#ExploitObserverAlert
CVE-2022-41853
DESCRIPTION: Exploit Observer has 9 entries related to CVE-2022-41853. Those using java.sql.Statement or java.sql.PreparedStatement in hsqldb (HyperSQL DataBase) to process untrusted input may be vulnerable to a remote code execution attack. By default it is allowed to call any static method of any Java class in the classpath resulting in code execution. The issue can be prevented by updating to 2.7.1 or by setting the system property "hsqldb.method_class_names" to classes which are allowed to be called. For example, System.setProperty("hsqldb.method_class_names", "abc") or Java argument -Dhsqldb.method_class_names="abc" can be used. From version 2.7.1 all classes by default are not accessible except those in java.lang.Math and need to be manually enabled.
FIRST-EPSS: 0.007180000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2022-41853
DESCRIPTION: Exploit Observer has 9 entries related to CVE-2022-41853. Those using java.sql.Statement or java.sql.PreparedStatement in hsqldb (HyperSQL DataBase) to process untrusted input may be vulnerable to a remote code execution attack. By default it is allowed to call any static method of any Java class in the classpath resulting in code execution. The issue can be prevented by updating to 2.7.1 or by setting the system property "hsqldb.method_class_names" to classes which are allowed to be called. For example, System.setProperty("hsqldb.method_class_names", "abc") or Java argument -Dhsqldb.method_class_names="abc" can be used. From version 2.7.1 all classes by default are not accessible except those in java.lang.Math and need to be manually enabled.
FIRST-EPSS: 0.007180000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2019-19814
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2019-19814. In the Linux kernel 5.0.21, mounting a crafted f2fs filesystem image can cause __remove_dirty_segment slab-out-of-bounds write access because an array is bounded by the number of dirty types (8) but the array index can exceed this.
FIRST-EPSS: 0.000830000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2019-19814
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2019-19814. In the Linux kernel 5.0.21, mounting a crafted f2fs filesystem image can cause __remove_dirty_segment slab-out-of-bounds write access because an array is bounded by the number of dirty types (8) but the array index can exceed this.
FIRST-EPSS: 0.000830000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2023-5678
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2023-5678. Issue summary: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow. Impact summary: Applications that use the functions DH_generate_key() to generate an X9.42 DH key may experience long delays. Likewise, applications that use DH_check_pub_key(), DH_check_pub_key_ex() or EVP_PKEY_public_check() to check an X9.42 DH key or X9.42 DH parameters may experience long delays. Where the key or parameters that are being checked have been obtained from an untrusted source this may lead to a Denial of Service. While DH_check() performs all the necessary checks (as of CVE-2023-3817), DH_check_pub_key() doesn't make any of these checks, and is therefore vulnerable for excessively large P and Q parameters. Likewise, while DH_generate_key() performs a check for an excessively large P, it doesn't check for an excessively large Q. An application that calls DH_generate_key() or DH_check_pub_key() and supplies a key or parameters obtained from an untrusted source could be vulnerable to a Denial of Service attack. DH_generate_key() and DH_check_pub_key() are also called by a number of other OpenSSL functions. An application calling any of those other functions may similarly be affected. The other functions affected by this are DH_check_pub_key_ex(), EVP_PKEY_public_check(), and EVP_PKEY_generate(). Also vulnerable are the OpenSSL pkey command line application when using the "-pubcheck" option, as well as the OpenSSL genpkey command line application. The OpenSSL SSL/TLS implementation is not affected by this issue. The OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue.
FIRST-EPSS: 0.000640000
NVD-IS: 1.4
NVD-ES: 3.9
CVE-2023-5678
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2023-5678. Issue summary: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow. Impact summary: Applications that use the functions DH_generate_key() to generate an X9.42 DH key may experience long delays. Likewise, applications that use DH_check_pub_key(), DH_check_pub_key_ex() or EVP_PKEY_public_check() to check an X9.42 DH key or X9.42 DH parameters may experience long delays. Where the key or parameters that are being checked have been obtained from an untrusted source this may lead to a Denial of Service. While DH_check() performs all the necessary checks (as of CVE-2023-3817), DH_check_pub_key() doesn't make any of these checks, and is therefore vulnerable for excessively large P and Q parameters. Likewise, while DH_generate_key() performs a check for an excessively large P, it doesn't check for an excessively large Q. An application that calls DH_generate_key() or DH_check_pub_key() and supplies a key or parameters obtained from an untrusted source could be vulnerable to a Denial of Service attack. DH_generate_key() and DH_check_pub_key() are also called by a number of other OpenSSL functions. An application calling any of those other functions may similarly be affected. The other functions affected by this are DH_check_pub_key_ex(), EVP_PKEY_public_check(), and EVP_PKEY_generate(). Also vulnerable are the OpenSSL pkey command line application when using the "-pubcheck" option, as well as the OpenSSL genpkey command line application. The OpenSSL SSL/TLS implementation is not affected by this issue. The OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue.
