#ExploitObserverAlert
CVE-2017-7266
DESCRIPTION: Exploit Observer has 6 entries in 2 file formats related to CVE-2017-7266. Netflix Security Monkey before 0.8.0 has an Open Redirect. The logout functionality accepted the "next" parameter which then redirects to any domain irrespective of the Host header.
FIRST-EPSS: 0.001550000
NVD-IS: 2.7
NVD-ES: 2.8
ARPS-EXPLOITABILITY: 0.5941964
CVE-2017-7266
DESCRIPTION: Exploit Observer has 6 entries in 2 file formats related to CVE-2017-7266. Netflix Security Monkey before 0.8.0 has an Open Redirect. The logout functionality accepted the "next" parameter which then redirects to any domain irrespective of the Host header.
FIRST-EPSS: 0.001550000
NVD-IS: 2.7
NVD-ES: 2.8
ARPS-EXPLOITABILITY: 0.5941964
#ExploitObserverAlert
CVE-2023-49462
DESCRIPTION: Exploit Observer has 8 entries in 3 file formats related to CVE-2023-49462. libheif v1.17.5 was discovered to contain a segmentation violation via the component /libheif/exif.cc.
FIRST-EPSS: 0.000940000
NVD-IS: 5.9
NVD-ES: 2.8
ARPS-EXPLOITABILITY: 0.5905308
CVE-2023-49462
DESCRIPTION: Exploit Observer has 8 entries in 3 file formats related to CVE-2023-49462. libheif v1.17.5 was discovered to contain a segmentation violation via the component /libheif/exif.cc.
FIRST-EPSS: 0.000940000
NVD-IS: 5.9
NVD-ES: 2.8
ARPS-EXPLOITABILITY: 0.5905308
#ExploitObserverAlert
CVE-2024-22019
DESCRIPTION: Exploit Observer has 13 entries in 2 file formats related to CVE-2024-22019. A vulnerability in Node.js HTTP servers allows an attacker to send a specially crafted HTTP request with chunked encoding, leading to resource exhaustion and denial of service (DoS). The server reads an unbounded number of bytes from a single connection, exploiting the lack of limitations on chunk extension bytes. The issue can cause CPU and network bandwidth exhaustion, bypassing standard safeguards like timeouts and body size limits.
FIRST-EPSS: 0.000430000
ARPS-EXPLOITABILITY: 0.5817243
CVE-2024-22019
DESCRIPTION: Exploit Observer has 13 entries in 2 file formats related to CVE-2024-22019. A vulnerability in Node.js HTTP servers allows an attacker to send a specially crafted HTTP request with chunked encoding, leading to resource exhaustion and denial of service (DoS). The server reads an unbounded number of bytes from a single connection, exploiting the lack of limitations on chunk extension bytes. The issue can cause CPU and network bandwidth exhaustion, bypassing standard safeguards like timeouts and body size limits.
FIRST-EPSS: 0.000430000
ARPS-EXPLOITABILITY: 0.5817243
#ExploitObserverAlert
CVE-2023-46871
DESCRIPTION: Exploit Observer has 10 entries in 3 file formats related to CVE-2023-46871. GPAC version 2.3-DEV-rev602-ged8424300-master in MP4Box contains a memory leak in NewSFDouble scenegraph/vrml_tools.c:300. This vulnerability may lead to a denial of service.
FIRST-EPSS: 0.000460000
NVD-IS: 1.4
NVD-ES: 3.9
ARPS-EXPLOITABILITY: 0.5959611
CVE-2023-46871
DESCRIPTION: Exploit Observer has 10 entries in 3 file formats related to CVE-2023-46871. GPAC version 2.3-DEV-rev602-ged8424300-master in MP4Box contains a memory leak in NewSFDouble scenegraph/vrml_tools.c:300. This vulnerability may lead to a denial of service.
FIRST-EPSS: 0.000460000
NVD-IS: 1.4
NVD-ES: 3.9
ARPS-EXPLOITABILITY: 0.5959611
#ExploitObserverAlert
CVE-2023-21665
DESCRIPTION: Exploit Observer has 10 entries in 2 file formats related to CVE-2023-21665. Memory corruption in Graphics while importing a file.
FIRST-EPSS: 0.000430000
NVD-IS: 5.9
NVD-ES: 1.8
ARPS-EXPLOITABILITY: 0.6476879
CVE-2023-21665
DESCRIPTION: Exploit Observer has 10 entries in 2 file formats related to CVE-2023-21665. Memory corruption in Graphics while importing a file.
