#ExploitObserverAlert
CVE-2022-4386
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2022-4386. The Intuitive Custom Post Order WordPress plugin before 3.1.4 lacks CSRF protection in its update-menu-order ajax action, allowing an attacker to trick any user to change the menu order via a CSRF attack
FIRST-EPSS: 0.000460000
NVD-IS: 1.4
NVD-ES: 2.8
CVE-2022-4386
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2022-4386. The Intuitive Custom Post Order WordPress plugin before 3.1.4 lacks CSRF protection in its update-menu-order ajax action, allowing an attacker to trick any user to change the menu order via a CSRF attack
FIRST-EPSS: 0.000460000
NVD-IS: 1.4
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2021-40752
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2021-40752. Adobe After Effects version 18.4 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious .m4a file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required in that the victim must open a specially crafted file to exploit this vulnerability.
FIRST-EPSS: 0.001550000
NVD-IS: 10.0
NVD-ES: 8.6
CVE-2021-40752
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2021-40752. Adobe After Effects version 18.4 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious .m4a file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required in that the victim must open a specially crafted file to exploit this vulnerability.
FIRST-EPSS: 0.001550000
NVD-IS: 10.0
NVD-ES: 8.6
#ExploitObserverAlert
CVE-2023-47246
DESCRIPTION: Exploit Observer has 11 entries related to CVE-2023-47246. In SysAid On-Premise before 23.3.36, a path traversal vulnerability leads to code execution after an attacker writes a file to the Tomcat webroot, as exploited in the wild in November 2023.
FIRST-EPSS: 0.667970000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2023-47246
DESCRIPTION: Exploit Observer has 11 entries related to CVE-2023-47246. In SysAid On-Premise before 23.3.36, a path traversal vulnerability leads to code execution after an attacker writes a file to the Tomcat webroot, as exploited in the wild in November 2023.
FIRST-EPSS: 0.667970000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2021-46784
DESCRIPTION: Exploit Observer has 8 entries related to CVE-2021-46784. In Squid 3.x through 3.5.28, 4.x through 4.17, and 5.x before 5.6, due to improper buffer management, a Denial of Service can occur when processing long Gopher server responses.
FIRST-EPSS: 0.015450000
NVD-IS: 3.6
NVD-ES: 2.8
CVE-2021-46784
DESCRIPTION: Exploit Observer has 8 entries related to CVE-2021-46784. In Squid 3.x through 3.5.28, 4.x through 4.17, and 5.x before 5.6, due to improper buffer management, a Denial of Service can occur when processing long Gopher server responses.
FIRST-EPSS: 0.015450000
NVD-IS: 3.6
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2022-25614
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2022-25614. Cross-Site Request Forgery (CSRF) in StylemixThemes eRoom – Zoom Meetings
CVE-2022-25614
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2022-25614. Cross-Site Request Forgery (CSRF) in StylemixThemes eRoom – Zoom Meetings
#ExploitObserverAlert
CVE-2021-42096
DESCRIPTION: Exploit Observer has 5 entries related to CVE-2021-42096. GNU Mailman before 2.1.35 may allow remote Privilege Escalation. A certain csrf_token value is derived from the admin password, and may be useful in conducting a brute-force attack against that password.
FIRST-EPSS: 0.001730000
NVD-IS: 1.4
NVD-ES: 2.8
CVE-2021-42096
DESCRIPTION: Exploit Observer has 5 entries related to CVE-2021-42096. GNU Mailman before 2.1.35 may allow remote Privilege Escalation. A certain csrf_token value is derived from the admin password, and may be useful in conducting a brute-force attack against that password.
FIRST-EPSS: 0.001730000
NVD-IS: 1.4
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2023-44353
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-44353. Adobe ColdFusion versions 2023.5 (and earlier) and 2021.11 (and earlier) are affected by an Deserialization of Untrusted Data vulnerability that could result in Arbitrary code execution. Exploitation of this issue does not require user interaction.
FIRST-EPSS: 0.002270000
CVE-2023-44353
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-44353. Adobe ColdFusion versions 2023.5 (and earlier) and 2021.11 (and earlier) are affected by an Deserialization of Untrusted Data vulnerability that could result in Arbitrary code execution. Exploitation of this issue does not require user interaction.
