#ExploitObserverAlert
CVE-2023-38646
DESCRIPTION: Exploit Observer has 76 entries related to CVE-2023-38646. Metabase open source before 0.46.6.1 and Metabase Enterprise before 1.46.6.1 allow attackers to execute arbitrary commands on the server, at the server's privilege level. Authentication is not required for exploitation. The other fixed versions are 0.45.4.1, 1.45.4.1, 0.44.7.1, 1.44.7.1, 0.43.7.2, and 1.43.7.2.
FIRST-EPSS: 0.604450000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2023-38646
DESCRIPTION: Exploit Observer has 76 entries related to CVE-2023-38646. Metabase open source before 0.46.6.1 and Metabase Enterprise before 1.46.6.1 allow attackers to execute arbitrary commands on the server, at the server's privilege level. Authentication is not required for exploitation. The other fixed versions are 0.45.4.1, 1.45.4.1, 0.44.7.1, 1.44.7.1, 0.43.7.2, and 1.43.7.2.
FIRST-EPSS: 0.604450000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2023-33009
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2023-33009. A buffer overflow vulnerability in the notification function in Zyxel ATP series firmware versions 4.60 through 5.36 Patch 1, USG FLEX series firmware versions 4.60 through 5.36 Patch 1, USG FLEX 50(W) firmware versions 4.60 through 5.36 Patch 1, USG20(W)-VPN firmware versions 4.60 through 5.36 Patch 1, VPN series firmware versions 4.60 through 5.36 Patch 1, ZyWALL/USG series firmware versions 4.60 through 4.73 Patch 1, could allow an unauthenticated attacker to cause denial-of-service (DoS) conditions and even a remote code execution on an affected device.
FIRST-EPSS: 0.028100000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2023-33009
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2023-33009. A buffer overflow vulnerability in the notification function in Zyxel ATP series firmware versions 4.60 through 5.36 Patch 1, USG FLEX series firmware versions 4.60 through 5.36 Patch 1, USG FLEX 50(W) firmware versions 4.60 through 5.36 Patch 1, USG20(W)-VPN firmware versions 4.60 through 5.36 Patch 1, VPN series firmware versions 4.60 through 5.36 Patch 1, ZyWALL/USG series firmware versions 4.60 through 4.73 Patch 1, could allow an unauthenticated attacker to cause denial-of-service (DoS) conditions and even a remote code execution on an affected device.
FIRST-EPSS: 0.028100000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2023-47246
DESCRIPTION: Exploit Observer has 9 entries related to CVE-2023-47246. In SysAid On-Premise before 23.3.36, a path traversal vulnerability leads to code execution after an attacker writes a file to the Tomcat webroot, as exploited in the wild in November 2023.
FIRST-EPSS: 0.667970000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2023-47246
DESCRIPTION: Exploit Observer has 9 entries related to CVE-2023-47246. In SysAid On-Premise before 23.3.36, a path traversal vulnerability leads to code execution after an attacker writes a file to the Tomcat webroot, as exploited in the wild in November 2023.
FIRST-EPSS: 0.667970000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2023-27997
DESCRIPTION: Exploit Observer has 58 entries related to CVE-2023-27997. A heap-based buffer overflow vulnerability [CWE-122] in FortiOS version 7.2.4 and below, version 7.0.11 and below, version 6.4.12 and below, version 6.0.16 and below and FortiProxy version 7.2.3 and below, version 7.0.9 and below, version 2.0.12 and below, version 1.2 all versions, version 1.1 all versions SSL-VPN may allow a remote attacker to execute arbitrary code or commands via specifically crafted requests.
FIRST-EPSS: 0.154070000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2023-27997
DESCRIPTION: Exploit Observer has 58 entries related to CVE-2023-27997. A heap-based buffer overflow vulnerability [CWE-122] in FortiOS version 7.2.4 and below, version 7.0.11 and below, version 6.4.12 and below, version 6.0.16 and below and FortiProxy version 7.2.3 and below, version 7.0.9 and below, version 2.0.12 and below, version 1.2 all versions, version 1.1 all versions SSL-VPN may allow a remote attacker to execute arbitrary code or commands via specifically crafted requests.