FIRST-EPSS: 0.000430000
NVD-IS: 5.9
NVD-ES: 1.8
ARPS-EXPLOITABILITY: 0.6476879
#ExploitObserverAlert
CVE-2024-21506
DESCRIPTION: Exploit Observer has 5 entries in 2 file formats related to CVE-2024-21506. Versions of the package pymongo before 4.6.3 are vulnerable to Out-of-bounds Read in the bson module. Using the crafted payload the attacker could force the parser to deserialize unmanaged memory. The parser tries to interpret bytes next to buffer and throws an exception with string. If the following bytes are not printable UTF-8 the parser throws an exception with a single byte.
FIRST-EPSS: 0.000450000
ARPS-EXPLOITABILITY: 0.6581785
CVE-2024-21506
DESCRIPTION: Exploit Observer has 5 entries in 2 file formats related to CVE-2024-21506. Versions of the package pymongo before 4.6.3 are vulnerable to Out-of-bounds Read in the bson module. Using the crafted payload the attacker could force the parser to deserialize unmanaged memory. The parser tries to interpret bytes next to buffer and throws an exception with string. If the following bytes are not printable UTF-8 the parser throws an exception with a single byte.
FIRST-EPSS: 0.000450000
ARPS-EXPLOITABILITY: 0.6581785
#ExploitObserverAlert
CVE-2023-49464
DESCRIPTION: Exploit Observer has 8 entries in 3 file formats related to CVE-2023-49464. libheif v1.17.5 was discovered to contain a segmentation violation via the function UncompressedImageCodec::get_luma_bits_per_pixel_from_configuration_unci.
FIRST-EPSS: 0.000940000
NVD-IS: 5.9
NVD-ES: 2.8
ARPS-EXPLOITABILITY: 0.5905308
CVE-2023-49464
DESCRIPTION: Exploit Observer has 8 entries in 3 file formats related to CVE-2023-49464. libheif v1.17.5 was discovered to contain a segmentation violation via the function UncompressedImageCodec::get_luma_bits_per_pixel_from_configuration_unci.
FIRST-EPSS: 0.000940000
NVD-IS: 5.9
NVD-ES: 2.8
ARPS-EXPLOITABILITY: 0.5905308
#ExploitObserverAlert
CVE-2023-49460
DESCRIPTION: Exploit Observer has 8 entries in 3 file formats related to CVE-2023-49460. libheif v1.17.5 was discovered to contain a segmentation violation via the function UncompressedImageCodec::decode_uncompressed_image.
FIRST-EPSS: 0.000870000
NVD-IS: 5.9
NVD-ES: 2.8
ARPS-EXPLOITABILITY: 0.5905308
CVE-2023-49460
DESCRIPTION: Exploit Observer has 8 entries in 3 file formats related to CVE-2023-49460. libheif v1.17.5 was discovered to contain a segmentation violation via the function UncompressedImageCodec::decode_uncompressed_image.
FIRST-EPSS: 0.000870000
NVD-IS: 5.9
NVD-ES: 2.8
ARPS-EXPLOITABILITY: 0.5905308
#ExploitObserverAlert
CVE-2023-49556
DESCRIPTION: Exploit Observer has 7 entries in 3 file formats related to CVE-2023-49556. Buffer Overflow vulnerability in YASM 1.3.0.86.g9def allows a remote attacker to cause a denial of service via the expr_delete_term function in the libyasm/expr.c component.
FIRST-EPSS: 0.000680000
NVD-IS: 3.6
NVD-ES: 1.8
ARPS-EXPLOITABILITY: 0.5963488
CVE-2023-49556
DESCRIPTION: Exploit Observer has 7 entries in 3 file formats related to CVE-2023-49556. Buffer Overflow vulnerability in YASM 1.3.0.86.g9def allows a remote attacker to cause a denial of service via the expr_delete_term function in the libyasm/expr.c component.
FIRST-EPSS: 0.000680000
NVD-IS: 3.6
NVD-ES: 1.8
ARPS-EXPLOITABILITY: 0.5963488
#ExploitObserverAlert
CVE-2023-48011
DESCRIPTION: Exploit Observer has 8 entries in 3 file formats related to CVE-2023-48011. GPAC v2.3-DEV-rev566-g50c2ab06f-master was discovered to contain a heap-use-after-free via the flush_ref_samples function at /gpac/src/isomedia/movie_fragments.c.
