#ExploitObserverAlert
BDU:2024-02580
DESCRIPTION: Exploit Observer has 13 entries in 3 file formats related to BDU:2024-02580. Vulnerability of the modular interface between Rack web servers and web applications, related to uncontrolled resource consumption, allowing an attacker to cause a denial of service. The vulnerability of the modular interface between Rack web servers and web applications is associated with the creation of input data that can cause analysis of the Content-Disposition header in Rack to take an unexpected amount of time. Exploiting the vulnerability can allow a remote attacker to cause a denial of service.
BDU:2024-02580
DESCRIPTION: Exploit Observer has 13 entries in 3 file formats related to BDU:2024-02580. Vulnerability of the modular interface between Rack web servers and web applications, related to uncontrolled resource consumption, allowing an attacker to cause a denial of service. The vulnerability of the modular interface between Rack web servers and web applications is associated with the creation of input data that can cause analysis of the Content-Disposition header in Rack to take an unexpected amount of time. Exploiting the vulnerability can allow a remote attacker to cause a denial of service.
#ExploitObserverAlert
BDU:2024-02637
DESCRIPTION: Exploit Observer has 12 entries in 2 file formats related to BDU:2024-02637. Vulnerability in Mozilla Firefox, Firefox ESR, and the Thunderbird email client for Mac OS operating systems allows an attacker to execute arbitrary code. The vulnerability in Mozilla Firefox, Firefox ESR, and the Thunderbird email client for Mac OS operating systems is related to access control flaws. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code when loading files with the .inetloc extension.
BDU:2024-02637
DESCRIPTION: Exploit Observer has 12 entries in 2 file formats related to BDU:2024-02637. Vulnerability in Mozilla Firefox, Firefox ESR, and the Thunderbird email client for Mac OS operating systems allows an attacker to execute arbitrary code. The vulnerability in Mozilla Firefox, Firefox ESR, and the Thunderbird email client for Mac OS operating systems is related to access control flaws. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code when loading files with the .inetloc extension.
#ExploitObserverAlert
BDU:2024-02587
DESCRIPTION: Exploit Observer has 13 entries in 3 file formats related to BDU:2024-02587. Vulnerability in the MyEID driver of the software toolkit and libraries for working with smart cards OpenSC, allowing a potential attacker to gain unauthorized access to confidential data. The vulnerability in the MyEID driver of the software toolkit and libraries for working with smart cards OpenSC is related to reading beyond the boundaries of the buffer in memory during symmetric key encryption processing. Exploiting the vulnerability could potentially allow an attacker to gain unauthorized access to confidential data.
BDU:2024-02587
DESCRIPTION: Exploit Observer has 13 entries in 3 file formats related to BDU:2024-02587. Vulnerability in the MyEID driver of the software toolkit and libraries for working with smart cards OpenSC, allowing a potential attacker to gain unauthorized access to confidential data. The vulnerability in the MyEID driver of the software toolkit and libraries for working with smart cards OpenSC is related to reading beyond the boundaries of the buffer in memory during symmetric key encryption processing. Exploiting the vulnerability could potentially allow an attacker to gain unauthorized access to confidential data.
#ExploitObserverAlert
PSS-177922
DESCRIPTION: Exploit Observer has 157 entries in 17 file formats related to PSS-177922. Red Hat Security Advisory 2024-1614-03. Red Hat Security Advisory 2024-1614-03 - An update for kernel-rt is now available for Red Hat Enterprise Linux 8. Issues addressed include code execution, null pointer, privilege escalation, and use-after-free vulnerabilities.
PSS-177922
DESCRIPTION: Exploit Observer has 157 entries in 17 file formats related to PSS-177922. Red Hat Security Advisory 2024-1614-03. Red Hat Security Advisory 2024-1614-03 - An update for kernel-rt is now available for Red Hat Enterprise Linux 8. Issues addressed include code execution, null pointer, privilege escalation, and use-after-free vulnerabilities.
#ExploitObserverAlert
BDU:2024-02611
DESCRIPTION: Exploit Observer has 10 entries in 2 file formats related to BDU:2024-02611. Vulnerability in the software for creating, monitoring, and orchestrating Apache Airflow data processing scenarios is related to access control flaws, which allow an attacker to gain unauthorized access to resources. The software vulnerability in creating, monitoring, and orchestrating Apache Airflow data processing scenarios is linked to access control deficiencies. Exploiting this vulnerability can enable a remote attacker to gain unauthorized access to resources.
