#ExploitObserverAlert
CVE-2015-2545
DESCRIPTION: Exploit Observer has 24 entries related to CVE-2015-2545. Microsoft Office 2007 SP3, 2010 SP2, 2013 SP1, and 2013 RT SP1 allows remote attackers to execute arbitrary code via a crafted EPS image, aka "Microsoft Office Malformed EPS File Vulnerability."
FIRST-EPSS: 0.972610000
NVD-IS: 10.0
NVD-ES: 8.6
CVE-2015-2545
DESCRIPTION: Exploit Observer has 24 entries related to CVE-2015-2545. Microsoft Office 2007 SP3, 2010 SP2, 2013 SP1, and 2013 RT SP1 allows remote attackers to execute arbitrary code via a crafted EPS image, aka "Microsoft Office Malformed EPS File Vulnerability."
FIRST-EPSS: 0.972610000
NVD-IS: 10.0
NVD-ES: 8.6
#ExploitObserverAlert
CVE-2021-34527
DESCRIPTION: Exploit Observer has 198 entries related to CVE-2021-34527. Windows Print Spooler Remote Code Execution Vulnerability
FIRST-EPSS: 0.967920000
NVD-IS: 5.9
NVD-ES: 2.8
CVE-2021-34527
DESCRIPTION: Exploit Observer has 198 entries related to CVE-2021-34527. Windows Print Spooler Remote Code Execution Vulnerability
FIRST-EPSS: 0.967920000
NVD-IS: 5.9
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2020-8468
DESCRIPTION: Exploit Observer has 5 entries related to CVE-2020-8468. Trend Micro Apex One (2019), OfficeScan XG and Worry-Free Business Security (9.0, 9.5, 10.0) agents are affected by a content validation escape vulnerability which could allow an attacker to manipulate certain agent client components. An attempted attack requires user authentication.
FIRST-EPSS: 0.004520000
NVD-IS: 5.9
NVD-ES: 2.8
CVE-2020-8468
DESCRIPTION: Exploit Observer has 5 entries related to CVE-2020-8468. Trend Micro Apex One (2019), OfficeScan XG and Worry-Free Business Security (9.0, 9.5, 10.0) agents are affected by a content validation escape vulnerability which could allow an attacker to manipulate certain agent client components. An attempted attack requires user authentication.
FIRST-EPSS: 0.004520000
NVD-IS: 5.9
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2021-21148
DESCRIPTION: Exploit Observer has 18 entries related to CVE-2021-21148. Heap buffer overflow in V8 in Google Chrome prior to 88.0.4324.150 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
FIRST-EPSS: 0.019330000
NVD-IS: 5.9
NVD-ES: 2.8
CVE-2021-21148
DESCRIPTION: Exploit Observer has 18 entries related to CVE-2021-21148. Heap buffer overflow in V8 in Google Chrome prior to 88.0.4324.150 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
FIRST-EPSS: 0.019330000
NVD-IS: 5.9
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2022-20703
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2022-20703. Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code Elevate privileges Execute arbitrary commands Bypass authentication and authorization protections Fetch and run unsigned software Cause denial of service (DoS) For more information about these vulnerabilities, see the Details section of this advisory.
FIRST-EPSS: 0.007340000
NVD-IS: 5.9
NVD-ES: 2.5
CVE-2022-20703
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2022-20703. Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code Elevate privileges Execute arbitrary commands Bypass authentication and authorization protections Fetch and run unsigned software Cause denial of service (DoS) For more information about these vulnerabilities, see the Details section of this advisory.
