#ExploitObserverAlert
CVE-2018-19320
DESCRIPTION: Exploit Observer has 21 entries related to CVE-2018-19320. The GDrv low-level driver in GIGABYTE APP Center v1.05.21 and earlier, AORUS GRAPHICS ENGINE before 1.57, XTREME GAMING ENGINE before 1.26, and OC GURU II v2.08 exposes ring0 memcpy-like functionality that could allow a local attacker to take complete control of the affected system.
FIRST-EPSS: 0.001850000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2018-19320
DESCRIPTION: Exploit Observer has 21 entries related to CVE-2018-19320. The GDrv low-level driver in GIGABYTE APP Center v1.05.21 and earlier, AORUS GRAPHICS ENGINE before 1.57, XTREME GAMING ENGINE before 1.26, and OC GURU II v2.08 exposes ring0 memcpy-like functionality that could allow a local attacker to take complete control of the affected system.
FIRST-EPSS: 0.001850000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2016-7255
DESCRIPTION: Exploit Observer has 78 entries related to CVE-2016-7255. The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allow local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability."
FIRST-EPSS: 0.011530000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2016-7255
DESCRIPTION: Exploit Observer has 78 entries related to CVE-2016-7255. The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allow local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability."
FIRST-EPSS: 0.011530000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2015-5122
DESCRIPTION: Exploit Observer has 35 entries related to CVE-2015-5122. Use-after-free vulnerability in the DisplayObject class in the ActionScript 3 (AS3) implementation in Adobe Flash Player 13.x through 13.0.0.302 on Windows and OS X, 14.x through 18.0.0.203 on Windows and OS X, 11.x through 11.2.202.481 on Linux, and 12.x through 18.0.0.204 on Linux Chrome installations allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted Flash content that leverages improper handling of the opaqueBackground property, as exploited in the wild in July 2015.
FIRST-EPSS: 0.973610000
NVD-IS: 10.0
NVD-ES: 10.0
CVE-2015-5122
DESCRIPTION: Exploit Observer has 35 entries related to CVE-2015-5122. Use-after-free vulnerability in the DisplayObject class in the ActionScript 3 (AS3) implementation in Adobe Flash Player 13.x through 13.0.0.302 on Windows and OS X, 14.x through 18.0.0.203 on Windows and OS X, 11.x through 11.2.202.481 on Linux, and 12.x through 18.0.0.204 on Linux Chrome installations allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted Flash content that leverages improper handling of the opaqueBackground property, as exploited in the wild in July 2015.
FIRST-EPSS: 0.973610000
NVD-IS: 10.0
NVD-ES: 10.0
#ExploitObserverAlert
CVE-2016-0752
DESCRIPTION: Exploit Observer has 28 entries related to CVE-2016-0752. Directory traversal vulnerability in Action View in Ruby on Rails before 3.2.22.1, 4.0.x and 4.1.x before 4.1.14.1, 4.2.x before 4.2.5.1, and 5.x before 5.0.0.beta1.1 allows remote attackers to read arbitrary files by leveraging an application's unrestricted use of the render method and providing a .. (dot dot) in a pathname.
FIRST-EPSS: 0.973610000
NVD-IS: 3.6
NVD-ES: 3.9
CVE-2016-0752
DESCRIPTION: Exploit Observer has 28 entries related to CVE-2016-0752. Directory traversal vulnerability in Action View in Ruby on Rails before 3.2.22.1, 4.0.x and 4.1.x before 4.1.14.1, 4.2.x before 4.2.5.1, and 5.x before 5.0.0.beta1.1 allows remote attackers to read arbitrary files by leveraging an application's unrestricted use of the render method and providing a .. (dot dot) in a pathname.
FIRST-EPSS: 0.973610000
NVD-IS: 3.6
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2015-1130
DESCRIPTION: Exploit Observer has 15 entries related to CVE-2015-1130. The XPC implementation in Admin Framework in Apple OS X before 10.10.3 allows local users to bypass authentication and obtain admin privileges via unspecified vectors.