BDU:2024-02611
DESCRIPTION: Exploit Observer has 10 entries in 2 file formats related to BDU:2024-02611. Vulnerability in the software for creating, monitoring, and orchestrating Apache Airflow data processing scenarios is related to access control flaws, which allow an attacker to gain unauthorized access to resources. The software vulnerability in creating, monitoring, and orchestrating Apache Airflow data processing scenarios is linked to access control deficiencies. Exploiting this vulnerability can enable a remote attacker to gain unauthorized access to resources.
#ExploitObserverAlert
BDU:2024-02628
DESCRIPTION: Exploit Observer has 13 entries in 2 file formats related to BDU:2024-02628. Vulnerability in the software tool for implementing the MediaWiki hypertext environment is related to improper input sanitization during web page creation, allowing an attacker to carry out cross-site scripting attacks. The vulnerability in the software tool for implementing the MediaWiki hypertext environment is associated with the ability to use XSS in the partial block function. Exploiting the vulnerability can allow a remote attacker to execute cross-site scripting attacks.
BDU:2024-02628
DESCRIPTION: Exploit Observer has 13 entries in 2 file formats related to BDU:2024-02628. Vulnerability in the software tool for implementing the MediaWiki hypertext environment is related to improper input sanitization during web page creation, allowing an attacker to carry out cross-site scripting attacks. The vulnerability in the software tool for implementing the MediaWiki hypertext environment is associated with the ability to use XSS in the partial block function. Exploiting the vulnerability can allow a remote attacker to execute cross-site scripting attacks.
#ExploitObserverAlert
PD/http/cves/2024/CVE-2024-28255
DESCRIPTION: Exploit Observer has 10 entries in 4 file formats related to PD/http/cves/2024/CVE-2024-28255. OpenMetadata is a unified platform for discovery, observability, and governance powered by a central metadata repository, in-depth lineage, and seamless team collaboration. The `JwtFilter` handles the API authentication by requiring and verifying JWT tokens. When a new request comes in, the request's path is checked against this list. When the request's path contains any of the excluded endpoints the filter returns without validating the JWT. Unfortunately, an attacker may use Path Parameters to make any path contain any arbitrary strings. For example, a request to `GET /api/v1;v1%2fusers%2flogin/events/subscriptions/validation/condition/111` will match the excluded endpoint condition and therefore will be processed with no JWT validation allowing an attacker to bypass the authentication mechanism and reach any arbitrary endpoint, including the ones listed above that lead to arbitrary SpEL expression injection. This bypass will not work when the endpoint uses the `SecurityContext.getUserPrincipal()` since it will return `null` and will throw an NPE. This issue may lead to authentication bypass and has been addressed in version 1.2.4. Users are advised to upgrade. There are no known workarounds for this vulnerability. This issue is also tracked as `GHSL-2023-237`.
PD/http/cves/2024/CVE-2024-28255
DESCRIPTION: Exploit Observer has 10 entries in 4 file formats related to PD/http/cves/2024/CVE-2024-28255. OpenMetadata is a unified platform for discovery, observability, and governance powered by a central metadata repository, in-depth lineage, and seamless team collaboration. The `JwtFilter` handles the API authentication by requiring and verifying JWT tokens. When a new request comes in, the request's path is checked against this list. When the request's path contains any of the excluded endpoints the filter returns without validating the JWT. Unfortunately, an attacker may use Path Parameters to make any path contain any arbitrary strings. For example, a request to `GET /api/v1;v1%2fusers%2flogin/events/subscriptions/validation/condition/111` will match the excluded endpoint condition and therefore will be processed with no JWT validation allowing an attacker to bypass the authentication mechanism and reach any arbitrary endpoint, including the ones listed above that lead to arbitrary SpEL expression injection. This bypass will not work when the endpoint uses the `SecurityContext.getUserPrincipal()` since it will return `null` and will throw an NPE. This issue may lead to authentication bypass and has been addressed in version 1.2.4. Users are advised to upgrade. There are no known workarounds for this vulnerability. This issue is also tracked as `GHSL-2023-237`.
