#ExploitObserverAlert
CVE-2021-25283
DESCRIPTION: Exploit Observer has 22 entries in 3 file formats related to CVE-2021-25283. An issue was discovered in through SaltStack Salt before 3002.5. The jinja renderer does not protect against server side template injection attacks.
FIRST-EPSS: 0.166800000
NVD-IS: 5.9
NVD-ES: 3.9
ARPS-PRIORITY: 0.9039093
CVE-2021-25283
DESCRIPTION: Exploit Observer has 22 entries in 3 file formats related to CVE-2021-25283. An issue was discovered in through SaltStack Salt before 3002.5. The jinja renderer does not protect against server side template injection attacks.
FIRST-EPSS: 0.166800000
NVD-IS: 5.9
NVD-ES: 3.9
ARPS-PRIORITY: 0.9039093
#ExploitObserverAlert
CVE-2022-21165
DESCRIPTION: Exploit Observer has 7 entries in 2 file formats related to CVE-2022-21165. All versions of package font-converter are vulnerable to Arbitrary Command Injection due to missing sanitization of input that potentially flows into the child_process.exec() function.
FIRST-EPSS: 0.005790000
NVD-IS: 5.9
NVD-ES: 3.9
ARPS-PRIORITY: 0.7197403
CVE-2022-21165
DESCRIPTION: Exploit Observer has 7 entries in 2 file formats related to CVE-2022-21165. All versions of package font-converter are vulnerable to Arbitrary Command Injection due to missing sanitization of input that potentially flows into the child_process.exec() function.
FIRST-EPSS: 0.005790000
NVD-IS: 5.9
NVD-ES: 3.9
ARPS-PRIORITY: 0.7197403
#ExploitObserverAlert
CVE-2024-32407
DESCRIPTION: Exploit Observer has 4 entries in 2 file formats related to CVE-2024-32407. An issue in inducer relate before v.2024.1 allows a remote attacker to execute arbitrary code via a crafted payload to the Page Sandbox feature.
FIRST-EPSS: 0.000430000
ARPS-PRIORITY: 0.8062151
CVE-2024-32407
DESCRIPTION: Exploit Observer has 4 entries in 2 file formats related to CVE-2024-32407. An issue in inducer relate before v.2024.1 allows a remote attacker to execute arbitrary code via a crafted payload to the Page Sandbox feature.
FIRST-EPSS: 0.000430000
ARPS-PRIORITY: 0.8062151
#ExploitObserverAlert
CVE-2020-14144
DESCRIPTION: Exploit Observer has 27 entries in 9 file formats related to CVE-2020-14144. The git hook feature in Gitea 1.1.0 through 1.12.5 might allow for authenticated remote code execution in customer environments where the documentation was not understood (e.g., one viewpoint is that the dangerousness of this feature should be documented immediately above the ENABLE_GIT_HOOKS line in the config file). NOTE: The vendor has indicated this is not a vulnerability and states "This is a functionality of the software that is limited to a very limited subset of accounts. If you give someone the privilege to execute arbitrary code on your server, they can execute arbitrary code on your server. We provide very clear warnings to users around this functionality and what it provides.
FIRST-EPSS: 0.972340000
NVD-IS: 5.9
NVD-ES: 1.2
ARPS-PRIORITY: 0.915973
CVE-2020-14144
DESCRIPTION: Exploit Observer has 27 entries in 9 file formats related to CVE-2020-14144. The git hook feature in Gitea 1.1.0 through 1.12.5 might allow for authenticated remote code execution in customer environments where the documentation was not understood (e.g., one viewpoint is that the dangerousness of this feature should be documented immediately above the ENABLE_GIT_HOOKS line in the config file). NOTE: The vendor has indicated this is not a vulnerability and states "This is a functionality of the software that is limited to a very limited subset of accounts. If you give someone the privilege to execute arbitrary code on your server, they can execute arbitrary code on your server. We provide very clear warnings to users around this functionality and what it provides.
FIRST-EPSS: 0.972340000
NVD-IS: 5.9
NVD-ES: 1.2
ARPS-PRIORITY: 0.915973
#ExploitObserverAlert
CVE-2024-2660
DESCRIPTION: Exploit Observer has 6 entries in 2 file formats related to CVE-2024-2660. Vault and Vault Enterprise TLS certificates auth method did not correctly validate OCSP responses when one or more OCSP sources were configured. Fixed in Vault 1.16.0 and Vault Enterprise 1.16.1, 1.15.7, and 1.14.11.