FIRST-EPSS: 0.007340000
NVD-IS: 5.9
NVD-ES: 2.5
#ExploitObserverAlert
CVE-2017-5638
DESCRIPTION: Exploit Observer has 345 entries related to CVE-2017-5638. The Jakarta Multipart parser in Apache Struts 2 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1 has incorrect exception handling and error-message generation during file-upload attempts, which allows remote attackers to execute arbitrary commands via a crafted Content-Type, Content-Disposition, or Content-Length HTTP header, as exploited in the wild in March 2017 with a Content-Type header containing a
CVE-2017-5638
DESCRIPTION: Exploit Observer has 345 entries related to CVE-2017-5638. The Jakarta Multipart parser in Apache Struts 2 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1 has incorrect exception handling and error-message generation during file-upload attempts, which allows remote attackers to execute arbitrary commands via a crafted Content-Type, Content-Disposition, or Content-Length HTTP header, as exploited in the wild in March 2017 with a Content-Type header containing a
#ExploitObserverAlert
CVE-2021-40438
DESCRIPTION: Exploit Observer has 72 entries related to CVE-2021-40438. A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remote user. This issue affects Apache HTTP Server 2.4.48 and earlier.
FIRST-EPSS: 0.971780000
NVD-IS: 6.0
NVD-ES: 2.2
CVE-2021-40438
DESCRIPTION: Exploit Observer has 72 entries related to CVE-2021-40438. A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remote user. This issue affects Apache HTTP Server 2.4.48 and earlier.
FIRST-EPSS: 0.971780000
NVD-IS: 6.0
NVD-ES: 2.2
#ExploitObserverAlert
CVE-2017-8570
DESCRIPTION: Exploit Observer has 97 entries related to CVE-2017-8570. Microsoft Office allows a remote code execution vulnerability due to the way that it handles objects in memory, aka "Microsoft Office Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-0243.
FIRST-EPSS: 0.973390000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2017-8570
DESCRIPTION: Exploit Observer has 97 entries related to CVE-2017-8570. Microsoft Office allows a remote code execution vulnerability due to the way that it handles objects in memory, aka "Microsoft Office Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-0243.
FIRST-EPSS: 0.973390000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2019-7304
DESCRIPTION: Exploit Observer has 36 entries related to CVE-2019-7304. Canonical snapd before version 2.37.1 incorrectly performed socket owner validation, allowing an attacker to run arbitrary commands as root. This issue affects: Canonical snapd versions prior to 2.37.1.
FIRST-EPSS: 0.367820000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2019-7304
DESCRIPTION: Exploit Observer has 36 entries related to CVE-2019-7304. Canonical snapd before version 2.37.1 incorrectly performed socket owner validation, allowing an attacker to run arbitrary commands as root. This issue affects: Canonical snapd versions prior to 2.37.1.
FIRST-EPSS: 0.367820000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2020-3153
DESCRIPTION: Exploit Observer has 25 entries related to CVE-2020-3153. A vulnerability in the installer component of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated local attacker to copy user-supplied files to system level directories with system level privileges. The vulnerability is due to the incorrect handling of directory paths. An attacker could exploit this vulnerability by creating a malicious file and copying the file to a system directory. An exploit could allow the attacker to copy malicious files to arbitrary locations with system level privileges. This could include DLL pre-loading, DLL hijacking, and other related attacks. To exploit this vulnerability, the attacker needs valid credentials on the Windows system.
FIRST-EPSS: 0.000830000
NVD-IS: 4.0
NVD-ES: 2.0
CVE-2020-3153
DESCRIPTION: Exploit Observer has 25 entries related to CVE-2020-3153. A vulnerability in the installer component of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated local attacker to copy user-supplied files to system level directories with system level privileges. The vulnerability is due to the incorrect handling of directory paths. An attacker could exploit this vulnerability by creating a malicious file and copying the file to a system directory. An exploit could allow the attacker to copy malicious files to arbitrary locations with system level privileges. This could include DLL pre-loading, DLL hijacking, and other related attacks. To exploit this vulnerability, the attacker needs valid credentials on the Windows system.
FIRST-EPSS: 0.000830000
NVD-IS: 4.0
NVD-ES: 2.0
#ExploitObserverAlert
CVE-2021-21224
DESCRIPTION: Exploit Observer has 20 entries related to CVE-2021-21224. Type confusion in V8 in Google Chrome prior to 90.0.4430.85 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.
FIRST-EPSS: 0.736520000
NVD-IS: 5.9
NVD-ES: 2.8
CVE-2021-21224
DESCRIPTION: Exploit Observer has 20 entries related to CVE-2021-21224. Type confusion in V8 in Google Chrome prior to 90.0.4430.85 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.
