLRI when the attribute length is zero. Exploiting the vulnerability could allow a remote attacker to cause a denial of service.
BDU:2024-02577
DESCRIPTION: Exploit Observer has 14 entries in 3 file formats related to BDU:2024-02577. The vulnerability in the bgpd/bgp_packet.c file of the FRRouting network routing implementation software on Unix-like systems allows an attacker to cause a denial of service. The vulnerability in the bgpd/bgp_packet.c file of the FRRouting network routing implementation software on Unix-like systems is related to the processing of NLRI when the attribute length is zero. Exploiting the vulnerability could allow a remote attacker to cause a denial of service.
#ExploitObserverAlert
BDU:2024-02584
DESCRIPTION: Exploit Observer has 10 entries in 3 file formats related to BDU:2024-02584. Vulnerability in the RabbitMQ message broker due to the lack of restriction in the HTTP API on the size of the HTTP request body, allowing an attacker to cause a denial of service. The vulnerability in the RabbitMQ message broker is related to the absence of restrictions in the HTTP API on the size of the HTTP request body, making it vulnerable to very large messages. Exploiting the vulnerability could allow a remote attacker to cause a denial of service.
BDU:2024-02584
DESCRIPTION: Exploit Observer has 10 entries in 3 file formats related to BDU:2024-02584. Vulnerability in the RabbitMQ message broker due to the lack of restriction in the HTTP API on the size of the HTTP request body, allowing an attacker to cause a denial of service. The vulnerability in the RabbitMQ message broker is related to the absence of restrictions in the HTTP API on the size of the HTTP request body, making it vulnerable to very large messages. Exploiting the vulnerability could allow a remote attacker to cause a denial of service.
#ExploitObserverAlert
PD/http/cves/2021/CVE-2021-46419
DESCRIPTION: Exploit Observer has 12 entries in 6 file formats related to PD/http/cves/2021/CVE-2021-46419. An unauthorized file deletion vulnerability in Telesquare TLR-2855KS6 via DELETE method can allow deletion of system files and scripts.
PD/http/cves/2021/CVE-2021-46419
DESCRIPTION: Exploit Observer has 12 entries in 6 file formats related to PD/http/cves/2021/CVE-2021-46419. An unauthorized file deletion vulnerability in Telesquare TLR-2855KS6 via DELETE method can allow deletion of system files and scripts.
#ExploitObserverAlert
BDU:2024-02588
DESCRIPTION: Exploit Observer has 17 entries in 3 file formats related to BDU:2024-02588. Vulnerability in the set of software tools and libraries for working with smart cards OpenSC, associated with improper restriction of memory buffer operations, allowing an attacker to impact the confidentiality, integrity, and availability of protected information. The vulnerability in the set of software tools and libraries for working with smart cards in OpenSC is related to memory errors during card registration using pkcs15-init. Exploiting the vulnerability could allow an attacker to impact the confidentiality, integrity, and availability of protected information.
BDU:2024-02588
DESCRIPTION: Exploit Observer has 17 entries in 3 file formats related to BDU:2024-02588. Vulnerability in the set of software tools and libraries for working with smart cards OpenSC, associated with improper restriction of memory buffer operations, allowing an attacker to impact the confidentiality, integrity, and availability of protected information. The vulnerability in the set of software tools and libraries for working with smart cards in OpenSC is related to memory errors during card registration using pkcs15-init. Exploiting the vulnerability could allow an attacker to impact the confidentiality, integrity, and availability of protected information.
#ExploitObserverAlert
BDU:2024-02617
DESCRIPTION: Exploit Observer has 9 entries in 3 file formats related to BDU:2024-02617. Vulnerability of the Grafana monitoring and observation platform, arising from incorrect input validation, allows an attacker to bypass existing security restrictions. This vulnerability in the Grafana monitoring and observation platform is related to the ability for users to register with any username/email address they choose. Exploiting this vulnerability could enable an attacker to bypass existing security restrictions.
