#ExploitObserverAlert
CVE-2020-11738
DESCRIPTION: Exploit Observer has 29 entries related to CVE-2020-11738. The Snap Creek Duplicator plugin before 1.3.28 for WordPress (and Duplicator Pro before 3.8.7.1) allows Directory Traversal via ../ in the file parameter to duplicator_download or duplicator_init.
FIRST-EPSS: 0.974300000
NVD-IS: 3.6
NVD-ES: 3.9
CVE-2020-11738
DESCRIPTION: Exploit Observer has 29 entries related to CVE-2020-11738. The Snap Creek Duplicator plugin before 1.3.28 for WordPress (and Duplicator Pro before 3.8.7.1) allows Directory Traversal via ../ in the file parameter to duplicator_download or duplicator_init.
FIRST-EPSS: 0.974300000
NVD-IS: 3.6
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2019-7609
DESCRIPTION: Exploit Observer has 70 entries related to CVE-2019-7609. Kibana versions before 5.6.15 and 6.6.1 contain an arbitrary code execution flaw in the Timelion visualizer. An attacker with access to the Timelion application could send a request that will attempt to execute javascript code. This could possibly lead to an attacker executing arbitrary commands with permissions of the Kibana process on the host system.
FIRST-EPSS: 0.963650000
NVD-IS: 6.0
NVD-ES: 3.9
CVE-2019-7609
DESCRIPTION: Exploit Observer has 70 entries related to CVE-2019-7609. Kibana versions before 5.6.15 and 6.6.1 contain an arbitrary code execution flaw in the Timelion visualizer. An attacker with access to the Timelion application could send a request that will attempt to execute javascript code. This could possibly lead to an attacker executing arbitrary commands with permissions of the Kibana process on the host system.
FIRST-EPSS: 0.963650000
NVD-IS: 6.0
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2021-21551
DESCRIPTION: Exploit Observer has 56 entries related to CVE-2021-21551. Dell dbutil_2_3.sys driver contains an insufficient access control vulnerability which may lead to escalation of privileges, denial of service, or information disclosure. Local authenticated user access is required.
FIRST-EPSS: 0.001540000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2021-21551
DESCRIPTION: Exploit Observer has 56 entries related to CVE-2021-21551. Dell dbutil_2_3.sys driver contains an insufficient access control vulnerability which may lead to escalation of privileges, denial of service, or information disclosure. Local authenticated user access is required.
FIRST-EPSS: 0.001540000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2016-6415
DESCRIPTION: Exploit Observer has 18 entries related to CVE-2016-6415. The server IKEv1 implementation in Cisco IOS 12.2 through 12.4 and 15.0 through 15.6, IOS XE through 3.18S, IOS XR 4.3.x and 5.0.x through 5.2.x, and PIX before 7.0 allows remote attackers to obtain sensitive information from device memory via a Security Association (SA) negotiation request, aka Bug IDs CSCvb29204 and CSCvb36055 or BENIGNCERTAIN.
FIRST-EPSS: 0.973180000
NVD-IS: 3.6
NVD-ES: 3.9
CVE-2016-6415
DESCRIPTION: Exploit Observer has 18 entries related to CVE-2016-6415. The server IKEv1 implementation in Cisco IOS 12.2 through 12.4 and 15.0 through 15.6, IOS XE through 3.18S, IOS XR 4.3.x and 5.0.x through 5.2.x, and PIX before 7.0 allows remote attackers to obtain sensitive information from device memory via a Security Association (SA) negotiation request, aka Bug IDs CSCvb29204 and CSCvb36055 or BENIGNCERTAIN.
FIRST-EPSS: 0.973180000
NVD-IS: 3.6
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2013-1331
DESCRIPTION: Exploit Observer has 4 entries related to CVE-2013-1331. Buffer overflow in Microsoft Office 2003 SP3 and Office 2011 for Mac allows remote attackers to execute arbitrary code via crafted PNG data in an Office document, leading to improper memory allocation, aka "Office Buffer Overflow Vulnerability."
FIRST-EPSS: 0.968470000
NVD-IS: 10.0
NVD-ES: 8.6
CVE-2013-1331
DESCRIPTION: Exploit Observer has 4 entries related to CVE-2013-1331. Buffer overflow in Microsoft Office 2003 SP3 and Office 2011 for Mac allows remote attackers to execute arbitrary code via crafted PNG data in an Office document, leading to improper memory allocation, aka "Office Buffer Overflow Vulnerability."
