#ExploitObserverAlert
CVE-2022-38766
DESCRIPTION: Exploit Observer has 7 entries related to CVE-2022-38766. The remote keyless system on Renault ZOE 2021 vehicles sends 433.92 MHz RF signals from the same Rolling Codes set for each door-open request, which allows for a replay attack.
FIRST-EPSS: 0.000450000
NVD-IS: 5.2
NVD-ES: 2.8
CVE-2022-38766
DESCRIPTION: Exploit Observer has 7 entries related to CVE-2022-38766. The remote keyless system on Renault ZOE 2021 vehicles sends 433.92 MHz RF signals from the same Rolling Codes set for each door-open request, which allows for a replay attack.
FIRST-EPSS: 0.000450000
NVD-IS: 5.2
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2023-2773
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2023-2773. A vulnerability has been found in code-projects Bus Dispatch and Information System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file view_admin.php. The manipulation of the argument adminid leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-229279.
FIRST-EPSS: 0.000640000
NVD-IS: 5.9
NVD-ES: 2.8
CVE-2023-2773
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2023-2773. A vulnerability has been found in code-projects Bus Dispatch and Information System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file view_admin.php. The manipulation of the argument adminid leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-229279.
FIRST-EPSS: 0.000640000
NVD-IS: 5.9
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2021-30057
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2021-30057. A stored HTML injection vulnerability exists in Knowage Suite version 7.1. An attacker can inject arbitrary HTML in "/restful-services/2.0/analyticalDrivers" via the 'LABEL' and 'NAME' parameters.
FIRST-EPSS: 0.000580000
NVD-IS: 2.7
NVD-ES: 1.7
CVE-2021-30057
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2021-30057. A stored HTML injection vulnerability exists in Knowage Suite version 7.1. An attacker can inject arbitrary HTML in "/restful-services/2.0/analyticalDrivers" via the 'LABEL' and 'NAME' parameters.
FIRST-EPSS: 0.000580000
NVD-IS: 2.7
NVD-ES: 1.7
#ExploitObserverAlert
CVE-2000-0507
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2000-0507. Imate Webmail Server 2.5 allows remote attackers to cause a denial of service via a long HELO command.
FIRST-EPSS: 0.031470000
NVD-IS: 2.9
NVD-ES: 10.0
CVE-2000-0507
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2000-0507. Imate Webmail Server 2.5 allows remote attackers to cause a denial of service via a long HELO command.
FIRST-EPSS: 0.031470000
NVD-IS: 2.9
NVD-ES: 10.0
#ExploitObserverAlert
CVE-2023-21109
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2023-21109. In multiple places of AccessibilityService, there is a possible way to hide the app from the user due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-261589597
FIRST-EPSS: 0.000420000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2023-21109
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2023-21109. In multiple places of AccessibilityService, there is a possible way to hide the app from the user due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-261589597
FIRST-EPSS: 0.000420000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2023-2479
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2023-2479. OS Command Injection in GitHub repository appium/appium-desktop prior to v1.22.3-4.
FIRST-EPSS: 0.961880000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2023-2479
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2023-2479. OS Command Injection in GitHub repository appium/appium-desktop prior to v1.22.3-4.
FIRST-EPSS: 0.961880000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2023-32434
DESCRIPTION: Exploit Observer has 14 entries related to CVE-2023-32434. An integer overflow was addressed with improved input validation. This issue is fixed in watchOS 9.5.2, macOS Big Sur 11.7.8, iOS 15.7.7 and iPadOS 15.7.7, macOS Monterey 12.6.7, watchOS 8.8.1, iOS 16.5.1 and iPadOS 16.5.1, macOS Ventura 13.4.1. An app may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.7.
FIRST-EPSS: 0.000730000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2023-32434
DESCRIPTION: Exploit Observer has 14 entries related to CVE-2023-32434. An integer overflow was addressed with improved input validation. This issue is fixed in watchOS 9.5.2, macOS Big Sur 11.7.8, iOS 15.7.7 and iPadOS 15.7.7, macOS Monterey 12.6.7, watchOS 8.8.1, iOS 16.5.1 and iPadOS 16.5.1, macOS Ventura 13.4.1. An app may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.7.