FIRST-EPSS: 0.000530000
NVD-IS: 5.9
NVD-ES: 1.8
ARPS-EXPLOITABILITY: 0.5935014
CVE-2023-48011
DESCRIPTION: Exploit Observer has 8 entries in 3 file formats related to CVE-2023-48011. GPAC v2.3-DEV-rev566-g50c2ab06f-master was discovered to contain a heap-use-after-free via the flush_ref_samples function at /gpac/src/isomedia/movie_fragments.c.
FIRST-EPSS: 0.000530000
NVD-IS: 5.9
NVD-ES: 1.8
ARPS-EXPLOITABILITY: 0.5935014
#ExploitObserverAlert
CVE-2024-3568
DESCRIPTION: Exploit Observer has 3 entries in 1 file formats related to CVE-2024-3568. The huggingface/transformers library is vulnerable to arbitrary code execution through deserialization of untrusted data within the `load_repo_checkpoint()` function of the `TFPreTrainedModel()` class. Attackers can execute arbitrary code and commands by crafting a malicious serialized payload, exploiting the use of `pickle.load()` on data from potentially untrusted sources. This vulnerability allows for remote code execution (RCE) by deceiving victims into loading a seemingly harmless checkpoint during a normal training process, thereby enabling attackers to execute arbitrary code on the targeted machine.
FIRST-EPSS: 0.000430000
ARPS-EXPLOITABILITY: 0.5780347
CVE-2024-3568
DESCRIPTION: Exploit Observer has 3 entries in 1 file formats related to CVE-2024-3568. The huggingface/transformers library is vulnerable to arbitrary code execution through deserialization of untrusted data within the `load_repo_checkpoint()` function of the `TFPreTrainedModel()` class. Attackers can execute arbitrary code and commands by crafting a malicious serialized payload, exploiting the use of `pickle.load()` on data from potentially untrusted sources. This vulnerability allows for remote code execution (RCE) by deceiving victims into loading a seemingly harmless checkpoint during a normal training process, thereby enabling attackers to execute arbitrary code on the targeted machine.
FIRST-EPSS: 0.000430000
ARPS-EXPLOITABILITY: 0.5780347
#ExploitObserverAlert
CVE-2024-21507
DESCRIPTION: Exploit Observer has 3 entries in 1 file formats related to CVE-2024-21507. Versions of the package mysql2 before 3.9.3 are vulnerable to Improper Input Validation through the keyFromFields function, resulting in cache poisoning. An attacker can inject a colon (:) character within a value of the attacker-crafted key.
FIRST-EPSS: 0.000450000
ARPS-EXPLOITABILITY: 0.5780347
CVE-2024-21507
DESCRIPTION: Exploit Observer has 3 entries in 1 file formats related to CVE-2024-21507. Versions of the package mysql2 before 3.9.3 are vulnerable to Improper Input Validation through the keyFromFields function, resulting in cache poisoning. An attacker can inject a colon (:) character within a value of the attacker-crafted key.
FIRST-EPSS: 0.000450000
ARPS-EXPLOITABILITY: 0.5780347
#ExploitObserverAlert
CVE-2024-1728
DESCRIPTION: Exploit Observer has 3 entries in 1 file formats related to CVE-2024-1728. gradio-app/gradio is vulnerable to a local file inclusion vulnerability due to improper validation of user-supplied input in the UploadButton component. Attackers can exploit this vulnerability to read arbitrary files on the filesystem, such as private SSH keys, by manipulating the file path in the request to the `/queue/join` endpoint. This issue could potentially lead to remote code execution. The vulnerability is present in the handling of file upload paths, allowing attackers to redirect file uploads to unintended locations on the server.
FIRST-EPSS: 0.000430000
ARPS-EXPLOITABILITY: 0.5780347
CVE-2024-1728
DESCRIPTION: Exploit Observer has 3 entries in 1 file formats related to CVE-2024-1728. gradio-app/gradio is vulnerable to a local file inclusion vulnerability due to improper validation of user-supplied input in the UploadButton component. Attackers can exploit this vulnerability to read arbitrary files on the filesystem, such as private SSH keys, by manipulating the file path in the request to the `/queue/join` endpoint. This issue could potentially lead to remote code execution. The vulnerability is present in the handling of file upload paths, allowing attackers to redirect file uploads to unintended locations on the server.