FIRST-EPSS: 0.968470000
NVD-IS: 10.0
NVD-ES: 8.6
#ExploitObserverAlert
CVE-2022-2856
DESCRIPTION: Exploit Observer has 4 entries related to CVE-2022-2856. Insufficient validation of untrusted input in Intents in Google Chrome on Android prior to 104.0.5112.101 allowed a remote attacker to arbitrarily browse to a malicious website via a crafted HTML page.
FIRST-EPSS: 0.003730000
NVD-IS: 3.6
NVD-ES: 2.8
CVE-2022-2856
DESCRIPTION: Exploit Observer has 4 entries related to CVE-2022-2856. Insufficient validation of untrusted input in Intents in Google Chrome on Android prior to 104.0.5112.101 allowed a remote attacker to arbitrarily browse to a malicious website via a crafted HTML page.
FIRST-EPSS: 0.003730000
NVD-IS: 3.6
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2021-33771
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2021-33771. Windows Kernel Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-31979, CVE-2021-34514.
FIRST-EPSS: 0.000430000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2021-33771
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2021-33771. Windows Kernel Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-31979, CVE-2021-34514.
FIRST-EPSS: 0.000430000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2020-0688
DESCRIPTION: Exploit Observer has 150 entries related to CVE-2020-0688. A remote code execution vulnerability exists in Microsoft Exchange software when the software fails to properly handle objects in memory, aka 'Microsoft Exchange Memory Corruption Vulnerability'.
FIRST-EPSS: 0.972010000
NVD-IS: 5.9
NVD-ES: 2.8
CVE-2020-0688
DESCRIPTION: Exploit Observer has 150 entries related to CVE-2020-0688. A remote code execution vulnerability exists in Microsoft Exchange software when the software fails to properly handle objects in memory, aka 'Microsoft Exchange Memory Corruption Vulnerability'.
FIRST-EPSS: 0.972010000
NVD-IS: 5.9
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2017-12235
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2017-12235. A vulnerability in the implementation of the PROFINET Discovery and Configuration Protocol (PN-DCP) for Cisco IOS 12.2 through 15.6 could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to the improper parsing of ingress PN-DCP Identify Request packets destined to an affected device. An attacker could exploit this vulnerability by sending a crafted PN-DCP Identify Request packet to an affected device and then continuing to send normal PN-DCP Identify Request packets to the device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition. This vulnerability affects Cisco devices that are configured to process PROFINET messages. Beginning with Cisco IOS Software Release 12.2(52)SE, PROFINET is enabled by default on all the base switch module and expansion-unit Ethernet ports. Cisco Bug IDs: CSCuz47179.
FIRST-EPSS: 0.003030000
NVD-IS: 3.6
NVD-ES: 3.9
CVE-2017-12235
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2017-12235. A vulnerability in the implementation of the PROFINET Discovery and Configuration Protocol (PN-DCP) for Cisco IOS 12.2 through 15.6 could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to the improper parsing of ingress PN-DCP Identify Request packets destined to an affected device. An attacker could exploit this vulnerability by sending a crafted PN-DCP Identify Request packet to an affected device and then continuing to send normal PN-DCP Identify Request packets to the device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition. This vulnerability affects Cisco devices that are configured to process PROFINET messages. Beginning with Cisco IOS Software Release 12.2(52)SE, PROFINET is enabled by default on all the base switch module and expansion-unit Ethernet ports. Cisco Bug IDs: CSCuz47179.
FIRST-EPSS: 0.003030000
NVD-IS: 3.6
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2021-25369
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2021-25369. An improper access control vulnerability in sec_log file prior to SMR MAR-2021 Release 1 exposes sensitive kernel information to userspace.
FIRST-EPSS: 0.001180000
NVD-IS: 3.6
NVD-ES: 1.8
CVE-2021-25369
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2021-25369. An improper access control vulnerability in sec_log file prior to SMR MAR-2021 Release 1 exposes sensitive kernel information to userspace.