FIRST-EPSS: 0.000470000
NVD-IS: 10.0
NVD-ES: 3.9
CVE-2015-1130
DESCRIPTION: Exploit Observer has 15 entries related to CVE-2015-1130. The XPC implementation in Admin Framework in Apple OS X before 10.10.3 allows local users to bypass authentication and obtain admin privileges via unspecified vectors.
FIRST-EPSS: 0.000470000
NVD-IS: 10.0
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2018-11776
DESCRIPTION: Exploit Observer has 175 entries related to CVE-2018-11776. Apache Struts versions 2.3 to 2.3.34 and 2.5 to 2.5.16 suffer from possible Remote Code Execution when alwaysSelectFullNamespace is true (either by user or a plugin like Convention Plugin) and then: results are used with no namespace and in same time, its upper package have no or wildcard namespace and similar to results, same possibility when using url tag which doesn't have value and action set and in same time, its upper package have no or wildcard namespace.
FIRST-EPSS: 0.975500000
NVD-IS: 5.9
NVD-ES: 2.2
CVE-2018-11776
DESCRIPTION: Exploit Observer has 175 entries related to CVE-2018-11776. Apache Struts versions 2.3 to 2.3.34 and 2.5 to 2.5.16 suffer from possible Remote Code Execution when alwaysSelectFullNamespace is true (either by user or a plugin like Convention Plugin) and then: results are used with no namespace and in same time, its upper package have no or wildcard namespace and similar to results, same possibility when using url tag which doesn't have value and action set and in same time, its upper package have no or wildcard namespace.
FIRST-EPSS: 0.975500000
NVD-IS: 5.9
NVD-ES: 2.2
#ExploitObserverAlert
CVE-2017-8464
DESCRIPTION: Exploit Observer has 112 entries related to CVE-2017-8464. Windows Shell in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows local users or remote attackers to execute arbitrary code via a crafted .LNK file, which is not properly handled during icon display in Windows Explorer or any other application that parses the icon of the shortcut. aka "LNK Remote Code Execution Vulnerability."
FIRST-EPSS: 0.974560000
NVD-IS: 5.9
NVD-ES: 2.8
CVE-2017-8464
DESCRIPTION: Exploit Observer has 112 entries related to CVE-2017-8464. Windows Shell in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows local users or remote attackers to execute arbitrary code via a crafted .LNK file, which is not properly handled during icon display in Windows Explorer or any other application that parses the icon of the shortcut. aka "LNK Remote Code Execution Vulnerability."
FIRST-EPSS: 0.974560000
NVD-IS: 5.9
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2018-0171
DESCRIPTION: Exploit Observer has 16 entries related to CVE-2018-0171. A vulnerability in the Smart Install feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition, or to execute arbitrary code on an affected device. The vulnerability is due to improper validation of packet data. An attacker could exploit this vulnerability by sending a crafted Smart Install message to an affected device on TCP port 4786. A successful exploit could allow the attacker to cause a buffer overflow on the affected device, which could have the following impacts: Triggering a reload of the device, Allowing the attacker to execute arbitrary code on the device, Causing an indefinite loop on the affected device that triggers a watchdog crash. Cisco Bug IDs: CSCvg76186.
FIRST-EPSS: 0.816680000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2018-0171
DESCRIPTION: Exploit Observer has 16 entries related to CVE-2018-0171. A vulnerability in the Smart Install feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition, or to execute arbitrary code on an affected device. The vulnerability is due to improper validation of packet data. An attacker could exploit this vulnerability by sending a crafted Smart Install message to an affected device on TCP port 4786. A successful exploit could allow the attacker to cause a buffer overflow on the affected device, which could have the following impacts: Triggering a reload of the device, Allowing the attacker to execute arbitrary code on the device, Causing an indefinite loop on the affected device that triggers a watchdog crash. Cisco Bug IDs: CSCvg76186.