#ExploitObserverAlert
BDU:2024-02638
DESCRIPTION: Exploit Observer has 9 entries in 2 file formats related to BDU:2024-02638. Vulnerability in the Mozilla Firefox browser, associated with incorrect restriction of visualized layers of the user interface, allows an attacker to conduct spoofing attacks. The vulnerability in the Mozilla Firefox browser is related to the incorrect restriction of visualized layers of the user interface. Exploiting this vulnerability may allow a remote attacker to conduct spoofing attacks.
BDU:2024-02638
DESCRIPTION: Exploit Observer has 9 entries in 2 file formats related to BDU:2024-02638. Vulnerability in the Mozilla Firefox browser, associated with incorrect restriction of visualized layers of the user interface, allows an attacker to conduct spoofing attacks. The vulnerability in the Mozilla Firefox browser is related to the incorrect restriction of visualized layers of the user interface. Exploiting this vulnerability may allow a remote attacker to conduct spoofing attacks.
#ExploitObserverAlert
BDU:2024-02623
DESCRIPTION: Exploit Observer has 16 entries in 3 file formats related to BDU:2024-02623. There is a vulnerability in the _libcap_strdup() function of the Libcap package that allows an attacker to execute arbitrary PHP files on the server. This vulnerability in the _libcap_strdup() function of the Libcap package is related to buffer overflow if the input string is close to 4 GiB. Exploiting this vulnerability could allow an attacker to execute arbitrary PHP files on the server.
BDU:2024-02623
DESCRIPTION: Exploit Observer has 16 entries in 3 file formats related to BDU:2024-02623. There is a vulnerability in the _libcap_strdup() function of the Libcap package that allows an attacker to execute arbitrary PHP files on the server. This vulnerability in the _libcap_strdup() function of the Libcap package is related to buffer overflow if the input string is close to 4 GiB. Exploiting this vulnerability could allow an attacker to execute arbitrary PHP files on the server.
#ExploitObserverAlert
BDU:2024-02622
DESCRIPTION: Exploit Observer has 10 entries in 3 file formats related to BDU:2024-02622. Vulnerability of the Grafana monitoring and observation platform is associated with authentication bypass through spoofing, allowing an attacker to gain unauthorized access to information and compromise its integrity and availability. The platform's vulnerability is linked to administrator-to-administrator server escalation when using an authentication proxy server. Exploiting the vulnerability may enable a remote attacker to gain unauthorized access to information and compromise its integrity and availability.
BDU:2024-02622
DESCRIPTION: Exploit Observer has 10 entries in 3 file formats related to BDU:2024-02622. Vulnerability of the Grafana monitoring and observation platform is associated with authentication bypass through spoofing, allowing an attacker to gain unauthorized access to information and compromise its integrity and availability. The platform's vulnerability is linked to administrator-to-administrator server escalation when using an authentication proxy server. Exploiting the vulnerability may enable a remote attacker to gain unauthorized access to information and compromise its integrity and availability.
#ExploitObserverAlert
BDU:2024-02614
DESCRIPTION: Exploit Observer has 8 entries in 3 file formats related to BDU:2024-02614. The vulnerability in the Grafana monitoring and observation platform is related to improper input sanitization during the creation of web pages, which allows an attacker to inject entered URL addresses. The vulnerability in the Grafana monitoring and observation platform is linked to creating a snapshot and arbitrarily selecting the "originalUrl" parameter, by editing the request through a web proxy. Exploiting the vulnerability may enable a remote attacker to inject entered URL addresses.
BDU:2024-02614
DESCRIPTION: Exploit Observer has 8 entries in 3 file formats related to BDU:2024-02614. The vulnerability in the Grafana monitoring and observation platform is related to improper input sanitization during the creation of web pages, which allows an attacker to inject entered URL addresses. The vulnerability in the Grafana monitoring and observation platform is linked to creating a snapshot and arbitrarily selecting the "originalUrl" parameter, by editing the request through a web proxy. Exploiting the vulnerability may enable a remote attacker to inject entered URL addresses.
#ExploitObserverAlert
BDU:2024-02626
DESCRIPTION: Exploit Observer has 15 entries in 3 file formats related to BDU:2024-02626. Vulnerability of the gifread.c component of the OptiPNG PNG optimization software allows an attacker to cause a denial of service or otherwise impact the system. This vulnerability in the gifread.c component of the OptiPNG PNG optimization software is related to buffer overflow through the 'buffer' variable. Exploiting this vulnerability could enable an attacker to cause a denial of service or have other effects.
