#ExploitObserverAlert
CVE-2023-46604
DESCRIPTION: Exploit Observer has 99 entries related to CVE-2023-46604. The Java OpenWire protocol marshaller is vulnerable to Remote Code Execution. This vulnerability may allow a remote attacker with network access to either a Java-based OpenWire broker or client to run arbitrary shell commands by manipulating serialized class types in the OpenWire protocol to cause either the client or the broker (respectively) to instantiate any class on the classpath. Users are recommended to upgrade both brokers and clients to version 5.15.16, 5.16.7, 5.17.6, or 5.18.3 which fixes this issue.
FIRST-EPSS: 0.966470000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2023-46604
DESCRIPTION: Exploit Observer has 99 entries related to CVE-2023-46604. The Java OpenWire protocol marshaller is vulnerable to Remote Code Execution. This vulnerability may allow a remote attacker with network access to either a Java-based OpenWire broker or client to run arbitrary shell commands by manipulating serialized class types in the OpenWire protocol to cause either the client or the broker (respectively) to instantiate any class on the classpath. Users are recommended to upgrade both brokers and clients to version 5.15.16, 5.16.7, 5.17.6, or 5.18.3 which fixes this issue.
FIRST-EPSS: 0.966470000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
GHSA-wmmg-rjjc-vqh8
DESCRIPTION: Exploit Observer has 1 entries related to GHSA-WMMG-RJJC-VQH8.
GHSS: 5.5
GHSA-wmmg-rjjc-vqh8
DESCRIPTION: Exploit Observer has 1 entries related to GHSA-WMMG-RJJC-VQH8.
GHSS: 5.5
#ExploitObserverAlert
CVE-2023-22515
DESCRIPTION: Exploit Observer has 240 entries related to CVE-2023-22515. Atlassian has been made aware of an issue reported by a handful of customers where external attackers may have exploited a previously unknown vulnerability in publicly accessible Confluence Data Center and Server instances to create unauthorized Confluence administrator accounts and access Confluence instances. Atlassian Cloud sites are not affected by this vulnerability. If your Confluence site is accessed via an atlassian.net domain, it is hosted by Atlassian and is not vulnerable to this issue.
FIRST-EPSS: 0.955290000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2023-22515
DESCRIPTION: Exploit Observer has 240 entries related to CVE-2023-22515. Atlassian has been made aware of an issue reported by a handful of customers where external attackers may have exploited a previously unknown vulnerability in publicly accessible Confluence Data Center and Server instances to create unauthorized Confluence administrator accounts and access Confluence instances. Atlassian Cloud sites are not affected by this vulnerability. If your Confluence site is accessed via an atlassian.net domain, it is hosted by Atlassian and is not vulnerable to this issue.
FIRST-EPSS: 0.955290000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2023-20921
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-20921. In onPackageRemoved of AccessibilityManagerService.java, there is a possibility to automatically grant accessibility services due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-243378132
FIRST-EPSS: 0.000420000
NVD-IS: 5.9
NVD-ES: 1.3
CVE-2023-20921
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-20921. In onPackageRemoved of AccessibilityManagerService.java, there is a possibility to automatically grant accessibility services due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-243378132
FIRST-EPSS: 0.000420000
NVD-IS: 5.9
NVD-ES: 1.3
#ExploitObserverAlert
GHSA-fvx4-8h2x-gm9q
DESCRIPTION: Exploit Observer has 1 entries related to GHSA-FVX4-8H2X-GM9Q.
GHSS: 8.8
GHSA-fvx4-8h2x-gm9q
DESCRIPTION: Exploit Observer has 1 entries related to GHSA-FVX4-8H2X-GM9Q.
GHSS: 8.8
#ExploitObserverAlert
CVE-2023-4357
DESCRIPTION: Exploit Observer has 9 entries related to CVE-2023-4357. Insufficient validation of untrusted input in XML in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to bypass file access restrictions via a crafted HTML page. (Chromium security severity: Medium)
FIRST-EPSS: 0.001280000
NVD-IS: 5.9
NVD-ES: 2.8
CVE-2023-4357
DESCRIPTION: Exploit Observer has 9 entries related to CVE-2023-4357. Insufficient validation of untrusted input in XML in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to bypass file access restrictions via a crafted HTML page. (Chromium security severity: Medium)
FIRST-EPSS: 0.001280000
NVD-IS: 5.9
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2021-26294
DESCRIPTION: Exploit Observer has 14 entries related to CVE-2021-26294. An issue was discovered in AfterLogic Aurora through 7.7.9 and WebMail Pro through 7.7.9. They allow directory traversal to read files (such as a data/settings/settings.xml file containing admin panel credentials), as demonstrated by dav/server.php/files/personal/.. when using the caldav_public_user account (with caldav_public_user as its password).