FIRST-EPSS: 0.000430000
ARPS-PRIORITY: 0.7131285
CVE-2024-2660
DESCRIPTION: Exploit Observer has 6 entries in 2 file formats related to CVE-2024-2660. Vault and Vault Enterprise TLS certificates auth method did not correctly validate OCSP responses when one or more OCSP sources were configured. Fixed in Vault 1.16.0 and Vault Enterprise 1.16.1, 1.15.7, and 1.14.11.
FIRST-EPSS: 0.000430000
ARPS-PRIORITY: 0.7131285
#ExploitObserverAlert
CVE-2019-10791
DESCRIPTION: Exploit Observer has 7 entries in 2 file formats related to CVE-2019-10791. promise-probe before 0.10.0 allows remote attackers to perform a command injection attack. The file, outputFile and options functions can be controlled by users without any sanitization.
FIRST-EPSS: 0.004810000
NVD-IS: 5.9
NVD-ES: 3.9
ARPS-PRIORITY: 0.7192889
CVE-2019-10791
DESCRIPTION: Exploit Observer has 7 entries in 2 file formats related to CVE-2019-10791. promise-probe before 0.10.0 allows remote attackers to perform a command injection attack. The file, outputFile and options functions can be controlled by users without any sanitization.
FIRST-EPSS: 0.004810000
NVD-IS: 5.9
NVD-ES: 3.9
ARPS-PRIORITY: 0.7192889
#ExploitObserverAlert
CVE-2023-24534
DESCRIPTION: Exploit Observer has 21 entries in 4 file formats related to CVE-2023-24534. HTTP and MIME header parsing can allocate large amounts of memory, even when parsing small inputs, potentially leading to a denial of service. Certain unusual patterns of input data can cause the common function used to parse HTTP and MIME headers to allocate substantially more memory than required to hold the parsed headers. An attacker can exploit this behavior to cause an HTTP server to allocate large amounts of memory from a small request, potentially leading to memory exhaustion and a denial of service. With fix, header parsing now correctly allocates only the memory required to hold parsed headers.
FIRST-EPSS: 0.001810000
NVD-IS: 3.6
NVD-ES: 3.9
ARPS-PRIORITY: 0.7008381
CVE-2023-24534
DESCRIPTION: Exploit Observer has 21 entries in 4 file formats related to CVE-2023-24534. HTTP and MIME header parsing can allocate large amounts of memory, even when parsing small inputs, potentially leading to a denial of service. Certain unusual patterns of input data can cause the common function used to parse HTTP and MIME headers to allocate substantially more memory than required to hold the parsed headers. An attacker can exploit this behavior to cause an HTTP server to allocate large amounts of memory from a small request, potentially leading to memory exhaustion and a denial of service. With fix, header parsing now correctly allocates only the memory required to hold parsed headers.
FIRST-EPSS: 0.001810000
NVD-IS: 3.6
NVD-ES: 3.9
ARPS-PRIORITY: 0.7008381
#ExploitObserverAlert
CVE-2020-25540
DESCRIPTION: Exploit Observer has 30 entries in 8 file formats related to CVE-2020-25540. ThinkAdmin v6 is affected by a directory traversal vulnerability. An unauthorized attacker can read arbitrarily file on a remote server via GET request encode parameter.
FIRST-EPSS: 0.967110000
NVD-IS: 3.6
NVD-ES: 3.9
ARPS-PRIORITY: 0.9130666
CVE-2020-25540
DESCRIPTION: Exploit Observer has 30 entries in 8 file formats related to CVE-2020-25540. ThinkAdmin v6 is affected by a directory traversal vulnerability. An unauthorized attacker can read arbitrarily file on a remote server via GET request encode parameter.
FIRST-EPSS: 0.967110000
NVD-IS: 3.6
NVD-ES: 3.9
ARPS-PRIORITY: 0.9130666
#ExploitObserverAlert
GHSA-p72q-h37j-3hq7
DESCRIPTION: Exploit Observer has 4 entries in 2 file formats related to GHSA-p72q-h37j-3hq7. dbt uses a SQLparse version with a high vulnerability
ARPS-PRIORITY: 0.7270876
GHSA-p72q-h37j-3hq7
DESCRIPTION: Exploit Observer has 4 entries in 2 file formats related to GHSA-p72q-h37j-3hq7. dbt uses a SQLparse version with a high vulnerability
ARPS-PRIORITY: 0.7270876
#ExploitObserverAlert
CVE-2024-31207
DESCRIPTION: Exploit Observer has 6 entries in 2 file formats related to CVE-2024-31207. Vite (French word for "quick", pronounced /vit/, like "veet") is a frontend build tooling to improve the frontend development experience.`server.fs.deny` does not deny requests for patterns with directories. This vulnerability has been patched in version(s) 5.2.6, 5.1.7, 5.0.13, 4.5.3, 3.2.10 and 2.9.18.