FIRST-EPSS: 0.000430000
ARPS-EXPLOITABILITY: 0.5780347
#ExploitObserverAlert
CVE-2024-25415
DESCRIPTION: Exploit Observer has 7 entries in 3 file formats related to CVE-2024-25415. A remote code execution (RCE) vulnerability in /admin/define_language.php of CE Phoenix v1.0.8.20 allows attackers to execute arbitrary PHP code via injecting a crafted payload into the file english.php.
FIRST-EPSS: 0.000450000
ARPS-EXPLOITABILITY: 0.6035537
CVE-2024-25415
DESCRIPTION: Exploit Observer has 7 entries in 3 file formats related to CVE-2024-25415. A remote code execution (RCE) vulnerability in /admin/define_language.php of CE Phoenix v1.0.8.20 allows attackers to execute arbitrary PHP code via injecting a crafted payload into the file english.php.
FIRST-EPSS: 0.000450000
ARPS-EXPLOITABILITY: 0.6035537
#ExploitObserverAlert
CVE-2023-48014
DESCRIPTION: Exploit Observer has 8 entries in 3 file formats related to CVE-2023-48014. GPAC v2.3-DEV-rev566-g50c2ab06f-master was discovered to contain a stack overflow via the hevc_parse_vps_extension function at /media_tools/av_parsers.c.
FIRST-EPSS: 0.000530000
NVD-IS: 5.9
NVD-ES: 1.8
ARPS-EXPLOITABILITY: 0.5935014
CVE-2023-48014
DESCRIPTION: Exploit Observer has 8 entries in 3 file formats related to CVE-2023-48014. GPAC v2.3-DEV-rev566-g50c2ab06f-master was discovered to contain a stack overflow via the hevc_parse_vps_extension function at /media_tools/av_parsers.c.
FIRST-EPSS: 0.000530000
NVD-IS: 5.9
NVD-ES: 1.8
ARPS-EXPLOITABILITY: 0.5935014
#ExploitObserverAlert
CVE-2023-49558
DESCRIPTION: Exploit Observer has 7 entries in 3 file formats related to CVE-2023-49558. An issue in YASM 1.3.0.86.g9def allows a remote attacker to cause a denial of service via the expand_mmac_params function in the modules/preprocs/nasm/nasm-pp.c component.
FIRST-EPSS: 0.000680000
NVD-IS: 3.6
NVD-ES: 1.8
ARPS-EXPLOITABILITY: 0.5963488
CVE-2023-49558
DESCRIPTION: Exploit Observer has 7 entries in 3 file formats related to CVE-2023-49558. An issue in YASM 1.3.0.86.g9def allows a remote attacker to cause a denial of service via the expand_mmac_params function in the modules/preprocs/nasm/nasm-pp.c component.
FIRST-EPSS: 0.000680000
NVD-IS: 3.6
NVD-ES: 1.8
ARPS-EXPLOITABILITY: 0.5963488
#ExploitObserverAlert
CVE-2024-1520
DESCRIPTION: Exploit Observer has 3 entries in 1 file formats related to CVE-2024-1520. An OS Command Injection vulnerability exists in the '/open_code_folder' endpoint of the parisneo/lollms-webui application, due to improper validation of user-supplied input in the 'discussion_id' parameter. Attackers can exploit this vulnerability by injecting malicious OS commands, leading to unauthorized command execution on the underlying operating system. This could result in unauthorized access, data leakage, or complete system compromise.
FIRST-EPSS: 0.000430000
ARPS-EXPLOITABILITY: 0.5780347
CVE-2024-1520
DESCRIPTION: Exploit Observer has 3 entries in 1 file formats related to CVE-2024-1520. An OS Command Injection vulnerability exists in the '/open_code_folder' endpoint of the parisneo/lollms-webui application, due to improper validation of user-supplied input in the 'discussion_id' parameter. Attackers can exploit this vulnerability by injecting malicious OS commands, leading to unauthorized command execution on the underlying operating system. This could result in unauthorized access, data leakage, or complete system compromise.
FIRST-EPSS: 0.000430000
ARPS-EXPLOITABILITY: 0.5780347
#ExploitObserverAlert
CVE-2023-47471
DESCRIPTION: Exploit Observer has 9 entries in 3 file formats related to CVE-2023-47471. Buffer Overflow vulnerability in strukturag libde265 v1.10.12 allows a local attacker to cause a denial of service via the slice_segment_header function in the slice.cc component.