BDU:2024-02617
DESCRIPTION: Exploit Observer has 9 entries in 3 file formats related to BDU:2024-02617. Vulnerability of the Grafana monitoring and observation platform, arising from incorrect input validation, allows an attacker to bypass existing security restrictions. This vulnerability in the Grafana monitoring and observation platform is related to the ability for users to register with any username/email address they choose. Exploiting this vulnerability could enable an attacker to bypass existing security restrictions.
#ExploitObserverAlert
BDU:2024-02585
DESCRIPTION: Exploit Observer has 14 entries in 3 file formats related to BDU:2024-02585. The vulnerability of the --fragment option in the OpenVPN software, associated with division by zero errors, allows an attacker to cause a denial of service. The vulnerability of the --fragment option in the OpenVPN software is related to initiating division by zero. Exploiting the vulnerability could allow a remote attacker to cause a denial of service.
BDU:2024-02585
DESCRIPTION: Exploit Observer has 14 entries in 3 file formats related to BDU:2024-02585. The vulnerability of the --fragment option in the OpenVPN software, associated with division by zero errors, allows an attacker to cause a denial of service. The vulnerability of the --fragment option in the OpenVPN software is related to initiating division by zero. Exploiting the vulnerability could allow a remote attacker to cause a denial of service.
#ExploitObserverAlert
BDU:2024-02586
DESCRIPTION: Exploit Observer has 14 entries in 4 file formats related to BDU:2024-02586. Vulnerability in the systemd-tmpfiles file of the Systemd initialization and service management subsystem allows an attacker to cause a denial of service. The vulnerability in the systemd-tmpfiles file of the Systemd initialization and service management subsystem is related to recursion when too many nested directories are created in /tmp. Exploiting the vulnerability may allow an attacker to cause a denial of service.
BDU:2024-02586
DESCRIPTION: Exploit Observer has 14 entries in 4 file formats related to BDU:2024-02586. Vulnerability in the systemd-tmpfiles file of the Systemd initialization and service management subsystem allows an attacker to cause a denial of service. The vulnerability in the systemd-tmpfiles file of the Systemd initialization and service management subsystem is related to recursion when too many nested directories are created in /tmp. Exploiting the vulnerability may allow an attacker to cause a denial of service.
#ExploitObserverAlert
BDU:2024-02619
DESCRIPTION: Exploit Observer has 8 entries in 3 file formats related to BDU:2024-02619. The vulnerability of the Grafana monitoring and observability platform that leads to the disclosure of confidential information to an unauthorized entity allows an attacker to expose protected information. This vulnerability is related to the transmission of authentication users' cookie files to plugins. Exploiting the vulnerability could enable a remote attacker to access protected information.
BDU:2024-02619
DESCRIPTION: Exploit Observer has 8 entries in 3 file formats related to BDU:2024-02619. The vulnerability of the Grafana monitoring and observability platform that leads to the disclosure of confidential information to an unauthorized entity allows an attacker to expose protected information. This vulnerability is related to the transmission of authentication users' cookie files to plugins. Exploiting the vulnerability could enable a remote attacker to access protected information.
#ExploitObserverAlert
BDU:2024-02620
DESCRIPTION: Exploit Observer has 8 entries in 3 file formats related to BDU:2024-02620. Vulnerability of the Grafana monitoring and observation platform associated with the disclosure of confidential information to an unauthorized party, enabling the attacker to expose protected information. The vulnerability of the Grafana monitoring and observation platform is related to the transmission of authentication tokens to certain target plugins. Exploiting this vulnerability could allow a remote attacker to expose protected information.
BDU:2024-02620
DESCRIPTION: Exploit Observer has 8 entries in 3 file formats related to BDU:2024-02620. Vulnerability of the Grafana monitoring and observation platform associated with the disclosure of confidential information to an unauthorized party, enabling the attacker to expose protected information. The vulnerability of the Grafana monitoring and observation platform is related to the transmission of authentication tokens to certain target plugins. Exploiting this vulnerability could allow a remote attacker to expose protected information.