FIRST-EPSS: 0.816680000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2021-30858
DESCRIPTION: Exploit Observer has 29 entries related to CVE-2021-30858. A use after free issue was addressed with improved memory management. This issue is fixed in iOS 14.8 and iPadOS 14.8, macOS Big Sur 11.6. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.
FIRST-EPSS: 0.007920000
NVD-IS: 5.9
NVD-ES: 2.8
CVE-2021-30858
DESCRIPTION: Exploit Observer has 29 entries related to CVE-2021-30858. A use after free issue was addressed with improved memory management. This issue is fixed in iOS 14.8 and iPadOS 14.8, macOS Big Sur 11.6. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.
FIRST-EPSS: 0.007920000
NVD-IS: 5.9
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2018-19943
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2018-19943. If exploited, this cross-site scripting vulnerability could allow remote attackers to inject malicious code. QNAP has already fixed these issues in the following QTS versions. QTS 4.4.2.1270 build 20200410 and later QTS 4.4.1.1261 build 20200330 and later QTS 4.3.6.1263 build 20200330 and later QTS 4.3.4.1282 build 20200408 and later QTS 4.3.3.1252 build 20200409 and later QTS 4.2.6 build 20200421 and later
FIRST-EPSS: 0.001760000
NVD-IS: 2.7
NVD-ES: 2.3
CVE-2018-19943
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2018-19943. If exploited, this cross-site scripting vulnerability could allow remote attackers to inject malicious code. QNAP has already fixed these issues in the following QTS versions. QTS 4.4.2.1270 build 20200410 and later QTS 4.4.1.1261 build 20200330 and later QTS 4.3.6.1263 build 20200330 and later QTS 4.3.4.1282 build 20200408 and later QTS 4.3.3.1252 build 20200409 and later QTS 4.2.6 build 20200421 and later
FIRST-EPSS: 0.001760000
NVD-IS: 2.7
NVD-ES: 2.3
#ExploitObserverAlert
CVE-2021-21220
DESCRIPTION: Exploit Observer has 15 entries related to CVE-2021-21220. Insufficient validation of untrusted input in V8 in Google Chrome prior to 89.0.4389.128 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
FIRST-EPSS: 0.969930000
NVD-IS: 5.9
NVD-ES: 2.8
CVE-2021-21220
DESCRIPTION: Exploit Observer has 15 entries related to CVE-2021-21220. Insufficient validation of untrusted input in V8 in Google Chrome prior to 89.0.4389.128 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
FIRST-EPSS: 0.969930000
NVD-IS: 5.9
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2022-26352
DESCRIPTION: Exploit Observer has 13 entries related to CVE-2022-26352. An issue was discovered in the ContentResource API in dotCMS 3.0 through 22.02. Attackers can craft a multipart form request to post a file whose filename is not initially sanitized. This allows directory traversal, in which the file is saved outside of the intended storage location. If anonymous content creation is enabled, this allows an unauthenticated attacker to upload an executable file, such as a .jsp file, that can lead to remote code execution.
FIRST-EPSS: 0.974840000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2022-26352
DESCRIPTION: Exploit Observer has 13 entries related to CVE-2022-26352. An issue was discovered in the ContentResource API in dotCMS 3.0 through 22.02. Attackers can craft a multipart form request to post a file whose filename is not initially sanitized. This allows directory traversal, in which the file is saved outside of the intended storage location. If anonymous content creation is enabled, this allows an unauthenticated attacker to upload an executable file, such as a .jsp file, that can lead to remote code execution.
FIRST-EPSS: 0.974840000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2018-8581
DESCRIPTION: Exploit Observer has 60 entries related to CVE-2018-8581. An elevation of privilege vulnerability exists in Microsoft Exchange Server, aka "Microsoft Exchange Server Elevation of Privilege Vulnerability." This affects Microsoft Exchange Server.