FIRST-EPSS: 0.154070000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2023-35078
DESCRIPTION: Exploit Observer has 34 entries related to CVE-2023-35078. Ivanti Endpoint Manager Mobile (EPMM), formerly MobileIron Core, through 11.10 allows remote attackers to obtain PII, add an administrative account, and change the configuration because of an authentication bypass, as exploited in the wild in July 2023. A patch is available.
FIRST-EPSS: 0.964440000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2023-35078
DESCRIPTION: Exploit Observer has 34 entries related to CVE-2023-35078. Ivanti Endpoint Manager Mobile (EPMM), formerly MobileIron Core, through 11.10 allows remote attackers to obtain PII, add an administrative account, and change the configuration because of an authentication bypass, as exploited in the wild in July 2023. A patch is available.
FIRST-EPSS: 0.964440000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2023-22516
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-22516. This High severity RCE (Remote Code Execution) vulnerability was introduced in versions 8.1.0, 8.2.0, 9.0.0, 9.1.0, 9.2.0, and 9.3.0 of Bamboo Data Center and Server. This RCE (Remote Code Execution) vulnerability, with a CVSS Score of 8.5, allows an authenticated attacker to execute arbitrary code which has high impact to confidentiality, high impact to integrity, high impact to availability, and requires no user interaction. Atlassian recommends that Bamboo Data Center and Server customers upgrade to latest version, if you are unable to do so, upgrade your instance to one of the specified supported fixed versions: Bamboo Data Center and Server 9.2: Upgrade to a release greater than or equal to 9.2.7. JDK 1.8u121 should be used in case Java 8 used to run Bamboo Data Center and Server. See Bamboo 9.2 Upgrade notes (https://confluence.atlassian.com/bambooreleases/bamboo-9-2-upgrade-notes-1207179212.html) Bamboo Data Center and Server 9.3: Upgrade to a release greater than or equal to 9.3.4 See the release notes ([https://confluence.atlassian.com/bambooreleases/bamboo-release-notes-1189793869.html]). You can download the latest version of Bamboo Data Center and Server from the download center ([https://www.atlassian.com/software/bamboo/download-archives]). This vulnerability was discovered by a private user and reported via our Bug Bounty program
FIRST-EPSS: 0.000530000
CVE-2023-22516
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-22516. This High severity RCE (Remote Code Execution) vulnerability was introduced in versions 8.1.0, 8.2.0, 9.0.0, 9.1.0, 9.2.0, and 9.3.0 of Bamboo Data Center and Server. This RCE (Remote Code Execution) vulnerability, with a CVSS Score of 8.5, allows an authenticated attacker to execute arbitrary code which has high impact to confidentiality, high impact to integrity, high impact to availability, and requires no user interaction. Atlassian recommends that Bamboo Data Center and Server customers upgrade to latest version, if you are unable to do so, upgrade your instance to one of the specified supported fixed versions: Bamboo Data Center and Server 9.2: Upgrade to a release greater than or equal to 9.2.7. JDK 1.8u121 should be used in case Java 8 used to run Bamboo Data Center and Server. See Bamboo 9.2 Upgrade notes (https://confluence.atlassian.com/bambooreleases/bamboo-9-2-upgrade-notes-1207179212.html) Bamboo Data Center and Server 9.3: Upgrade to a release greater than or equal to 9.3.4 See the release notes ([https://confluence.atlassian.com/bambooreleases/bamboo-release-notes-1189793869.html]). You can download the latest version of Bamboo Data Center and Server from the download center ([https://www.atlassian.com/software/bamboo/download-archives]). This vulnerability was discovered by a private user and reported via our Bug Bounty program
FIRST-EPSS: 0.000530000
#ExploitObserverAlert
GHSA-m4mp-v249-x3mh
DESCRIPTION: Exploit Observer has 85 entries related to GHSA-M4MP-V249-X3MH. When a HTTP/2 stream was reset (RST frame) by a client, there was a time window were the request's memory resources were not reclaimed immediately. Instead, de-allocation was deferred to connection close. A client could send new requests and resets, keeping the connection busy and open and causing the memory footprint to keep on growing. On connection close, all resources were reclaimed, but the process might run out of memory before that.