FIRST-EPSS: 0.000440000
ARPS-PRIORITY: 0.7244905
CVE-2024-31207
DESCRIPTION: Exploit Observer has 6 entries in 2 file formats related to CVE-2024-31207. Vite (French word for "quick", pronounced /vit/, like "veet") is a frontend build tooling to improve the frontend development experience.`server.fs.deny` does not deny requests for patterns with directories. This vulnerability has been patched in version(s) 5.2.6, 5.1.7, 5.0.13, 4.5.3, 3.2.10 and 2.9.18.
FIRST-EPSS: 0.000440000
ARPS-PRIORITY: 0.7244905
#ExploitObserverAlert
CVE-2020-27838
DESCRIPTION: Exploit Observer has 12 entries in 5 file formats related to CVE-2020-27838. A flaw was found in keycloak in versions prior to 13.0.0. The client registration endpoint allows fetching information about PUBLIC clients (like client secret) without authentication which could be an issue if the same PUBLIC client changed to CONFIDENTIAL later. The highest threat from this vulnerability is to data confidentiality.
FIRST-EPSS: 0.088000000
NVD-IS: 3.6
NVD-ES: 2.8
ARPS-PRIORITY: 0.9055936
CVE-2020-27838
DESCRIPTION: Exploit Observer has 12 entries in 5 file formats related to CVE-2020-27838. A flaw was found in keycloak in versions prior to 13.0.0. The client registration endpoint allows fetching information about PUBLIC clients (like client secret) without authentication which could be an issue if the same PUBLIC client changed to CONFIDENTIAL later. The highest threat from this vulnerability is to data confidentiality.
FIRST-EPSS: 0.088000000
NVD-IS: 3.6
NVD-ES: 2.8
ARPS-PRIORITY: 0.9055936
#ExploitObserverAlert
CVE-2023-24536
DESCRIPTION: Exploit Observer has 19 entries in 4 file formats related to CVE-2023-24536. Multipart form parsing can consume large amounts of CPU and memory when processing form inputs containing very large numbers of parts. This stems from several causes: 1. mime/multipart.Reader.ReadForm limits the total memory a parsed multipart form can consume. ReadForm can undercount the amount of memory consumed, leading it to accept larger inputs than intended. 2. Limiting total memory does not account for increased pressure on the garbage collector from large numbers of small allocations in forms with many parts. 3. ReadForm can allocate a large number of short-lived buffers, further increasing pressure on the garbage collector. The combination of these factors can permit an attacker to cause an program that parses multipart forms to consume large amounts of CPU and memory, potentially resulting in a denial of service. This affects programs that use mime/multipart.Reader.ReadForm, as well as form parsing in the net/http package with the Request methods FormFile, FormValue, ParseMultipartForm, and PostFormValue. With fix, ReadForm now does a better job of estimating the memory consumption of parsed forms, and performs many fewer short-lived allocations. In addition, the fixed mime/multipart.Reader imposes the following limits on the size of parsed forms: 1. Forms parsed with ReadForm may contain no more than 1000 parts. This limit may be adjusted with the environment variable GODEBUG=multipartmaxparts=. 2. Form parts parsed with NextPart and NextRawPart may contain no more than 10,000 header fields. In addition, forms parsed with ReadForm may contain no more than 10,000 header fields across all parts. This limit may be adjusted with the environment variable GODEBUG=multipartmaxheaders=.
FIRST-EPSS: 0.004530000
NVD-IS: 3.6
NVD-ES: 3.9
ARPS-PRIORITY: 0.7024624
CVE-2023-24536
DESCRIPTION: Exploit Observer has 19 entries in 4 file formats related to CVE-2023-24536. Multipart form parsing can consume large amounts of CPU and memory when processing form inputs containing very large numbers of parts. This stems from several causes: 1. mime/multipart.Reader.ReadForm limits the total memory a parsed multipart form can consume. ReadForm can undercount the amount of memory consumed, leading it to accept larger inputs than intended. 2. Limiting total memory does not account for increased pressure on the garbage collector from large numbers of small allocations in forms with many parts. 3. ReadForm can allocate a large number of short-lived buffers, further increasing pressure on the garbage collector. The combination of these factors can permit an attacker to cause an program that parses multipart forms to consume large amounts of CPU and memory, potentially resulting in a denial of service. This affects programs that use mime/multipart.Reader.ReadForm, as well as form parsing in the net/http package with the Request methods FormFile, FormValue, ParseMultipartForm, and PostFormValue. With fix, ReadForm now does a better job of estimating the memory consumption of parsed forms, and performs many fewer short-lived allocations. In addition, the fixed mime/multipart.Reader imposes the following limits on the size of parsed forms: 1. Forms parsed with ReadForm may contain no more than 1000 parts. This limit may be adjusted with the environment variable GODEBUG=multipartmaxparts=. 2. Form parts parsed with NextPart and NextRawPart may contain no more than 10,000 header fields. In addition, forms parsed with ReadForm may contain no more than 10,000 header fields across all parts. This limit may be adjusted with the environment variable GODEBUG=multipartmaxheaders=.