BDU:2024-02626
DESCRIPTION: Exploit Observer has 15 entries in 3 file formats related to BDU:2024-02626. Vulnerability of the gifread.c component of the OptiPNG PNG optimization software allows an attacker to cause a denial of service or otherwise impact the system. This vulnerability in the gifread.c component of the OptiPNG PNG optimization software is related to buffer overflow through the 'buffer' variable. Exploiting this vulnerability could enable an attacker to cause a denial of service or have other effects.
#ExploitObserverAlert
BDU:2024-02600
DESCRIPTION: Exploit Observer has 8 entries in 2 file formats related to BDU:2024-02600. Vulnerability in the Google Sheets data source platform for monitoring and observing Grafana is related to the generation of error messages containing confidential information, allowing an attacker to access confidential data. The vulnerability in the Google Sheets data source platform for monitoring and observing Grafana is linked to the improper handling of error messages, potentially exposing the Google Sheets API key. Exploiting the vulnerability could enable a remote attacker to access confidential data.
BDU:2024-02600
DESCRIPTION: Exploit Observer has 8 entries in 2 file formats related to BDU:2024-02600. Vulnerability in the Google Sheets data source platform for monitoring and observing Grafana is related to the generation of error messages containing confidential information, allowing an attacker to access confidential data. The vulnerability in the Google Sheets data source platform for monitoring and observing Grafana is linked to the improper handling of error messages, potentially exposing the Google Sheets API key. Exploiting the vulnerability could enable a remote attacker to access confidential data.
#ExploitObserverAlert
PD/http/cves/2024/CVE-2024-28734
DESCRIPTION: Exploit Observer has 9 entries in 4 file formats related to PD/http/cves/2024/CVE-2024-28734. Cross Site Scripting vulnerability in Unit4 Financials by Coda v.2024Q1 allows a remote attacker to escalate privileges via a crafted script to the cols parameter.
PD/http/cves/2024/CVE-2024-28734
DESCRIPTION: Exploit Observer has 9 entries in 4 file formats related to PD/http/cves/2024/CVE-2024-28734. Cross Site Scripting vulnerability in Unit4 Financials by Coda v.2024Q1 allows a remote attacker to escalate privileges via a crafted script to the cols parameter.
#ExploitObserverAlert
CVE-2024-3273
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2024-3273. ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as critical, was found in D-Link DNS-320L, DNS-325, DNS-327L and DNS-340L up to 20240403. Affected is an unknown function of the file /cgi-bin/nas_sharing.cgi of the component HTTP GET Request Handler. The manipulation of the argument system leads to command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-259284. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: Vendor was contacted early and confirmed immediately that the product is end-of-life. It should be retired and replaced.
FIRST-EPSS: 0.000450000
CVE-2024-3273
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2024-3273. ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as critical, was found in D-Link DNS-320L, DNS-325, DNS-327L and DNS-340L up to 20240403. Affected is an unknown function of the file /cgi-bin/nas_sharing.cgi of the component HTTP GET Request Handler. The manipulation of the argument system leads to command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-259284. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: Vendor was contacted early and confirmed immediately that the product is end-of-life. It should be retired and replaced.
FIRST-EPSS: 0.000450000
#ExploitObserverAlert
CVE-2024-1597
DESCRIPTION: Exploit Observer has 230 entries in 6 file formats related to CVE-2024-1597. pgjdbc, the PostgreSQL JDBC Driver, allows attacker to inject SQL if using PreferQueryMode=SIMPLE. Note this is not the default. In the default mode there is no vulnerability. A placeholder for a numeric value must be immediately preceded by a minus. There must be a second placeholder for a string value after the first placeholder; both must be on the same line. By constructing a matching string payload, the attacker can inject SQL to alter the query,bypassing the protections that parameterized queries bring against SQL Injection attacks. Versions before 42.7.2, 42.6.1, 42.5.5, 42.4.4, 42.3.9, and 42.2.8 are affected.