FIRST-EPSS: 0.736520000
NVD-IS: 5.9
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2021-22893
DESCRIPTION: Exploit Observer has 21 entries related to CVE-2021-22893. Pulse Connect Secure 9.0R3/9.1R1 and higher is vulnerable to an authentication bypass vulnerability exposed by the Windows File Share Browser and Pulse Secure Collaboration features of Pulse Connect Secure that can allow an unauthenticated user to perform remote arbitrary code execution on the Pulse Connect Secure gateway. This vulnerability has been exploited in the wild.
FIRST-EPSS: 0.967980000
NVD-IS: 6.0
NVD-ES: 3.9
CVE-2021-22893
DESCRIPTION: Exploit Observer has 21 entries related to CVE-2021-22893. Pulse Connect Secure 9.0R3/9.1R1 and higher is vulnerable to an authentication bypass vulnerability exposed by the Windows File Share Browser and Pulse Secure Collaboration features of Pulse Connect Secure that can allow an unauthenticated user to perform remote arbitrary code execution on the Pulse Connect Secure gateway. This vulnerability has been exploited in the wild.
FIRST-EPSS: 0.967980000
NVD-IS: 6.0
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2017-1000486
DESCRIPTION: Exploit Observer has 17 entries related to CVE-2017-1000486. Primetek Primefaces 5.x is vulnerable to a weak encryption flaw resulting in remote code execution
FIRST-EPSS: 0.968470000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2017-1000486
DESCRIPTION: Exploit Observer has 17 entries related to CVE-2017-1000486. Primetek Primefaces 5.x is vulnerable to a weak encryption flaw resulting in remote code execution
FIRST-EPSS: 0.968470000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2019-15949
DESCRIPTION: Exploit Observer has 15 entries related to CVE-2019-15949. Nagios XI before 5.6.6 allows remote command execution as root. The exploit requires access to the server as the nagios user, or access as the admin user via the web interface. The getprofile.sh script, invoked by downloading a system profile (profile.php?cmd=download), is executed as root via a passwordless sudo entry; the script executes check_plugin, which is owned by the nagios user. A user logged into Nagios XI with permissions to modify plugins, or the nagios user on the server, can modify the check_plugin executable and insert malicious commands to execute as root.
FIRST-EPSS: 0.519440000
NVD-IS: 5.9
NVD-ES: 2.8
CVE-2019-15949
DESCRIPTION: Exploit Observer has 15 entries related to CVE-2019-15949. Nagios XI before 5.6.6 allows remote command execution as root. The exploit requires access to the server as the nagios user, or access as the admin user via the web interface. The getprofile.sh script, invoked by downloading a system profile (profile.php?cmd=download), is executed as root via a passwordless sudo entry; the script executes check_plugin, which is owned by the nagios user. A user logged into Nagios XI with permissions to modify plugins, or the nagios user on the server, can modify the check_plugin executable and insert malicious commands to execute as root.
FIRST-EPSS: 0.519440000
NVD-IS: 5.9
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2015-2051
DESCRIPTION: Exploit Observer has 11 entries related to CVE-2015-2051. The D-Link DIR-645 Wired/Wireless Router Rev. Ax with firmware 1.04b12 and earlier allows remote attackers to execute arbitrary commands via a GetDeviceSettings action to the HNAP interface.
FIRST-EPSS: 0.971600000
NVD-IS: 10.0
NVD-ES: 10.0
CVE-2015-2051
DESCRIPTION: Exploit Observer has 11 entries related to CVE-2015-2051. The D-Link DIR-645 Wired/Wireless Router Rev. Ax with firmware 1.04b12 and earlier allows remote attackers to execute arbitrary commands via a GetDeviceSettings action to the HNAP interface.