GHSS: 5.9
GHSA-m4mp-v249-x3mh
DESCRIPTION: Exploit Observer has 85 entries related to GHSA-M4MP-V249-X3MH. When a HTTP/2 stream was reset (RST frame) by a client, there was a time window were the request's memory resources were not reclaimed immediately. Instead, de-allocation was deferred to connection close. A client could send new requests and resets, keeping the connection busy and open and causing the memory footprint to keep on growing. On connection close, all resources were reclaimed, but the process might run out of memory before that.
GHSS: 5.9
#ExploitObserverAlert
CVE-2023-47359
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-47359. Videolan VLC prior to version 3.0.20 contains an incorrect offset read that leads to a Heap-Based Buffer Overflow in function GetPacket() and results in a memory corruption.
FIRST-EPSS: 0.000870000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2023-47359
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-47359. Videolan VLC prior to version 3.0.20 contains an incorrect offset read that leads to a Heap-Based Buffer Overflow in function GetPacket() and results in a memory corruption.
FIRST-EPSS: 0.000870000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2023-22521
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-22521. This High severity RCE (Remote Code Execution) vulnerability was introduced in version 3.4.6 of Crowd Data Center and Server. This RCE (Remote Code Execution) vulnerability, with a CVSS Score of 8.0, allows an authenticated attacker to execute arbitrary code which has high impact to confidentiality, high impact to integrity, high impact to availability, and requires no user interaction. Atlassian recommends that Crowd Data Center and Server customers upgrade to latest version, if you are unable to do so, upgrade your instance to one of the specified supported fixed versions: Crowd Data Center and Server 3.4: Upgrade to a release greater than or equal to 5.1.6 Crowd Data Center and Server 5.2: Upgrade to a release greater than or equal to 5.2.1 See the release notes ([https://confluence.atlassian.com/crowd/crowd-release-notes-199094.html]). You can download the latest version of Crowd Data Center and Server from the download center ([https://www.atlassian.com/software/crowd/download-archive]). This vulnerability was discovered by m1sn0w and reported via our Bug Bounty program
FIRST-EPSS: 0.000530000
CVE-2023-22521
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-22521. This High severity RCE (Remote Code Execution) vulnerability was introduced in version 3.4.6 of Crowd Data Center and Server. This RCE (Remote Code Execution) vulnerability, with a CVSS Score of 8.0, allows an authenticated attacker to execute arbitrary code which has high impact to confidentiality, high impact to integrity, high impact to availability, and requires no user interaction. Atlassian recommends that Crowd Data Center and Server customers upgrade to latest version, if you are unable to do so, upgrade your instance to one of the specified supported fixed versions: Crowd Data Center and Server 3.4: Upgrade to a release greater than or equal to 5.1.6 Crowd Data Center and Server 5.2: Upgrade to a release greater than or equal to 5.2.1 See the release notes ([https://confluence.atlassian.com/crowd/crowd-release-notes-199094.html]). You can download the latest version of Crowd Data Center and Server from the download center ([https://www.atlassian.com/software/crowd/download-archive]). This vulnerability was discovered by m1sn0w and reported via our Bug Bounty program
FIRST-EPSS: 0.000530000
#ExploitObserverAlert
CVE-2023-39796
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-39796. SQL injection vulnerability in the miniform module in WBCE CMS v.1.6.0 allows remote unauthenticated attacker to execute arbitrary code via the DB_RECORD_TABLE parameter.
FIRST-EPSS: 0.001370000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2023-39796
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-39796. SQL injection vulnerability in the miniform module in WBCE CMS v.1.6.0 allows remote unauthenticated attacker to execute arbitrary code via the DB_RECORD_TABLE parameter.
FIRST-EPSS: 0.001370000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2023-45573
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-45573. Buffer Overflow vulnerability in D-Link device DI-7003GV2.D1 v.23.08.25D1 and before, DI-7100G V2.D1 v.23.08.23D1 and before, DI-7100GV2.D1 v.23.08.23D1, DI-7200G V2.D1 v.23.08.23D1 and before, DI-7200GV2.E1 v.23.08.23E1 and before, DI-7300G V2.D1 v.23.08.23D1, and DI-7400G V2.D1 v.23.08.23D1 and before allows a remote attacker to execute arbitrary code via the n parameter of the mrclfile_del.asp function.