FIRST-EPSS: 0.002270000
#ExploitObserverAlert
CVE-2023-46724
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-46724. Squid is a caching proxy for the Web. Due to an Improper Validation of Specified Index bug, Squid versions 3.3.0.1 through 5.9 and 6.0 prior to 6.4 compiled using `--with-openssl` are vulnerable to a Denial of Service attack against SSL Certificate validation. This problem allows a remote server to perform Denial of Service against Squid Proxy by initiating a TLS Handshake with a specially crafted SSL Certificate in a server certificate chain. This attack is limited to HTTPS and SSL-Bump. This bug is fixed in Squid version 6.4. In addition, patches addressing this problem for the stable releases can be found in Squid's patch archives. Those who you use a prepackaged version of Squid should refer to the package vendor for availability information on updated packages.
FIRST-EPSS: 0.003740000
NVD-IS: 3.6
NVD-ES: 3.9
CVE-2023-46724
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-46724. Squid is a caching proxy for the Web. Due to an Improper Validation of Specified Index bug, Squid versions 3.3.0.1 through 5.9 and 6.0 prior to 6.4 compiled using `--with-openssl` are vulnerable to a Denial of Service attack against SSL Certificate validation. This problem allows a remote server to perform Denial of Service against Squid Proxy by initiating a TLS Handshake with a specially crafted SSL Certificate in a server certificate chain. This attack is limited to HTTPS and SSL-Bump. This bug is fixed in Squid version 6.4. In addition, patches addressing this problem for the stable releases can be found in Squid's patch archives. Those who you use a prepackaged version of Squid should refer to the package vendor for availability information on updated packages.
FIRST-EPSS: 0.003740000
NVD-IS: 3.6
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2021-28965
DESCRIPTION: Exploit Observer has 12 entries related to CVE-2021-28965. The REXML gem before 3.2.5 in Ruby before 2.6.7, 2.7.x before 2.7.3, and 3.x before 3.0.1 does not properly address XML round-trip issues. An incorrect document can be produced after parsing and serializing.
FIRST-EPSS: 0.000890000
NVD-IS: 3.6
NVD-ES: 3.9
CVE-2021-28965
DESCRIPTION: Exploit Observer has 12 entries related to CVE-2021-28965. The REXML gem before 3.2.5 in Ruby before 2.6.7, 2.7.x before 2.7.3, and 3.x before 3.0.1 does not properly address XML round-trip issues. An incorrect document can be produced after parsing and serializing.
FIRST-EPSS: 0.000890000
NVD-IS: 3.6
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2023-2516
DESCRIPTION: Exploit Observer has 6 entries related to CVE-2023-2516. Cross-site Scripting (XSS) - Stored in GitHub repository nilsteampassnet/teampass prior to 3.0.7.
FIRST-EPSS: 0.000630000
NVD-IS: 2.7
NVD-ES: 2.3
CVE-2023-2516
DESCRIPTION: Exploit Observer has 6 entries related to CVE-2023-2516. Cross-site Scripting (XSS) - Stored in GitHub repository nilsteampassnet/teampass prior to 3.0.7.
FIRST-EPSS: 0.000630000
NVD-IS: 2.7
NVD-ES: 2.3
#ExploitObserverAlert
CVE-2020-7961
DESCRIPTION: Exploit Observer has 106 entries related to CVE-2020-7961. Deserialization of Untrusted Data in Liferay Portal prior to 7.2.1 CE GA2 allows remote attackers to execute arbitrary code via JSON web services (JSONWS).
FIRST-EPSS: 0.973420000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2020-7961
DESCRIPTION: Exploit Observer has 106 entries related to CVE-2020-7961. Deserialization of Untrusted Data in Liferay Portal prior to 7.2.1 CE GA2 allows remote attackers to execute arbitrary code via JSON web services (JSONWS).
FIRST-EPSS: 0.973420000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2003-0282
DESCRIPTION: Exploit Observer has 18 entries related to CVE-2003-0282. Directory traversal vulnerability in UnZip 5.50 allows attackers to overwrite arbitrary files via invalid characters between two . (dot) characters, which are filtered and result in a ".." sequence.
FIRST-EPSS: 0.001790000
NVD-IS: 2.9
NVD-ES: 4.9
CVE-2003-0282
DESCRIPTION: Exploit Observer has 18 entries related to CVE-2003-0282. Directory traversal vulnerability in UnZip 5.50 allows attackers to overwrite arbitrary files via invalid characters between two . (dot) characters, which are filtered and result in a ".." sequence.