FIRST-EPSS: 0.001180000
NVD-IS: 3.6
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2022-23131
DESCRIPTION: Exploit Observer has 58 entries related to CVE-2022-23131. In the case of instances where the SAML SSO authentication is enabled (non-default), session data can be modified by a malicious actor, because a user login stored in the session was not verified. Malicious unauthenticated actor may exploit this issue to escalate privileges and gain admin access to Zabbix Frontend. To perform the attack, SAML authentication is required to be enabled and the actor has to know the username of Zabbix user (or use the guest account, which is disabled by default).
FIRST-EPSS: 0.969280000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2022-23131
DESCRIPTION: Exploit Observer has 58 entries related to CVE-2022-23131. In the case of instances where the SAML SSO authentication is enabled (non-default), session data can be modified by a malicious actor, because a user login stored in the session was not verified. Malicious unauthenticated actor may exploit this issue to escalate privileges and gain admin access to Zabbix Frontend. To perform the attack, SAML authentication is required to be enabled and the actor has to know the username of Zabbix user (or use the guest account, which is disabled by default).
FIRST-EPSS: 0.969280000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2015-2545
DESCRIPTION: Exploit Observer has 24 entries related to CVE-2015-2545. Microsoft Office 2007 SP3, 2010 SP2, 2013 SP1, and 2013 RT SP1 allows remote attackers to execute arbitrary code via a crafted EPS image, aka "Microsoft Office Malformed EPS File Vulnerability."
FIRST-EPSS: 0.972610000
NVD-IS: 10.0
NVD-ES: 8.6
CVE-2015-2545
DESCRIPTION: Exploit Observer has 24 entries related to CVE-2015-2545. Microsoft Office 2007 SP3, 2010 SP2, 2013 SP1, and 2013 RT SP1 allows remote attackers to execute arbitrary code via a crafted EPS image, aka "Microsoft Office Malformed EPS File Vulnerability."
FIRST-EPSS: 0.972610000
NVD-IS: 10.0
NVD-ES: 8.6
#ExploitObserverAlert
CVE-2021-34527
DESCRIPTION: Exploit Observer has 198 entries related to CVE-2021-34527. Windows Print Spooler Remote Code Execution Vulnerability
FIRST-EPSS: 0.967920000
NVD-IS: 5.9
NVD-ES: 2.8
CVE-2021-34527
DESCRIPTION: Exploit Observer has 198 entries related to CVE-2021-34527. Windows Print Spooler Remote Code Execution Vulnerability
FIRST-EPSS: 0.967920000
NVD-IS: 5.9
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2020-8468
DESCRIPTION: Exploit Observer has 5 entries related to CVE-2020-8468. Trend Micro Apex One (2019), OfficeScan XG and Worry-Free Business Security (9.0, 9.5, 10.0) agents are affected by a content validation escape vulnerability which could allow an attacker to manipulate certain agent client components. An attempted attack requires user authentication.
FIRST-EPSS: 0.004520000
NVD-IS: 5.9
NVD-ES: 2.8
CVE-2020-8468
DESCRIPTION: Exploit Observer has 5 entries related to CVE-2020-8468. Trend Micro Apex One (2019), OfficeScan XG and Worry-Free Business Security (9.0, 9.5, 10.0) agents are affected by a content validation escape vulnerability which could allow an attacker to manipulate certain agent client components. An attempted attack requires user authentication.
FIRST-EPSS: 0.004520000
NVD-IS: 5.9
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2021-21148
DESCRIPTION: Exploit Observer has 18 entries related to CVE-2021-21148. Heap buffer overflow in V8 in Google Chrome prior to 88.0.4324.150 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
FIRST-EPSS: 0.019330000
NVD-IS: 5.9
NVD-ES: 2.8
CVE-2021-21148
DESCRIPTION: Exploit Observer has 18 entries related to CVE-2021-21148. Heap buffer overflow in V8 in Google Chrome prior to 88.0.4324.150 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
FIRST-EPSS: 0.019330000
NVD-IS: 5.9
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2022-20703
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2022-20703. Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code Elevate privileges Execute arbitrary commands Bypass authentication and authorization protections Fetch and run unsigned software Cause denial of service (DoS) For more information about these vulnerabilities, see the Details section of this advisory.
FIRST-EPSS: 0.007340000
NVD-IS: 5.9
NVD-ES: 2.5
CVE-2022-20703
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2022-20703. Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code Elevate privileges Execute arbitrary commands Bypass authentication and authorization protections Fetch and run unsigned software Cause denial of service (DoS) For more information about these vulnerabilities, see the Details section of this advisory.