FIRST-EPSS: 0.004530000
NVD-IS: 3.6
NVD-ES: 3.9
ARPS-PRIORITY: 0.7024624
#ExploitObserverAlert
CVE-2018-18548
DESCRIPTION: Exploit Observer has 11 entries in 3 file formats related to CVE-2018-18548. ajenticp (aka Ajenti Docker control panel) for Ajenti through v1.2.23.13 has XSS via a filename that is mishandled in File Manager.
FIRST-EPSS: 0.001390000
NVD-IS: 2.7
NVD-ES: 2.8
ARPS-PRIORITY: 0.825083
CVE-2018-18548
DESCRIPTION: Exploit Observer has 11 entries in 3 file formats related to CVE-2018-18548. ajenticp (aka Ajenti Docker control panel) for Ajenti through v1.2.23.13 has XSS via a filename that is mishandled in File Manager.
FIRST-EPSS: 0.001390000
NVD-IS: 2.7
NVD-ES: 2.8
ARPS-PRIORITY: 0.825083
#ExploitObserverAlert
CVE-2024-32405
DESCRIPTION: Exploit Observer has 4 entries in 2 file formats related to CVE-2024-32405. Cross Site Scripting vulnerability in inducer relate before v.2024.1 allows a remote attacker to escalate privileges via a crafted payload to the Answer field of InlineMultiQuestion parameter on Exam function.
FIRST-EPSS: 0.000430000
ARPS-PRIORITY: 0.8062153
CVE-2024-32405
DESCRIPTION: Exploit Observer has 4 entries in 2 file formats related to CVE-2024-32405. Cross Site Scripting vulnerability in inducer relate before v.2024.1 allows a remote attacker to escalate privileges via a crafted payload to the Answer field of InlineMultiQuestion parameter on Exam function.
FIRST-EPSS: 0.000430000
ARPS-PRIORITY: 0.8062153
#ExploitObserverAlert
CVE-2021-32560
DESCRIPTION: Exploit Observer has 9 entries in 3 file formats related to CVE-2021-32560. The Logging subsystem in OctoPrint before 1.6.0 has incorrect access control because it attempts to manage files that are not *.log files.
FIRST-EPSS: 0.001180000
NVD-IS: 3.6
NVD-ES: 2.8
ARPS-PRIORITY: 0.7206923
CVE-2021-32560
DESCRIPTION: Exploit Observer has 9 entries in 3 file formats related to CVE-2021-32560. The Logging subsystem in OctoPrint before 1.6.0 has incorrect access control because it attempts to manage files that are not *.log files.
FIRST-EPSS: 0.001180000
NVD-IS: 3.6
NVD-ES: 2.8
ARPS-PRIORITY: 0.7206923
#ExploitObserverAlert
CVE-2022-25887
DESCRIPTION: Exploit Observer has 8 entries in 2 file formats related to CVE-2022-25887. The package sanitize-html before 2.7.1 are vulnerable to Regular Expression Denial of Service (ReDoS) due to insecure global regular expression replacement logic of HTML comment removal.
FIRST-EPSS: 0.001210000
NVD-IS: 3.6
NVD-ES: 3.9
ARPS-PRIORITY: 0.7187958
CVE-2022-25887
DESCRIPTION: Exploit Observer has 8 entries in 2 file formats related to CVE-2022-25887. The package sanitize-html before 2.7.1 are vulnerable to Regular Expression Denial of Service (ReDoS) due to insecure global regular expression replacement logic of HTML comment removal.
FIRST-EPSS: 0.001210000
NVD-IS: 3.6
NVD-ES: 3.9
ARPS-PRIORITY: 0.7187958
#ExploitObserverAlert
CVE-2020-25592
DESCRIPTION: Exploit Observer has 26 entries in 6 file formats related to CVE-2020-25592. In SaltStack Salt through 3002, salt-netapi improperly validates eauth credentials and tokens. A user can bypass authentication and invoke Salt SSH.