FIRST-EPSS: 0.000730000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2023-38817
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2023-38817. An issue in Inspect Element Ltd Echo.ac v.5.2.1.0 allows a local attacker to gain privileges via a crafted command to the echo_driver.sys component. NOTE: the vendor's position is that the reported ability for user-mode applications to execute code as NT AUTHORITY\SYSTEM was "deactivated by Microsoft itself."
FIRST-EPSS: 0.000420000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2023-38817
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2023-38817. An issue in Inspect Element Ltd Echo.ac v.5.2.1.0 allows a local attacker to gain privileges via a crafted command to the echo_driver.sys component. NOTE: the vendor's position is that the reported ability for user-mode applications to execute code as NT AUTHORITY\SYSTEM was "deactivated by Microsoft itself."
FIRST-EPSS: 0.000420000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2023-30399
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2023-30399. Insecure permissions in the settings page of GARO Wallbox GLB/GTB/GTC before v189 allows attackers to redirect users to a crafted update package link via a man-in-the-middle attack.
FIRST-EPSS: 0.000620000
NVD-IS: 5.9
NVD-ES: 2.2
CVE-2023-30399
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2023-30399. Insecure permissions in the settings page of GARO Wallbox GLB/GTB/GTC before v189 allows attackers to redirect users to a crafted update package link via a man-in-the-middle attack.
FIRST-EPSS: 0.000620000
NVD-IS: 5.9
NVD-ES: 2.2
#ExploitObserverAlert
CVE-2023-49103
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2023-49103. An issue was discovered in ownCloud owncloud/graphapi 0.2.x before 0.2.1 and 0.3.x before 0.3.1. The graphapi app relies on a third-party GetPhpInfo.php library that provides a URL. When this URL is accessed, it reveals the configuration details of the PHP environment (phpinfo). This information includes all the environment variables of the webserver. In containerized deployments, these environment variables may include sensitive data such as the ownCloud admin password, mail server credentials, and license key. Simply disabling the graphapi app does not eliminate the vulnerability. Additionally, phpinfo exposes various other potentially sensitive configuration details that could be exploited by an attacker to gather information about the system. Therefore, even if ownCloud is not running in a containerized environment, this vulnerability should still be a cause for concern. Note that Docker containers from before February 2023 are not vulnerable to the credential disclosure.
FIRST-EPSS: 0.000430000
CVE-2023-49103
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2023-49103. An issue was discovered in ownCloud owncloud/graphapi 0.2.x before 0.2.1 and 0.3.x before 0.3.1. The graphapi app relies on a third-party GetPhpInfo.php library that provides a URL. When this URL is accessed, it reveals the configuration details of the PHP environment (phpinfo). This information includes all the environment variables of the webserver. In containerized deployments, these environment variables may include sensitive data such as the ownCloud admin password, mail server credentials, and license key. Simply disabling the graphapi app does not eliminate the vulnerability. Additionally, phpinfo exposes various other potentially sensitive configuration details that could be exploited by an attacker to gather information about the system. Therefore, even if ownCloud is not running in a containerized environment, this vulnerability should still be a cause for concern. Note that Docker containers from before February 2023 are not vulnerable to the credential disclosure.
FIRST-EPSS: 0.000430000
#ExploitObserverAlert
CVE-2023-29389
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2023-29389. Toyota RAV4 2021 vehicles automatically trust messages from other ECUs on a CAN bus, which allows physically proximate attackers to drive a vehicle by accessing the control CAN bus after pulling the bumper away and reaching the headlight connector, and then sending forged "Key is validated" messages via CAN Injection, as exploited in the wild in (for example) July 2022.
FIRST-EPSS: 0.000530000
NVD-IS: 5.9
NVD-ES: 0.9
CVE-2023-29389
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2023-29389. Toyota RAV4 2021 vehicles automatically trust messages from other ECUs on a CAN bus, which allows physically proximate attackers to drive a vehicle by accessing the control CAN bus after pulling the bumper away and reaching the headlight connector, and then sending forged "Key is validated" messages via CAN Injection, as exploited in the wild in (for example) July 2022.
FIRST-EPSS: 0.000530000
NVD-IS: 5.9
NVD-ES: 0.9
#ExploitObserverAlert
CVE-2023-23932
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-23932. OpenDDS is an open source C implementation of the Object Management Group (OMG) Data Distribution Service (DDS). OpenDDS applications that are exposed to untrusted RTPS network traffic may crash when parsing badly-formed input. This issue has been patched in version 3.23.1.