FIRST-EPSS: 0.000640000
NVD-IS: 1.4
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2023-30590
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2023-30590.
CVE-2023-30590
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2023-30590.
#ExploitObserverAlert
CVE-2023-2176
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-2176. A vulnerability was found in compare_netdev_and_ip in drivers/infiniband/core/cma.c in RDMA in the Linux Kernel. The improper cleanup results in out-of-boundary read, where a local user can utilize this problem to crash the system or escalation of privilege.
FIRST-EPSS: 0.000420000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2023-2176
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-2176. A vulnerability was found in compare_netdev_and_ip in drivers/infiniband/core/cma.c in RDMA in the Linux Kernel. The improper cleanup results in out-of-boundary read, where a local user can utilize this problem to crash the system or escalation of privilege.
FIRST-EPSS: 0.000420000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2019-19921
DESCRIPTION: Exploit Observer has 18 entries related to CVE-2019-19921. runc through 1.0.0-rc9 has Incorrect Access Control leading to Escalation of Privileges, related to libcontainer/rootfs_linux.go. To exploit this, an attacker must be able to spawn two containers with custom volume-mount configurations, and be able to run custom images. (This vulnerability does not affect Docker due to an implementation detail that happens to block the attack.)
FIRST-EPSS: 0.000460000
NVD-IS: 5.9
NVD-ES: 1.0
CVE-2019-19921
DESCRIPTION: Exploit Observer has 18 entries related to CVE-2019-19921. runc through 1.0.0-rc9 has Incorrect Access Control leading to Escalation of Privileges, related to libcontainer/rootfs_linux.go. To exploit this, an attacker must be able to spawn two containers with custom volume-mount configurations, and be able to run custom images. (This vulnerability does not affect Docker due to an implementation detail that happens to block the attack.)
FIRST-EPSS: 0.000460000
NVD-IS: 5.9
NVD-ES: 1.0
#ExploitObserverAlert
GHSA-mwwq-v92j-38xr
DESCRIPTION: Exploit Observer has 8 entries related to GHSA-MWWQ-V92J-38XR. In Splunk Enterprise versions below 9.0.7 and 9.1.2, Splunk Enterprise does not safely sanitize extensible stylesheet language transformations (XSLT) that users supply. This means that an attacker can upload malicious XSLT which can result in remote code execution on the Splunk Enterprise instance.
GHSS: 8.0
GHSA-mwwq-v92j-38xr
DESCRIPTION: Exploit Observer has 8 entries related to GHSA-MWWQ-V92J-38XR. In Splunk Enterprise versions below 9.0.7 and 9.1.2, Splunk Enterprise does not safely sanitize extensible stylesheet language transformations (XSLT) that users supply. This means that an attacker can upload malicious XSLT which can result in remote code execution on the Splunk Enterprise instance.
GHSS: 8.0
#ExploitObserverAlert
CVE-2023-5633
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-5633. The reference count changes made as part of the CVE-2023-33951 and CVE-2023-33952 fixes exposed a use-after-free flaw in the way memory objects were handled when they were being used to store a surface. When running inside a VMware guest with 3D acceleration enabled, a local, unprivileged user could potentially use this flaw to escalate their privileges.
FIRST-EPSS: 0.000430000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2023-5633
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-5633. The reference count changes made as part of the CVE-2023-33951 and CVE-2023-33952 fixes exposed a use-after-free flaw in the way memory objects were handled when they were being used to store a surface. When running inside a VMware guest with 3D acceleration enabled, a local, unprivileged user could potentially use this flaw to escalate their privileges.
FIRST-EPSS: 0.000430000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2023-5717
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-5717. A heap out-of-bounds write vulnerability in the Linux kernel's Linux Kernel Performance Events (perf) component can be exploited to achieve local privilege escalation. If perf_read_group() is called while an event's sibling_list is smaller than its child's sibling_list, it can increment or write to memory locations outside of the allocated buffer. We recommend upgrading past commit 32671e3799ca2e4590773fd0e63aaa4229e50c06.