FIRST-EPSS: 0.002020000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2023-45573
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-45573. Buffer Overflow vulnerability in D-Link device DI-7003GV2.D1 v.23.08.25D1 and before, DI-7100G V2.D1 v.23.08.23D1 and before, DI-7100GV2.D1 v.23.08.23D1, DI-7200G V2.D1 v.23.08.23D1 and before, DI-7200GV2.E1 v.23.08.23E1 and before, DI-7300G V2.D1 v.23.08.23D1, and DI-7400G V2.D1 v.23.08.23D1 and before allows a remote attacker to execute arbitrary code via the n parameter of the mrclfile_del.asp function.
FIRST-EPSS: 0.002020000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
GHSA-m6fg-m377-682m
DESCRIPTION: Exploit Observer has 1 entries related to GHSA-M6FG-M377-682M. This High severity RCE (Remote Code Execution) vulnerability was introduced in version 3.4.6 of Crowd Data Center and Server.
GHSS: 8.0
GHSA-m6fg-m377-682m
DESCRIPTION: Exploit Observer has 1 entries related to GHSA-M6FG-M377-682M. This High severity RCE (Remote Code Execution) vulnerability was introduced in version 3.4.6 of Crowd Data Center and Server.
GHSS: 8.0
#ExploitObserverAlert
GHSA-5rc2-w7v5-6rgm
DESCRIPTION: Exploit Observer has 15 entries related to GHSA-5RC2-W7V5-6RGM. An issue was discovered in docker-kong (for Kong) through 2.0.3. The admin API port may be accessible on interfaces other than 127.0.0.1.
GHSA-5rc2-w7v5-6rgm
DESCRIPTION: Exploit Observer has 15 entries related to GHSA-5RC2-W7V5-6RGM. An issue was discovered in docker-kong (for Kong) through 2.0.3. The admin API port may be accessible on interfaces other than 127.0.0.1.
#ExploitObserverAlert
CVE-2023-46847
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-46847. Squid is vulnerable to a Denial of Service, where a remote attacker can perform buffer overflow attack by writing up to 2 MB of arbitrary data to heap memory when Squid is configured to accept HTTP Digest Authentication.
FIRST-EPSS: 0.062290000
NVD-IS: 3.6
NVD-ES: 3.9
CVE-2023-46847
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-46847. Squid is vulnerable to a Denial of Service, where a remote attacker can perform buffer overflow attack by writing up to 2 MB of arbitrary data to heap memory when Squid is configured to accept HTTP Digest Authentication.
FIRST-EPSS: 0.062290000
NVD-IS: 3.6
NVD-ES: 3.9
#ExploitObserverAlert
GHSA-7qmp-rw6c-f6vw
DESCRIPTION: Exploit Observer has 1 entries related to GHSA-7QMP-RW6C-F6VW. Buffer Overflow vulnerability in DI-7003GV2.D1 v.23.08.25D1 and before, DI-7100G V2.D1 v.23.08.23D1 and before, DI-7100GV2.D1 v.23.08.23D1, DI-7200G V2.D1 v.23.08.23D1 and before, DI-7200GV2.E1 v.23.08.23E1 and before, DI-7300G V2.D1 v.23.08.23D1, and DI-7400G V2.D1 v.23.08.23D1 and before allows a remote attacker to execute arbitrary code via the wild/mx parameter of the ddns.asp function.
GHSS: 9.8
GHSA-7qmp-rw6c-f6vw
DESCRIPTION: Exploit Observer has 1 entries related to GHSA-7QMP-RW6C-F6VW. Buffer Overflow vulnerability in DI-7003GV2.D1 v.23.08.25D1 and before, DI-7100G V2.D1 v.23.08.23D1 and before, DI-7100GV2.D1 v.23.08.23D1, DI-7200G V2.D1 v.23.08.23D1 and before, DI-7200GV2.E1 v.23.08.23E1 and before, DI-7300G V2.D1 v.23.08.23D1, and DI-7400G V2.D1 v.23.08.23D1 and before allows a remote attacker to execute arbitrary code via the wild/mx parameter of the ddns.asp function.