FIRST-EPSS: 0.000440000
NVD-IS: 3.6
NVD-ES: 3.9
CVE-2023-23932
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-23932. OpenDDS is an open source C implementation of the Object Management Group (OMG) Data Distribution Service (DDS). OpenDDS applications that are exposed to untrusted RTPS network traffic may crash when parsing badly-formed input. This issue has been patched in version 3.23.1.
FIRST-EPSS: 0.000440000
NVD-IS: 3.6
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2023-30581
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2023-30581. The use of __proto__ in process.mainModule.__proto__.require() can bypass the policy mechanism and require modules outside of the policy.json definition. This vulnerability affects all users using the experimental policy mechanism in all active release lines: v16, v18 and, v20. Please note that at the time this CVE was issued, the policy is an experimental feature of Node.js
FIRST-EPSS: 0.000430000
CVE-2023-30581
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2023-30581. The use of __proto__ in process.mainModule.__proto__.require() can bypass the policy mechanism and require modules outside of the policy.json definition. This vulnerability affects all users using the experimental policy mechanism in all active release lines: v16, v18 and, v20. Please note that at the time this CVE was issued, the policy is an experimental feature of Node.js
FIRST-EPSS: 0.000430000
#ExploitObserverAlert
CVE-2019-17564
DESCRIPTION: Exploit Observer has 37 entries related to CVE-2019-17564. Unsafe deserialization occurs within a Dubbo application which has HTTP remoting enabled. An attacker may submit a POST request with a Java object in it to completely compromise a Provider instance of Apache Dubbo, if this instance enables HTTP. This issue affected Apache Dubbo 2.7.0 to 2.7.4, 2.6.0 to 2.6.7, and all 2.5.x versions.
FIRST-EPSS: 0.029430000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2019-17564
DESCRIPTION: Exploit Observer has 37 entries related to CVE-2019-17564. Unsafe deserialization occurs within a Dubbo application which has HTTP remoting enabled. An attacker may submit a POST request with a Java object in it to completely compromise a Provider instance of Apache Dubbo, if this instance enables HTTP. This issue affected Apache Dubbo 2.7.0 to 2.7.4, 2.6.0 to 2.6.7, and all 2.5.x versions.
FIRST-EPSS: 0.029430000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2023-21839
DESCRIPTION: Exploit Observer has 57 entries related to CVE-2023-21839. Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3, IIOP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle WebLogic Server accessible data. CVSS 3.1 Base Score 7.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).
FIRST-EPSS: 0.956630000
NVD-IS: 3.6
NVD-ES: 3.9
CVE-2023-21839
DESCRIPTION: Exploit Observer has 57 entries related to CVE-2023-21839. Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3, IIOP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle WebLogic Server accessible data. CVSS 3.1 Base Score 7.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).
FIRST-EPSS: 0.956630000
NVD-IS: 3.6
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2023-20911
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-20911. In addPermission of PermissionManagerServiceImpl.java , there is a possible failure to persist permission settings due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-242537498
FIRST-EPSS: 0.000420000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2023-20911
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-20911. In addPermission of PermissionManagerServiceImpl.java , there is a possible failure to persist permission settings due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-242537498
FIRST-EPSS: 0.000420000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2021-24388
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2021-24388. In the VikRentCar Car Rental Management System WordPress plugin before 1.1.7, there is a custom filed option by which we can manage all the fields that the users will have to fill in before saving the order. However, the field name is not sanitised or escaped before being output back in the page, leading to a stored Cross-Site Scripting issue. There is also no CSRF check done before saving the setting, allowing attackers to make a logged in admin set arbitrary Custom Fields, including one with XSS payload in it.
FIRST-EPSS: 0.000530000
NVD-IS: 2.7
NVD-ES: 2.3
CVE-2021-24388
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2021-24388. In the VikRentCar Car Rental Management System WordPress plugin before 1.1.7, there is a custom filed option by which we can manage all the fields that the users will have to fill in before saving the order. However, the field name is not sanitised or escaped before being output back in the page, leading to a stored Cross-Site Scripting issue. There is also no CSRF check done before saving the setting, allowing attackers to make a logged in admin set arbitrary Custom Fields, including one with XSS payload in it.