FIRST-EPSS: 0.001790000
NVD-IS: 2.9
NVD-ES: 4.9
#ExploitObserverAlert
CVE-2023-39264
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-39264. By default, stack traces for errors were enabled, which resulted in the exposure of internal traces on REST API endpoints to users. This vulnerability exists in Apache Superset versions up to and including 2.1.0.
FIRST-EPSS: 0.000620000
NVD-IS: 1.4
NVD-ES: 2.8
CVE-2023-39264
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-39264. By default, stack traces for errors were enabled, which resulted in the exposure of internal traces on REST API endpoints to users. This vulnerability exists in Apache Superset versions up to and including 2.1.0.
FIRST-EPSS: 0.000620000
NVD-IS: 1.4
NVD-ES: 2.8
#ExploitObserverAlert
GHSA-qvh3-87rf-gc36
DESCRIPTION: Exploit Observer has 1 entries related to GHSA-QVH3-87RF-GC36. A Cross Site Request Forgery vulnerability in ePolicy Orchestrator prior to 5.10.0 CP1 Update 2 allows a remote low privilege user to successfully add a new user with administrator privileges to the ePO server. This impacts the dashboard area of the user interface. To exploit this the attacker must change the HTTP payload post submission, prior to it reaching the ePO server.
GHSS: 8.0
GHSA-qvh3-87rf-gc36
DESCRIPTION: Exploit Observer has 1 entries related to GHSA-QVH3-87RF-GC36. A Cross Site Request Forgery vulnerability in ePolicy Orchestrator prior to 5.10.0 CP1 Update 2 allows a remote low privilege user to successfully add a new user with administrator privileges to the ePO server. This impacts the dashboard area of the user interface. To exploit this the attacker must change the HTTP payload post submission, prior to it reaching the ePO server.
GHSS: 8.0
#ExploitObserverAlert
CVE-2023-23752
DESCRIPTION: Exploit Observer has 88 entries related to CVE-2023-23752. An issue was discovered in Joomla! 4.0.0 through 4.2.7. An improper access check allows unauthorized access to webservice endpoints.
FIRST-EPSS: 0.750890000
NVD-IS: 1.4
NVD-ES: 3.9
CVE-2023-23752
DESCRIPTION: Exploit Observer has 88 entries related to CVE-2023-23752. An issue was discovered in Joomla! 4.0.0 through 4.2.7. An improper access check allows unauthorized access to webservice endpoints.
FIRST-EPSS: 0.750890000
NVD-IS: 1.4
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2023-46214
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2023-46214. In Splunk Enterprise versions below 9.0.7 and 9.1.2, Splunk Enterprise does not safely sanitize extensible stylesheet language transformations (XSLT) that users supply. This means that an attacker can upload malicious XSLT which can result in remote code execution on the Splunk Enterprise instance.
FIRST-EPSS: 0.002390000
NVD-IS: 5.9
NVD-ES: 2.8
CVE-2023-46214
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2023-46214. In Splunk Enterprise versions below 9.0.7 and 9.1.2, Splunk Enterprise does not safely sanitize extensible stylesheet language transformations (XSLT) that users supply. This means that an attacker can upload malicious XSLT which can result in remote code execution on the Splunk Enterprise instance.
FIRST-EPSS: 0.002390000
NVD-IS: 5.9
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2020-12695
DESCRIPTION: Exploit Observer has 34 entries related to CVE-2020-12695. The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the acceptance of a subscription request with a delivery URL on a different network segment than the fully qualified event-subscription URL, aka the CallStranger issue.
FIRST-EPSS: 0.003830000
NVD-IS: 4.7
NVD-ES: 2.2
CVE-2020-12695
DESCRIPTION: Exploit Observer has 34 entries related to CVE-2020-12695. The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the acceptance of a subscription request with a delivery URL on a different network segment than the fully qualified event-subscription URL, aka the CallStranger issue.