FIRST-EPSS: 0.000450000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2024-1597
DESCRIPTION: Exploit Observer has 230 entries in 6 file formats related to CVE-2024-1597. pgjdbc, the PostgreSQL JDBC Driver, allows attacker to inject SQL if using PreferQueryMode=SIMPLE. Note this is not the default. In the default mode there is no vulnerability. A placeholder for a numeric value must be immediately preceded by a minus. There must be a second placeholder for a string value after the first placeholder; both must be on the same line. By constructing a matching string payload, the attacker can inject SQL to alter the query,bypassing the protections that parameterized queries bring against SQL Injection attacks. Versions before 42.7.2, 42.6.1, 42.5.5, 42.4.4, 42.3.9, and 42.2.8 are affected.
FIRST-EPSS: 0.000450000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2023-45288
DESCRIPTION: Exploit Observer has 8 entries in 3 file formats related to CVE-2023-45288. An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request's headers exceed MaxHeaderBytes, no memory is allocated to store the excess headers, but they are still parsed. This permits an attacker to cause an HTTP/2 endpoint to read arbitrary amounts of header data, all associated with a request which is going to be rejected. These headers can include Huffman-encoded data which is significantly more expensive for the receiver to decode than for an attacker to send. The fix sets a limit on the amount of excess header frames we will process before closing a connection.
FIRST-EPSS: 0.000450000
CVE-2023-45288
DESCRIPTION: Exploit Observer has 8 entries in 3 file formats related to CVE-2023-45288. An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request's headers exceed MaxHeaderBytes, no memory is allocated to store the excess headers, but they are still parsed. This permits an attacker to cause an HTTP/2 endpoint to read arbitrary amounts of header data, all associated with a request which is going to be rejected. These headers can include Huffman-encoded data which is significantly more expensive for the receiver to decode than for an attacker to send. The fix sets a limit on the amount of excess header frames we will process before closing a connection.
FIRST-EPSS: 0.000450000
#ExploitObserverAlert
CVE-2020-28241
DESCRIPTION: Exploit Observer has 12 entries in 3 file formats related to CVE-2020-28241. libmaxminddb before 1.4.3 has a heap-based buffer over-read in dump_entry_data_list in maxminddb.c.
FIRST-EPSS: 0.003940000
NVD-IS: 3.6
NVD-ES: 2.8
CVE-2020-28241
DESCRIPTION: Exploit Observer has 12 entries in 3 file formats related to CVE-2020-28241. libmaxminddb before 1.4.3 has a heap-based buffer over-read in dump_entry_data_list in maxminddb.c.
FIRST-EPSS: 0.003940000
NVD-IS: 3.6
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2024-24725
DESCRIPTION: Exploit Observer has 8 entries in 3 file formats related to CVE-2024-24725. Gibbon through 26.0.00 allows remote authenticated users to conduct PHP deserialization attacks via columnOrder in a POST request to the modules/System%20Admin/import_run.php&type=externalAssessment&step=4 URI.
FIRST-EPSS: 0.133120000
CVE-2024-24725
DESCRIPTION: Exploit Observer has 8 entries in 3 file formats related to CVE-2024-24725. Gibbon through 26.0.00 allows remote authenticated users to conduct PHP deserialization attacks via columnOrder in a POST request to the modules/System%20Admin/import_run.php&type=externalAssessment&step=4 URI.
FIRST-EPSS: 0.133120000
#ExploitObserverAlert
CVE-2024-27620
DESCRIPTION: Exploit Observer has 4 entries in 1 file formats related to CVE-2024-27620. An issue in Ladder v.0.0.1 thru v.0.0.21 allows a remote attacker to obtain sensitive information via a crafted request to the API.
FIRST-EPSS: 0.000840000
CVE-2024-27620
DESCRIPTION: Exploit Observer has 4 entries in 1 file formats related to CVE-2024-27620. An issue in Ladder v.0.0.1 thru v.0.0.21 allows a remote attacker to obtain sensitive information via a crafted request to the API.
FIRST-EPSS: 0.000840000
#ExploitObserverAlert
CVE-2024-28741
DESCRIPTION: Exploit Observer has 6 entries in 3 file formats related to CVE-2024-28741. Cross Site Scripting vulnerability in EginDemirbilek NorthStar C2 v1 allows a remote attacker to execute arbitrary code via the login.php component.
FIRST-EPSS: 0.000450000
CVE-2024-28741
DESCRIPTION: Exploit Observer has 6 entries in 3 file formats related to CVE-2024-28741. Cross Site Scripting vulnerability in EginDemirbilek NorthStar C2 v1 allows a remote attacker to execute arbitrary code via the login.php component.
FIRST-EPSS: 0.000450000