FIRST-EPSS: 0.000530000
NVD-IS: 2.7
NVD-ES: 2.3
#ExploitObserverAlert
CVE-2021-30056
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2021-30056. Knowage Suite before 7.4 is vulnerable to reflected cross-site scripting (XSS). An attacker can inject arbitrary web script in /restful-services/publish via the 'EXEC_FROM' parameter that can lead to data leakage.
FIRST-EPSS: 0.000580000
NVD-IS: 2.7
NVD-ES: 2.3
CVE-2021-30056
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2021-30056. Knowage Suite before 7.4 is vulnerable to reflected cross-site scripting (XSS). An attacker can inject arbitrary web script in /restful-services/publish via the 'EXEC_FROM' parameter that can lead to data leakage.
FIRST-EPSS: 0.000580000
NVD-IS: 2.7
NVD-ES: 2.3
#ExploitObserverAlert
CVE-2022-22808
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2022-22808. A CWE-352: Cross-Site Request Forgery (CSRF) exists that could cause a remote attacker to gain unauthorized access to the product when conducting cross-domain attacks based on same-origin policy or cross-site request forgery protections bypass. Affected Product: EcoStruxure EV Charging Expert (formerly known as EVlink Load Management System): (HMIBSCEA53D1EDB, HMIBSCEA53D1EDS, HMIBSCEA53D1EDM, HMIBSCEA53D1EDL, HMIBSCEA53D1ESS, HMIBSCEA53D1ESM, HMIBSCEA53D1EML) (All Versions prior to SP8 (Version 01) V4.0.0.13)
FIRST-EPSS: 0.001070000
NVD-IS: 5.9
NVD-ES: 2.8
CVE-2022-22808
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2022-22808. A CWE-352: Cross-Site Request Forgery (CSRF) exists that could cause a remote attacker to gain unauthorized access to the product when conducting cross-domain attacks based on same-origin policy or cross-site request forgery protections bypass. Affected Product: EcoStruxure EV Charging Expert (formerly known as EVlink Load Management System): (HMIBSCEA53D1EDB, HMIBSCEA53D1EDS, HMIBSCEA53D1EDM, HMIBSCEA53D1EDL, HMIBSCEA53D1ESS, HMIBSCEA53D1ESM, HMIBSCEA53D1EML) (All Versions prior to SP8 (Version 01) V4.0.0.13)
FIRST-EPSS: 0.001070000
NVD-IS: 5.9
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2023-33281
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2023-33281. The remote keyfob system on Nissan Sylphy Classic 2021 sends the same RF signal for each door-open request, which allows for a replay attack. NOTE: the vendor's position is that this cannot be reproduced with genuine Nissan parts: for example, the combination of keyfob and door handle shown in the exploit demonstration does not match any technology that Nissan provides to customers.
FIRST-EPSS: 0.000460000
NVD-IS: 3.6
NVD-ES: 2.8
CVE-2023-33281
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2023-33281. The remote keyfob system on Nissan Sylphy Classic 2021 sends the same RF signal for each door-open request, which allows for a replay attack. NOTE: the vendor's position is that this cannot be reproduced with genuine Nissan parts: for example, the combination of keyfob and door handle shown in the exploit demonstration does not match any technology that Nissan provides to customers.
FIRST-EPSS: 0.000460000
NVD-IS: 3.6
NVD-ES: 2.8
#ExploitObserverAlert
GHSA-xqv7-xc39-ph8v
DESCRIPTION: Exploit Observer has 1 entries related to GHSA-XQV7-XC39-PH8V. This High severity RCE (Remote Code Execution) vulnerability was introduced in versions 8.1.0, 8.2.0, 9.0.0, 9.1.0, 9.2.0, and 9.3.0 of Bamboo Data Center and Server.
GHSS: 8.5
GHSA-xqv7-xc39-ph8v
DESCRIPTION: Exploit Observer has 1 entries related to GHSA-XQV7-XC39-PH8V. This High severity RCE (Remote Code Execution) vulnerability was introduced in versions 8.1.0, 8.2.0, 9.0.0, 9.1.0, 9.2.0, and 9.3.0 of Bamboo Data Center and Server.
GHSS: 8.5