FIRST-EPSS: 0.000420000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2023-5717
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-5717. A heap out-of-bounds write vulnerability in the Linux kernel's Linux Kernel Performance Events (perf) component can be exploited to achieve local privilege escalation. If perf_read_group() is called while an event's sibling_list is smaller than its child's sibling_list, it can increment or write to memory locations outside of the allocated buffer. We recommend upgrading past commit 32671e3799ca2e4590773fd0e63aaa4229e50c06.
FIRST-EPSS: 0.000420000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2019-19449
DESCRIPTION: Exploit Observer has 4 entries related to CVE-2019-19449. In the Linux kernel 5.0.21, mounting a crafted f2fs filesystem image can lead to slab-out-of-bounds read access in f2fs_build_segment_manager in fs/f2fs/segment.c, related to init_min_max_mtime in fs/f2fs/segment.c (because the second argument to get_seg_entry is not validated).
FIRST-EPSS: 0.000830000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2019-19449
DESCRIPTION: Exploit Observer has 4 entries related to CVE-2019-19449. In the Linux kernel 5.0.21, mounting a crafted f2fs filesystem image can lead to slab-out-of-bounds read access in f2fs_build_segment_manager in fs/f2fs/segment.c, related to init_min_max_mtime in fs/f2fs/segment.c (because the second argument to get_seg_entry is not validated).
FIRST-EPSS: 0.000830000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2013-7445
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2013-7445. The Direct Rendering Manager (DRM) subsystem in the Linux kernel through 4.x mishandles requests for Graphics Execution Manager (GEM) objects, which allows context-dependent attackers to cause a denial of service (memory consumption) via an application that processes graphics data, as demonstrated by JavaScript code that creates many CANVAS elements for rendering by Chrome or Firefox.
FIRST-EPSS: 0.001490000
NVD-IS: 6.9
NVD-ES: 10.0
CVE-2013-7445
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2013-7445. The Direct Rendering Manager (DRM) subsystem in the Linux kernel through 4.x mishandles requests for Graphics Execution Manager (GEM) objects, which allows context-dependent attackers to cause a denial of service (memory consumption) via an application that processes graphics data, as demonstrated by JavaScript code that creates many CANVAS elements for rendering by Chrome or Firefox.
FIRST-EPSS: 0.001490000
NVD-IS: 6.9
NVD-ES: 10.0
#ExploitObserverAlert
CVE-2023-5360
DESCRIPTION: Exploit Observer has 15 entries related to CVE-2023-5360. The Royal Elementor Addons and Templates WordPress plugin before 1.3.79 does not properly validate uploaded files, which could allow unauthenticated users to upload arbitrary files, such as PHP and achieve RCE.
FIRST-EPSS: 0.867240000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2023-5360
DESCRIPTION: Exploit Observer has 15 entries related to CVE-2023-5360. The Royal Elementor Addons and Templates WordPress plugin before 1.3.79 does not properly validate uploaded files, which could allow unauthenticated users to upload arbitrary files, such as PHP and achieve RCE.
FIRST-EPSS: 0.867240000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2010-2861
DESCRIPTION: Exploit Observer has 53 entries related to CVE-2010-2861. Multiple directory traversal vulnerabilities in the administrator console in Adobe ColdFusion 9.0.1 and earlier allow remote attackers to read arbitrary files via the locale parameter to (1) CFIDE/administrator/settings/mappings.cfm, (2) logging/settings.cfm, (3) datasources/index.cfm, (4) j2eepackaging/editarchive.cfm, and (5) enter.cfm in CFIDE/administrator/.
FIRST-EPSS: 0.971430000
NVD-IS: 6.4
NVD-ES: 10.0
CVE-2010-2861
DESCRIPTION: Exploit Observer has 53 entries related to CVE-2010-2861. Multiple directory traversal vulnerabilities in the administrator console in Adobe ColdFusion 9.0.1 and earlier allow remote attackers to read arbitrary files via the locale parameter to (1) CFIDE/administrator/settings/mappings.cfm, (2) logging/settings.cfm, (3) datasources/index.cfm, (4) j2eepackaging/editarchive.cfm, and (5) enter.cfm in CFIDE/administrator/.
FIRST-EPSS: 0.971430000
NVD-IS: 6.4
NVD-ES: 10.0
#ExploitObserverAlert
CVE-2023-27561
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2023-27561. runc through 1.1.4 has Incorrect Access Control leading to Escalation of Privileges, related to libcontainer/rootfs_linux.go. To exploit this, an attacker must be able to spawn two containers with custom volume-mount configurations, and be able to run custom images. NOTE: this issue exists because of a CVE-2019-19921 regression.