FIRST-EPSS: 0.002650000
NVD-IS: 3.6
NVD-ES: 3.9
CVE-2021-26294
DESCRIPTION: Exploit Observer has 14 entries related to CVE-2021-26294. An issue was discovered in AfterLogic Aurora through 7.7.9 and WebMail Pro through 7.7.9. They allow directory traversal to read files (such as a data/settings/settings.xml file containing admin panel credentials), as demonstrated by dav/server.php/files/personal/.. when using the caldav_public_user account (with caldav_public_user as its password).
FIRST-EPSS: 0.002650000
NVD-IS: 3.6
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2023-24023
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2023-24023. Bluetooth BR/EDR devices with Secure Simple Pairing and Secure Connections pairing in Bluetooth Core Specification 4.2 through 5.4 allow certain man-in-the-middle attacks that force a short key length, and might lead to discovery of the encryption key and live injection, aka BLUFFS.
CVE-2023-24023
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2023-24023. Bluetooth BR/EDR devices with Secure Simple Pairing and Secure Connections pairing in Bluetooth Core Specification 4.2 through 5.4 allow certain man-in-the-middle attacks that force a short key length, and might lead to discovery of the encryption key and live injection, aka BLUFFS.
#ExploitObserverAlert
GHSA-phfx-x4q3-w99v
DESCRIPTION: Exploit Observer has 1 entries related to GHSA-PHFX-X4Q3-W99V. An issue was discovered in ownCloud owncloud/oauth2 before 0.6.1, when Allow Subdomains is enabled. An attacker is able to pass in a crafted redirect-url that bypasses validation, and consequently allows an attacker to redirect callbacks to a Top Level Domain controlled by the attacker.
GHSS: 8.7
GHSA-phfx-x4q3-w99v
DESCRIPTION: Exploit Observer has 1 entries related to GHSA-PHFX-X4Q3-W99V. An issue was discovered in ownCloud owncloud/oauth2 before 0.6.1, when Allow Subdomains is enabled. An attacker is able to pass in a crafted redirect-url that bypasses validation, and consequently allows an attacker to redirect callbacks to a Top Level Domain controlled by the attacker.
GHSS: 8.7
#ExploitObserverAlert
GHSA-585g-f852-v6p4
DESCRIPTION: Exploit Observer has 1 entries related to GHSA-585G-F852-V6P4. An issue was discovered in ownCloud owncloud/core before 10.13.1. An attacker can access, modify, or delete any file without authentication if the username of a victim is known, and the victim has no signing-key configured. This occurs because pre-signed URLs can be accepted even when no signing-key is configured for the owner of the files. The earliest affected version is 10.6.0.
GHSS: 9.8
GHSA-585g-f852-v6p4
DESCRIPTION: Exploit Observer has 1 entries related to GHSA-585G-F852-V6P4. An issue was discovered in ownCloud owncloud/core before 10.13.1. An attacker can access, modify, or delete any file without authentication if the username of a victim is known, and the victim has no signing-key configured. This occurs because pre-signed URLs can be accepted even when no signing-key is configured for the owner of the files. The earliest affected version is 10.6.0.
GHSS: 9.8
#ExploitObserverAlert
GHSA-gj52-rqw6-xxqh
DESCRIPTION: Exploit Observer has 5 entries related to GHSA-GJ52-RQW6-XXQH. Wacom Driver 6.3.46-1 for Windows was discovered to contain an arbitrary file write vulnerability via the component \Wacom\Wacom_Tablet.exe.
GHSS: 5.9
GHSA-gj52-rqw6-xxqh
DESCRIPTION: Exploit Observer has 5 entries related to GHSA-GJ52-RQW6-XXQH. Wacom Driver 6.3.46-1 for Windows was discovered to contain an arbitrary file write vulnerability via the component \Wacom\Wacom_Tablet.exe.
GHSS: 5.9
#ExploitObserverAlert
GHSA-38jp-hqg7-hhj2
DESCRIPTION: Exploit Observer has 1 entries related to GHSA-38JP-HQG7-HHJ2. A Cross-Site Scripting (XSS) vulnerability has been found in Alumne LMS affecting version 4.0.0.1.08. An attacker could exploit the 'localidad' parameter to inject a custom JavaScript payload and partially take over another user's browser session, due to the lack of proper sanitisation of the 'localidad' field on the /users/editmy page.