FIRST-EPSS: 0.450680000
NVD-IS: 5.9
NVD-ES: 3.9
ARPS-PRIORITY: 0.9190807
CVE-2020-25592
DESCRIPTION: Exploit Observer has 26 entries in 6 file formats related to CVE-2020-25592. In SaltStack Salt through 3002, salt-netapi improperly validates eauth credentials and tokens. A user can bypass authentication and invoke Salt SSH.
FIRST-EPSS: 0.450680000
NVD-IS: 5.9
NVD-ES: 3.9
ARPS-PRIORITY: 0.9190807
#ExploitObserverAlert
WLB-2024040058
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to WLB-2024040058. Elber Signum DVB-S/S2 IRD For Radio Networks 1.999 Authentication Bypass.
ARPS-PRIORITY: 0.8026542
WLB-2024040058
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to WLB-2024040058. Elber Signum DVB-S/S2 IRD For Radio Networks 1.999 Authentication Bypass.
ARPS-PRIORITY: 0.8026542
#ExploitObserverAlert
CVE-2022-29622
DESCRIPTION: Exploit Observer has 19 entries in 5 file formats related to CVE-2022-29622. An arbitrary file upload vulnerability in formidable v3.1.4 allows attackers to execute arbitrary code via a crafted filename. NOTE: some third parties dispute this issue because the product has common use cases in which uploading arbitrary files is the desired behavior. Also, there are configuration options in all versions that can change the default behavior of how files are handled.
FIRST-EPSS: 0.004440000
NVD-IS: 5.9
NVD-ES: 3.9
ARPS-PRIORITY: 0.7061381
CVE-2022-29622
DESCRIPTION: Exploit Observer has 19 entries in 5 file formats related to CVE-2022-29622. An arbitrary file upload vulnerability in formidable v3.1.4 allows attackers to execute arbitrary code via a crafted filename. NOTE: some third parties dispute this issue because the product has common use cases in which uploading arbitrary files is the desired behavior. Also, there are configuration options in all versions that can change the default behavior of how files are handled.
FIRST-EPSS: 0.004440000
NVD-IS: 5.9
NVD-ES: 3.9
ARPS-PRIORITY: 0.7061381
#ExploitObserverAlert
CVE-2020-27348
DESCRIPTION: Exploit Observer has 9 entries in 4 file formats related to CVE-2020-27348. In some conditions, a snap package built by snapcraft includes the current directory in LD_LIBRARY_PATH, allowing a malicious snap to gain code execution within the context of another snap if both plug the home interface or similar. This issue affects snapcraft versions prior to 4.4.4, prior to 2.43.1+16.04.1, and prior to 2.43.1+18.04.1.
FIRST-EPSS: 0.000900000
NVD-IS: 5.5
NVD-ES: 1.3
ARPS-PRIORITY: 0.7040618
CVE-2020-27348
DESCRIPTION: Exploit Observer has 9 entries in 4 file formats related to CVE-2020-27348. In some conditions, a snap package built by snapcraft includes the current directory in LD_LIBRARY_PATH, allowing a malicious snap to gain code execution within the context of another snap if both plug the home interface or similar. This issue affects snapcraft versions prior to 4.4.4, prior to 2.43.1+16.04.1, and prior to 2.43.1+18.04.1.
FIRST-EPSS: 0.000900000
NVD-IS: 5.5
NVD-ES: 1.3
ARPS-PRIORITY: 0.7040618
#ExploitObserverAlert
CVE-2020-13980
DESCRIPTION: Exploit Observer has 7 entries in 3 file formats related to CVE-2020-13980. OpenCart 3.0.3.3 allows remote authenticated users to conduct XSS attacks via a crafted filename in the users' image upload section because of a lack of entity encoding. NOTE: this issue exists because of an incomplete fix for CVE-2020-10596. The vendor states "this is not a massive issue as you are still required to be logged into the admin.
FIRST-EPSS: 0.000720000
NVD-IS: 2.7
NVD-ES: 1.7
ARPS-PRIORITY: 0.8285297
CVE-2020-13980
DESCRIPTION: Exploit Observer has 7 entries in 3 file formats related to CVE-2020-13980. OpenCart 3.0.3.3 allows remote authenticated users to conduct XSS attacks via a crafted filename in the users' image upload section because of a lack of entity encoding. NOTE: this issue exists because of an incomplete fix for CVE-2020-10596. The vendor states "this is not a massive issue as you are still required to be logged into the admin.
FIRST-EPSS: 0.000720000
NVD-IS: 2.7
NVD-ES: 1.7
ARPS-PRIORITY: 0.8285297