FIRST-EPSS: 0.000420000
NVD-IS: 5.9
NVD-ES: 1.0
CVE-2023-27561
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2023-27561. runc through 1.1.4 has Incorrect Access Control leading to Escalation of Privileges, related to libcontainer/rootfs_linux.go. To exploit this, an attacker must be able to spawn two containers with custom volume-mount configurations, and be able to run custom images. NOTE: this issue exists because of a CVE-2019-19921 regression.
FIRST-EPSS: 0.000420000
NVD-IS: 5.9
NVD-ES: 1.0
#ExploitObserverAlert
CVE-2023-45853
DESCRIPTION: Exploit Observer has 13 entries related to CVE-2023-45853. MiniZip in zlib through 1.3 has an integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip4_64 via a long filename, comment, or extra field. NOTE: MiniZip is not a supported part of the zlib product.
FIRST-EPSS: 0.000980000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2023-45853
DESCRIPTION: Exploit Observer has 13 entries related to CVE-2023-45853. MiniZip in zlib through 1.3 has an integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip4_64 via a long filename, comment, or extra field. NOTE: MiniZip is not a supported part of the zlib product.
FIRST-EPSS: 0.000980000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2023-30588
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2023-30588.
CVE-2023-30588
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2023-30588.
#ExploitObserverAlert
CVE-2023-49314
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-49314. Asana Desktop 2.1.0 on macOS allows code injection because of specific Electron Fuses. There is inadequate protection against code injection through settings such as RunAsNode and EnableNodeCliInspectArguments, and thus r3ggi/electroniz3r can be used to perform an attack.
CVE-2023-49314
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-49314. Asana Desktop 2.1.0 on macOS allows code injection because of specific Electron Fuses. There is inadequate protection against code injection through settings such as RunAsNode and EnableNodeCliInspectArguments, and thus r3ggi/electroniz3r can be used to perform an attack.
#ExploitObserverAlert
CVE-2023-31484
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-31484. CPAN.pm before 2.35 does not verify TLS certificates when downloading distributions over HTTPS.
FIRST-EPSS: 0.002070000
NVD-IS: 5.9
NVD-ES: 2.2
CVE-2023-31484
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-31484. CPAN.pm before 2.35 does not verify TLS certificates when downloading distributions over HTTPS.
FIRST-EPSS: 0.002070000
NVD-IS: 5.9
NVD-ES: 2.2
#ExploitObserverAlert
GHSA-jhpc-56wj-35j2
DESCRIPTION: Exploit Observer has 5 entries related to GHSA-JHPC-56WJ-35J2.
GHSS: 6.5
GHSA-jhpc-56wj-35j2
DESCRIPTION: Exploit Observer has 5 entries related to GHSA-JHPC-56WJ-35J2.
GHSS: 6.5
#ExploitObserverAlert
CVE-2023-0386
DESCRIPTION: Exploit Observer has 51 entries related to CVE-2023-0386. A flaw was found in the Linux kernel, where unauthorized access to the execution of the setuid file with capabilities was found in the Linux kernel’s OverlayFS subsystem in how a user copies a capable file from a nosuid mount into another mount. This uid mapping bug allows a local user to escalate their privileges on the system.
FIRST-EPSS: 0.000420000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2023-0386
DESCRIPTION: Exploit Observer has 51 entries related to CVE-2023-0386. A flaw was found in the Linux kernel, where unauthorized access to the execution of the setuid file with capabilities was found in the Linux kernel’s OverlayFS subsystem in how a user copies a capable file from a nosuid mount into another mount. This uid mapping bug allows a local user to escalate their privileges on the system.
FIRST-EPSS: 0.000420000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2023-46214
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2023-46214. In Splunk Enterprise versions below 9.0.7 and 9.1.2, Splunk Enterprise does not safely sanitize extensible stylesheet language transformations (XSLT) that users supply. This means that an attacker can upload malicious XSLT which can result in remote code execution on the Splunk Enterprise instance.
FIRST-EPSS: 0.002390000
NVD-IS: 5.9
NVD-ES: 2.8
CVE-2023-46214
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2023-46214. In Splunk Enterprise versions below 9.0.7 and 9.1.2, Splunk Enterprise does not safely sanitize extensible stylesheet language transformations (XSLT) that users supply. This means that an attacker can upload malicious XSLT which can result in remote code execution on the Splunk Enterprise instance.
FIRST-EPSS: 0.002390000
NVD-IS: 5.9
NVD-ES: 2.8