FIRST-EPSS: 0.007340000
NVD-IS: 5.9
NVD-ES: 2.5
#ExploitObserverAlert
CVE-2017-5638
DESCRIPTION: Exploit Observer has 345 entries related to CVE-2017-5638. The Jakarta Multipart parser in Apache Struts 2 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1 has incorrect exception handling and error-message generation during file-upload attempts, which allows remote attackers to execute arbitrary commands via a crafted Content-Type, Content-Disposition, or Content-Length HTTP header, as exploited in the wild in March 2017 with a Content-Type header containing a
CVE-2017-5638
DESCRIPTION: Exploit Observer has 345 entries related to CVE-2017-5638. The Jakarta Multipart parser in Apache Struts 2 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1 has incorrect exception handling and error-message generation during file-upload attempts, which allows remote attackers to execute arbitrary commands via a crafted Content-Type, Content-Disposition, or Content-Length HTTP header, as exploited in the wild in March 2017 with a Content-Type header containing a
#ExploitObserverAlert
CVE-2021-40438
DESCRIPTION: Exploit Observer has 72 entries related to CVE-2021-40438. A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remote user. This issue affects Apache HTTP Server 2.4.48 and earlier.
FIRST-EPSS: 0.971780000
NVD-IS: 6.0
NVD-ES: 2.2
CVE-2021-40438
DESCRIPTION: Exploit Observer has 72 entries related to CVE-2021-40438. A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remote user. This issue affects Apache HTTP Server 2.4.48 and earlier.
FIRST-EPSS: 0.971780000
NVD-IS: 6.0
NVD-ES: 2.2
#ExploitObserverAlert
CVE-2017-8570
DESCRIPTION: Exploit Observer has 97 entries related to CVE-2017-8570. Microsoft Office allows a remote code execution vulnerability due to the way that it handles objects in memory, aka "Microsoft Office Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-0243.
FIRST-EPSS: 0.973390000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2017-8570
DESCRIPTION: Exploit Observer has 97 entries related to CVE-2017-8570. Microsoft Office allows a remote code execution vulnerability due to the way that it handles objects in memory, aka "Microsoft Office Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-0243.
FIRST-EPSS: 0.973390000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2019-7304
DESCRIPTION: Exploit Observer has 36 entries related to CVE-2019-7304. Canonical snapd before version 2.37.1 incorrectly performed socket owner validation, allowing an attacker to run arbitrary commands as root. This issue affects: Canonical snapd versions prior to 2.37.1.
FIRST-EPSS: 0.367820000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2019-7304
DESCRIPTION: Exploit Observer has 36 entries related to CVE-2019-7304. Canonical snapd before version 2.37.1 incorrectly performed socket owner validation, allowing an attacker to run arbitrary commands as root. This issue affects: Canonical snapd versions prior to 2.37.1.
FIRST-EPSS: 0.367820000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2020-3153
DESCRIPTION: Exploit Observer has 25 entries related to CVE-2020-3153. A vulnerability in the installer component of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated local attacker to copy user-supplied files to system level directories with system level privileges. The vulnerability is due to the incorrect handling of directory paths. An attacker could exploit this vulnerability by creating a malicious file and copying the file to a system directory. An exploit could allow the attacker to copy malicious files to arbitrary locations with system level privileges. This could include DLL pre-loading, DLL hijacking, and other related attacks. To exploit this vulnerability, the attacker needs valid credentials on the Windows system.
FIRST-EPSS: 0.000830000
NVD-IS: 4.0
NVD-ES: 2.0
CVE-2020-3153
DESCRIPTION: Exploit Observer has 25 entries related to CVE-2020-3153. A vulnerability in the installer component of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated local attacker to copy user-supplied files to system level directories with system level privileges. The vulnerability is due to the incorrect handling of directory paths. An attacker could exploit this vulnerability by creating a malicious file and copying the file to a system directory. An exploit could allow the attacker to copy malicious files to arbitrary locations with system level privileges. This could include DLL pre-loading, DLL hijacking, and other related attacks. To exploit this vulnerability, the attacker needs valid credentials on the Windows system.
FIRST-EPSS: 0.000830000
NVD-IS: 4.0
NVD-ES: 2.0