GHSS: 5.4
GHSA-38jp-hqg7-hhj2
DESCRIPTION: Exploit Observer has 1 entries related to GHSA-38JP-HQG7-HHJ2. A Cross-Site Scripting (XSS) vulnerability has been found in Alumne LMS affecting version 4.0.0.1.08. An attacker could exploit the 'localidad' parameter to inject a custom JavaScript payload and partially take over another user's browser session, due to the lack of proper sanitisation of the 'localidad' field on the /users/editmy page.
GHSS: 5.4
#ExploitObserverAlert
GHSA-gvwr-5hrc-2gr5
DESCRIPTION: Exploit Observer has 8 entries related to GHSA-GVWR-5HRC-2GR5. Windows Win32k Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-1698.
GHSS: 7.8
GHSA-gvwr-5hrc-2gr5
DESCRIPTION: Exploit Observer has 8 entries related to GHSA-GVWR-5HRC-2GR5. Windows Win32k Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-1698.
GHSS: 7.8
#ExploitObserverAlert
GHSA-j852-mp82-wv2g
DESCRIPTION: Exploit Observer has 3 entries related to GHSA-J852-MP82-WV2G.
GHSS: 5.4
GHSA-j852-mp82-wv2g
DESCRIPTION: Exploit Observer has 3 entries related to GHSA-J852-MP82-WV2G.
GHSS: 5.4
#ExploitObserverAlert
CVE-2021-35247
DESCRIPTION: Exploit Observer has 4 entries related to CVE-2021-35247. Serv-U web login screen to LDAP authentication was allowing characters that were not sufficiently sanitized. SolarWinds has updated the input mechanism to perform additional validation and sanitization. Please Note: No downstream affect has been detected as the LDAP servers ignored improper characters. To insure proper input validation is completed in all environments. SolarWinds recommends scheduling an update to the latest version of Serv-U.
FIRST-EPSS: 0.008090000
NVD-IS: 1.4
NVD-ES: 3.9
CVE-2021-35247
DESCRIPTION: Exploit Observer has 4 entries related to CVE-2021-35247. Serv-U web login screen to LDAP authentication was allowing characters that were not sufficiently sanitized. SolarWinds has updated the input mechanism to perform additional validation and sanitization. Please Note: No downstream affect has been detected as the LDAP servers ignored improper characters. To insure proper input validation is completed in all environments. SolarWinds recommends scheduling an update to the latest version of Serv-U.
FIRST-EPSS: 0.008090000
NVD-IS: 1.4
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2023-6359
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-6359. A Cross-Site Scripting (XSS) vulnerability has been found in Alumne LMS affecting version 4.0.0.1.08. An attacker could exploit the 'localidad' parameter to inject a custom JavaScript payload and partially take over another user's browser session, due to the lack of proper sanitisation of the 'localidad' field on the /users/editmy page.
CVE-2023-6359
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-6359. A Cross-Site Scripting (XSS) vulnerability has been found in Alumne LMS affecting version 4.0.0.1.08. An attacker could exploit the 'localidad' parameter to inject a custom JavaScript payload and partially take over another user's browser session, due to the lack of proper sanitisation of the 'localidad' field on the /users/editmy page.
#ExploitObserverAlert
GHSA-c9g8-fgq6-h2wg
DESCRIPTION: Exploit Observer has 14 entries related to GHSA-C9G8-FGQ6-H2WG. A vulnerability in Cisco Integrated Management Controller (IMC) Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data could allow an unauthenticated, remote attacker to log in to the CLI of an affected system by using the SCP User account (scpuser), which has default user credentials. The vulnerability is due to the presence of a documented default account with an undocumented default password and incorrect permission settings for that account. Changing the default password for this account is not enforced during the installation of the product. An attacker could exploit this vulnerability by using the account to log in to an affected system. A successful exploit could allow the attacker to execute arbitrary commands with the privileges of the scpuser account. This includes full read and write access to the system's database.
GHSS: 9.8
GHSA-c9g8-fgq6-h2wg
DESCRIPTION: Exploit Observer has 14 entries related to GHSA-C9G8-FGQ6-H2WG. A vulnerability in Cisco Integrated Management Controller (IMC) Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data could allow an unauthenticated, remote attacker to log in to the CLI of an affected system by using the SCP User account (scpuser), which has default user credentials. The vulnerability is due to the presence of a documented default account with an undocumented default password and incorrect permission settings for that account. Changing the default password for this account is not enforced during the installation of the product. An attacker could exploit this vulnerability by using the account to log in to an affected system. A successful exploit could allow the attacker to execute arbitrary commands with the privileges of the scpuser account. This includes full read and write access to the system's database.