FIRST-EPSS: 0.971600000
NVD-IS: 10.0
NVD-ES: 10.0
#ExploitObserverAlert
CVE-2021-41357
DESCRIPTION: Exploit Observer has 6 entries related to CVE-2021-41357. Win32k Elevation of Privilege Vulnerability
FIRST-EPSS: 0.005580000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2021-41357
DESCRIPTION: Exploit Observer has 6 entries related to CVE-2021-41357. Win32k Elevation of Privilege Vulnerability
FIRST-EPSS: 0.005580000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2023-41993
DESCRIPTION: Exploit Observer has 13 entries related to CVE-2023-41993. The issue was addressed with improved checks. This issue is fixed in Safari 17, iOS 16.7 and iPadOS 16.7, macOS Sonoma 14. Processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.7.
FIRST-EPSS: 0.006170000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2023-41993
DESCRIPTION: Exploit Observer has 13 entries related to CVE-2023-41993. The issue was addressed with improved checks. This issue is fixed in Safari 17, iOS 16.7 and iPadOS 16.7, macOS Sonoma 14. Processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.7.
FIRST-EPSS: 0.006170000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2016-3298
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2016-3298. Microsoft Internet Explorer 9 through 11 and the Internet Messaging API in Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allow remote attackers to determine the existence of arbitrary files via a crafted web site, aka "Internet Explorer Information Disclosure Vulnerability."
FIRST-EPSS: 0.958730000
NVD-IS: 3.6
NVD-ES: 1.6
CVE-2016-3298
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2016-3298. Microsoft Internet Explorer 9 through 11 and the Internet Messaging API in Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allow remote attackers to determine the existence of arbitrary files via a crafted web site, aka "Internet Explorer Information Disclosure Vulnerability."
FIRST-EPSS: 0.958730000
NVD-IS: 3.6
NVD-ES: 1.6
#ExploitObserverAlert
CVE-2021-21985
DESCRIPTION: Exploit Observer has 63 entries related to CVE-2021-21985. The vSphere Client (HTML5) contains a remote code execution vulnerability due to lack of input validation in the Virtual SAN Health Check plug-in which is enabled by default in vCenter Server. A malicious actor with network access to port 443 may exploit this issue to execute commands with unrestricted privileges on the underlying operating system that hosts vCenter Server.
FIRST-EPSS: 0.973100000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2021-21985
DESCRIPTION: Exploit Observer has 63 entries related to CVE-2021-21985. The vSphere Client (HTML5) contains a remote code execution vulnerability due to lack of input validation in the Virtual SAN Health Check plug-in which is enabled by default in vCenter Server. A malicious actor with network access to port 443 may exploit this issue to execute commands with unrestricted privileges on the underlying operating system that hosts vCenter Server.
FIRST-EPSS: 0.973100000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2023-32409
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2023-32409. The issue was addressed with improved bounds checks. This issue is fixed in watchOS 9.5, tvOS 16.5, macOS Ventura 13.4, iOS 15.7.8 and iPadOS 15.7.8, Safari 16.5, iOS 16.5 and iPadOS 16.5. A remote attacker may be able to break out of Web Content sandbox. Apple is aware of a report that this issue may have been actively exploited.
FIRST-EPSS: 0.008510000
NVD-IS: 4.0
NVD-ES: 3.9
CVE-2023-32409
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2023-32409. The issue was addressed with improved bounds checks. This issue is fixed in watchOS 9.5, tvOS 16.5, macOS Ventura 13.4, iOS 15.7.8 and iPadOS 15.7.8, Safari 16.5, iOS 16.5 and iPadOS 16.5. A remote attacker may be able to break out of Web Content sandbox. Apple is aware of a report that this issue may have been actively exploited.
FIRST-EPSS: 0.008510000
NVD-IS: 4.0
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2018-15811
DESCRIPTION: Exploit Observer has 7 entries related to CVE-2018-15811. DNN (aka DotNetNuke) 9.2 through 9.2.1 uses a weak encryption algorithm to protect input parameters.
FIRST-EPSS: 0.043250000
NVD-IS: 3.6
NVD-ES: 3.9
CVE-2018-15811
DESCRIPTION: Exploit Observer has 7 entries related to CVE-2018-15811. DNN (aka DotNetNuke) 9.2 through 9.2.1 uses a weak encryption algorithm to protect input parameters.
FIRST-EPSS: 0.043250000
NVD-IS: 3.6
NVD-ES: 3.9