FIRST-EPSS: 0.003830000
NVD-IS: 4.7
NVD-ES: 2.2
#ExploitObserverAlert
CVE-2023-36025
DESCRIPTION: Exploit Observer has 20 entries related to CVE-2023-36025. Windows SmartScreen Security Feature Bypass Vulnerability
FIRST-EPSS: 0.007930000
NVD-IS: 5.9
NVD-ES: 2.8
CVE-2023-36025
DESCRIPTION: Exploit Observer has 20 entries related to CVE-2023-36025. Windows SmartScreen Security Feature Bypass Vulnerability
FIRST-EPSS: 0.007930000
NVD-IS: 5.9
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2021-39885
DESCRIPTION: Exploit Observer has 4 entries related to CVE-2021-39885. A Stored XSS in merge request creation page in all versions of Gitlab EE starting from 13.7 before 14.1.7, all versions starting from 14.2 before 14.2.5, and all versions starting from 14.3 before 14.3.1 allows an attacker to execute arbitrary JavaScript code on the victim's behalf via malicious approval rule names
FIRST-EPSS: 0.000670000
NVD-IS: 2.7
NVD-ES: 2.3
CVE-2021-39885
DESCRIPTION: Exploit Observer has 4 entries related to CVE-2021-39885. A Stored XSS in merge request creation page in all versions of Gitlab EE starting from 13.7 before 14.1.7, all versions starting from 14.2 before 14.2.5, and all versions starting from 14.3 before 14.3.1 allows an attacker to execute arbitrary JavaScript code on the victim's behalf via malicious approval rule names
FIRST-EPSS: 0.000670000
NVD-IS: 2.7
NVD-ES: 2.3
#ExploitObserverAlert
CVE-2023-28432
DESCRIPTION: Exploit Observer has 41 entries related to CVE-2023-28432. Minio is a Multi-Cloud Object Storage framework. In a cluster deployment starting with RELEASE.2019-12-17T23-16-33Z and prior to RELEASE.2023-03-20T20-16-18Z, MinIO returns all environment variables, including `MINIO_SECRET_KEY` and `MINIO_ROOT_PASSWORD`, resulting in information disclosure. All users of distributed deployment are impacted. All users are advised to upgrade to RELEASE.2023-03-20T20-16-18Z.
FIRST-EPSS: 0.156100000
NVD-IS: 3.6
NVD-ES: 3.9
CVE-2023-28432
DESCRIPTION: Exploit Observer has 41 entries related to CVE-2023-28432. Minio is a Multi-Cloud Object Storage framework. In a cluster deployment starting with RELEASE.2019-12-17T23-16-33Z and prior to RELEASE.2023-03-20T20-16-18Z, MinIO returns all environment variables, including `MINIO_SECRET_KEY` and `MINIO_ROOT_PASSWORD`, resulting in information disclosure. All users of distributed deployment are impacted. All users are advised to upgrade to RELEASE.2023-03-20T20-16-18Z.
FIRST-EPSS: 0.156100000
NVD-IS: 3.6
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2023-26048
DESCRIPTION: Exploit Observer has 7 entries related to CVE-2023-26048. Jetty is a java based web server and servlet engine. In affected versions servlets with multipart support (e.g. annotated with `@MultipartConfig`) that call `HttpServletRequest.getParameter()` or `HttpServletRequest.getParts()` may cause `OutOfMemoryError` when the client sends a multipart request with a part that has a name but no filename and very large content. This happens even with the default settings of `fileSizeThreshold=0` which should stream the whole part content to disk. An attacker client may send a large multipart request and cause the server to throw `OutOfMemoryError`. However, the server may be able to recover after the `OutOfMemoryError` and continue its service -- although it may take some time. This issue has been patched in versions 9.4.51, 10.0.14, and 11.0.14. Users are advised to upgrade. Users unable to upgrade may set the multipart parameter `maxRequestSize` which must be set to a non-negative value, so the whole multipart content is limited (although still read into memory).
FIRST-EPSS: 0.001310000
NVD-IS: 1.4
NVD-ES: 3.9
CVE-2023-26048
DESCRIPTION: Exploit Observer has 7 entries related to CVE-2023-26048. Jetty is a java based web server and servlet engine. In affected versions servlets with multipart support (e.g. annotated with `@MultipartConfig`) that call `HttpServletRequest.getParameter()` or `HttpServletRequest.getParts()` may cause `OutOfMemoryError` when the client sends a multipart request with a part that has a name but no filename and very large content. This happens even with the default settings of `fileSizeThreshold=0` which should stream the whole part content to disk. An attacker client may send a large multipart request and cause the server to throw `OutOfMemoryError`. However, the server may be able to recover after the `OutOfMemoryError` and continue its service -- although it may take some time. This issue has been patched in versions 9.4.51, 10.0.14, and 11.0.14. Users are advised to upgrade. Users unable to upgrade may set the multipart parameter `maxRequestSize` which must be set to a non-negative value, so the whole multipart content is limited (although still read into memory).
FIRST-EPSS: 0.001310000
NVD-IS: 1.4
NVD-ES: 3.9