GHSS: 9.8
#ExploitObserverAlert
CVE-2023-36560
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-36560. ASP.NET Security Feature Bypass Vulnerability
FIRST-EPSS: 0.000720000
NVD-IS: 5.9
NVD-ES: 2.8
CVE-2023-36560
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-36560. ASP.NET Security Feature Bypass Vulnerability
FIRST-EPSS: 0.000720000
NVD-IS: 5.9
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2023-22958
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-22958. The Syracom Secure Login plugin before 3.1.1.0 for Jira may allow spoofing of 2FA PIN validation via the plugins/servlet/twofactor/public/pinvalidation target parameter.
FIRST-EPSS: 0.000460000
NVD-IS: 2.7
NVD-ES: 2.8
CVE-2023-22958
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-22958. The Syracom Secure Login plugin before 3.1.1.0 for Jira may allow spoofing of 2FA PIN validation via the plugins/servlet/twofactor/public/pinvalidation target parameter.
FIRST-EPSS: 0.000460000
NVD-IS: 2.7
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2020-1948
DESCRIPTION: Exploit Observer has 29 entries related to CVE-2020-1948. This vulnerability can affect all Dubbo users stay on version 2.7.6 or lower. An attacker can send RPC requests with unrecognized service name or method name along with some malicious parameter payloads. When the malicious parameter is deserialized, it will execute some malicious code. More details can be found below.
FIRST-EPSS: 0.004080000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2020-1948
DESCRIPTION: Exploit Observer has 29 entries related to CVE-2020-1948. This vulnerability can affect all Dubbo users stay on version 2.7.6 or lower. An attacker can send RPC requests with unrecognized service name or method name along with some malicious parameter payloads. When the malicious parameter is deserialized, it will execute some malicious code. More details can be found below.
FIRST-EPSS: 0.004080000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2019-11358
DESCRIPTION: Exploit Observer has 3662 entries related to CVE-2019-11358. jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.
FIRST-EPSS: 0.029520000
NVD-IS: 2.7
NVD-ES: 2.8
CVE-2019-11358
DESCRIPTION: Exploit Observer has 3662 entries related to CVE-2019-11358. jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.
FIRST-EPSS: 0.029520000
NVD-IS: 2.7
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2018-8120
DESCRIPTION: Exploit Observer has 106 entries related to CVE-2018-8120. An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka "Win32k Elevation of Privilege Vulnerability." This affects Windows Server 2008, Windows 7, Windows Server 2008 R2. This CVE ID is unique from CVE-2018-8124, CVE-2018-8164, CVE-2018-8166.
FIRST-EPSS: 0.974300000
NVD-IS: 5.9
NVD-ES: 1.0
CVE-2018-8120
DESCRIPTION: Exploit Observer has 106 entries related to CVE-2018-8120. An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka "Win32k Elevation of Privilege Vulnerability." This affects Windows Server 2008, Windows 7, Windows Server 2008 R2. This CVE ID is unique from CVE-2018-8124, CVE-2018-8164, CVE-2018-8166.
FIRST-EPSS: 0.974300000
NVD-IS: 5.9
NVD-ES: 1.0
#ExploitObserverAlert
CVE-2022-48363
DESCRIPTION: Exploit Observer has 5 entries related to CVE-2022-48363. In MPD before 0.23.8, as used on Automotive Grade Linux and other platforms, the PipeWire output plugin mishandles a Drain call in certain situations involving truncated files. Eventually there is an assertion failure in libmpdclient because libqtappfw passes in a NULL pointer.
FIRST-EPSS: 0.000520000
NVD-IS: 3.6
NVD-ES: 3.9
CVE-2022-48363
DESCRIPTION: Exploit Observer has 5 entries related to CVE-2022-48363. In MPD before 0.23.8, as used on Automotive Grade Linux and other platforms, the PipeWire output plugin mishandles a Drain call in certain situations involving truncated files. Eventually there is an assertion failure in libmpdclient because libqtappfw passes in a NULL pointer.
FIRST-EPSS: 0.000520000
NVD-IS: 3.6
NVD-ES: 3.9