GHSS: 9.8
#ExploitObserverAlert
GHSA-j683-v94g-h65c
DESCRIPTION: Exploit Observer has 10 entries related to GHSA-J683-V94G-H65C. In BIG-IP starting in versions 17.0.0, 16.1.2.2, 15.1.5.1, 14.1.4.6, and 13.1.5 on their respective branches, a format string vulnerability exists in iControl SOAP that allows an authenticated attacker to crash the iControl SOAP CGI process or, potentially execute arbitrary code. In appliance mode BIG-IP, a successful exploit of this vulnerability can allow the attacker to cross a security boundary. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
GHSS: 9.9
GHSA-j683-v94g-h65c
DESCRIPTION: Exploit Observer has 10 entries related to GHSA-J683-V94G-H65C. In BIG-IP starting in versions 17.0.0, 16.1.2.2, 15.1.5.1, 14.1.4.6, and 13.1.5 on their respective branches, a format string vulnerability exists in iControl SOAP that allows an authenticated attacker to crash the iControl SOAP CGI process or, potentially execute arbitrary code. In appliance mode BIG-IP, a successful exploit of this vulnerability can allow the attacker to cross a security boundary. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
GHSS: 9.9
#ExploitObserverAlert
CVE-2023-1971
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-1971. ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as critical, was found in yuan1994 tpAdmin 1.3.12. Affected is the function remote of the file application\admin\controller\Upload.php. The manipulation of the argument url leads to server-side request forgery. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-225408. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
FIRST-EPSS: 0.000630000
NVD-IS: 3.6
NVD-ES: 1.2
CVE-2023-1971
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-1971. ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as critical, was found in yuan1994 tpAdmin 1.3.12. Affected is the function remote of the file application\admin\controller\Upload.php. The manipulation of the argument url leads to server-side request forgery. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-225408. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
FIRST-EPSS: 0.000630000
NVD-IS: 3.6
NVD-ES: 1.2
#ExploitObserverAlert
GHSA-h7rr-pq87-v2r8
DESCRIPTION: Exploit Observer has 4 entries related to GHSA-H7RR-PQ87-V2R8. The APDFL.dll contains a memory corruption vulnerability while parsing specially crafted PDF files. This could allow an attacker to execute code in the context of the current process.
GHSS: 7.8
GHSA-h7rr-pq87-v2r8
DESCRIPTION: Exploit Observer has 4 entries related to GHSA-H7RR-PQ87-V2R8. The APDFL.dll contains a memory corruption vulnerability while parsing specially crafted PDF files. This could allow an attacker to execute code in the context of the current process.
GHSS: 7.8
#ExploitObserverAlert
CVE-2023-49103
DESCRIPTION: Exploit Observer has 10 entries related to CVE-2023-49103. An issue was discovered in ownCloud owncloud/graphapi 0.2.x before 0.2.1 and 0.3.x before 0.3.1. The graphapi app relies on a third-party GetPhpInfo.php library that provides a URL. When this URL is accessed, it reveals the configuration details of the PHP environment (phpinfo). This information includes all the environment variables of the webserver. In containerized deployments, these environment variables may include sensitive data such as the ownCloud admin password, mail server credentials, and license key. Simply disabling the graphapi app does not eliminate the vulnerability. Additionally, phpinfo exposes various other potentially sensitive configuration details that could be exploited by an attacker to gather information about the system. Therefore, even if ownCloud is not running in a containerized environment, this vulnerability should still be a cause for concern. Note that Docker containers from before February 2023 are not vulnerable to the credential disclosure.
FIRST-EPSS: 0.009170000
CVE-2023-49103
DESCRIPTION: Exploit Observer has 10 entries related to CVE-2023-49103. An issue was discovered in ownCloud owncloud/graphapi 0.2.x before 0.2.1 and 0.3.x before 0.3.1. The graphapi app relies on a third-party GetPhpInfo.php library that provides a URL. When this URL is accessed, it reveals the configuration details of the PHP environment (phpinfo). This information includes all the environment variables of the webserver. In containerized deployments, these environment variables may include sensitive data such as the ownCloud admin password, mail server credentials, and license key. Simply disabling the graphapi app does not eliminate the vulnerability. Additionally, phpinfo exposes various other potentially sensitive configuration details that could be exploited by an attacker to gather information about the system. Therefore, even if ownCloud is not running in a containerized environment, this vulnerability should still be a cause for concern. Note that Docker containers from before February 2023 are not vulnerable to the credential disclosure.
FIRST-EPSS: 0.009170000