FIRST-EPSS: 0.000520000
NVD-IS: 3.6
NVD-ES: 2.8
ARPS-EXPLOITABILITY: 0.5917607
CVE-2023-47471
DESCRIPTION: Exploit Observer has 9 entries in 3 file formats related to CVE-2023-47471. Buffer Overflow vulnerability in strukturag libde265 v1.10.12 allows a local attacker to cause a denial of service via the slice_segment_header function in the slice.cc component.
FIRST-EPSS: 0.000520000
NVD-IS: 3.6
NVD-ES: 2.8
ARPS-EXPLOITABILITY: 0.5917607
#ExploitObserverAlert
CVE-2023-48013
DESCRIPTION: Exploit Observer has 8 entries in 3 file formats related to CVE-2023-48013. GPAC v2.3-DEV-rev566-g50c2ab06f-master was discovered to contain a double free via the gf_filterpacket_del function at /gpac/src/filter_core/filter.c.
FIRST-EPSS: 0.000530000
NVD-IS: 5.9
NVD-ES: 1.8
ARPS-EXPLOITABILITY: 0.5935014
CVE-2023-48013
DESCRIPTION: Exploit Observer has 8 entries in 3 file formats related to CVE-2023-48013. GPAC v2.3-DEV-rev566-g50c2ab06f-master was discovered to contain a double free via the gf_filterpacket_del function at /gpac/src/filter_core/filter.c.
FIRST-EPSS: 0.000530000
NVD-IS: 5.9
NVD-ES: 1.8
ARPS-EXPLOITABILITY: 0.5935014
#ExploitObserverAlert
CVE-2024-30260
DESCRIPTION: Exploit Observer has 8 entries in 2 file formats related to CVE-2024-30260. Undici is an HTTP/1.1 client, written from scratch for Node.js. Undici cleared Authorization and Proxy-Authorization headers for `fetch()`, but did not clear them for `undici.request()`. This vulnerability was patched in version(s) 5.28.4 and 6.11.1.
FIRST-EPSS: 0.000450000
ARPS-EXPLOITABILITY: 0.6982505
CVE-2024-30260
DESCRIPTION: Exploit Observer has 8 entries in 2 file formats related to CVE-2024-30260. Undici is an HTTP/1.1 client, written from scratch for Node.js. Undici cleared Authorization and Proxy-Authorization headers for `fetch()`, but did not clear them for `undici.request()`. This vulnerability was patched in version(s) 5.28.4 and 6.11.1.
FIRST-EPSS: 0.000450000
ARPS-EXPLOITABILITY: 0.6982505
#ExploitObserverAlert
CVE-2024-3570
DESCRIPTION: Exploit Observer has 3 entries in 1 file formats related to CVE-2024-3570. A stored Cross-Site Scripting (XSS) vulnerability exists in the chat functionality of the mintplex-labs/anything-llm repository, allowing attackers to execute arbitrary JavaScript in the context of a user's session. By manipulating the ChatBot responses, an attacker can inject malicious scripts to perform actions on behalf of the user, such as creating a new admin account or changing the user's password, leading to a complete takeover of the AnythingLLM application. The vulnerability stems from the improper sanitization of user and ChatBot input, specifically through the use of `dangerouslySetInnerHTML`. Successful exploitation requires convincing an admin to add a malicious LocalAI ChatBot to their AnythingLLM instance.
FIRST-EPSS: 0.000430000
ARPS-EXPLOITABILITY: 0.5780347
CVE-2024-3570
DESCRIPTION: Exploit Observer has 3 entries in 1 file formats related to CVE-2024-3570. A stored Cross-Site Scripting (XSS) vulnerability exists in the chat functionality of the mintplex-labs/anything-llm repository, allowing attackers to execute arbitrary JavaScript in the context of a user's session. By manipulating the ChatBot responses, an attacker can inject malicious scripts to perform actions on behalf of the user, such as creating a new admin account or changing the user's password, leading to a complete takeover of the AnythingLLM application. The vulnerability stems from the improper sanitization of user and ChatBot input, specifically through the use of `dangerouslySetInnerHTML`. Successful exploitation requires convincing an admin to add a malicious LocalAI ChatBot to their AnythingLLM instance.
FIRST-EPSS: 0.000430000
ARPS-EXPLOITABILITY: 0.5780347