FIRST-EPSS: 0.038350000
NVD-IS: 5.2
NVD-ES: 2.2
CVE-2018-8581
DESCRIPTION: Exploit Observer has 60 entries related to CVE-2018-8581. An elevation of privilege vulnerability exists in Microsoft Exchange Server, aka "Microsoft Exchange Server Elevation of Privilege Vulnerability." This affects Microsoft Exchange Server.
FIRST-EPSS: 0.038350000
NVD-IS: 5.2
NVD-ES: 2.2
#ExploitObserverAlert
CVE-2023-41991
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2023-41991. A certificate validation issue was addressed. This issue is fixed in macOS Ventura 13.6, iOS 16.7 and iPadOS 16.7. A malicious app may be able to bypass signature validation. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.7.
FIRST-EPSS: 0.007460000
NVD-IS: 3.6
NVD-ES: 1.8
CVE-2023-41991
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2023-41991. A certificate validation issue was addressed. This issue is fixed in macOS Ventura 13.6, iOS 16.7 and iPadOS 16.7. A malicious app may be able to bypass signature validation. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.7.
FIRST-EPSS: 0.007460000
NVD-IS: 3.6
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2021-39793
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2021-39793. In kbase_jd_user_buf_pin_pages of mali_kbase_mem.c, there is a possible out of bounds write due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-210470189References: N/A
FIRST-EPSS: 0.000670000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2021-39793
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2021-39793. In kbase_jd_user_buf_pin_pages of mali_kbase_mem.c, there is a possible out of bounds write due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-210470189References: N/A
FIRST-EPSS: 0.000670000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2018-0798
DESCRIPTION: Exploit Observer has 9 entries related to CVE-2018-0798. Equation Editor in Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Office Memory Corruption Vulnerability".
FIRST-EPSS: 0.938570000
NVD-IS: 5.9
NVD-ES: 2.8
CVE-2018-0798
DESCRIPTION: Exploit Observer has 9 entries related to CVE-2018-0798. Equation Editor in Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Office Memory Corruption Vulnerability".
FIRST-EPSS: 0.938570000
NVD-IS: 5.9
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2017-0143
DESCRIPTION: Exploit Observer has 160 entries related to CVE-2017-0143. The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to execute arbitrary code via crafted packets, aka "Windows SMB Remote Code Execution Vulnerability." This vulnerability is different from those described in CVE-2017-0144, CVE-2017-0145, CVE-2017-0146, and CVE-2017-0148.
FIRST-EPSS: 0.973010000
NVD-IS: 5.9
NVD-ES: 2.2
CVE-2017-0143
DESCRIPTION: Exploit Observer has 160 entries related to CVE-2017-0143. The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to execute arbitrary code via crafted packets, aka "Windows SMB Remote Code Execution Vulnerability." This vulnerability is different from those described in CVE-2017-0144, CVE-2017-0145, CVE-2017-0146, and CVE-2017-0148.
FIRST-EPSS: 0.973010000
NVD-IS: 5.9
NVD-ES: 2.2
#ExploitObserverAlert
CVE-2018-2628
DESCRIPTION: Exploit Observer has 114 entries related to CVE-2018-2628. Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS Core Components). Supported versions that are affected are 10.3.6.0, 12.1.3.0, 12.2.1.2 and 12.2.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.0 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).
FIRST-EPSS: 0.975090000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2018-2628
DESCRIPTION: Exploit Observer has 114 entries related to CVE-2018-2628. Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS Core Components). Supported versions that are affected are 10.3.6.0, 12.1.3.0, 12.2.1.2 and 12.2.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.0 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).
FIRST-EPSS: 0.975090000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2022-41033
DESCRIPTION: Exploit Observer has 5 entries related to CVE-2022-41033. Windows COM Event System Service Elevation of Privilege Vulnerability.
FIRST-EPSS: 0.000430000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2022-41033
DESCRIPTION: Exploit Observer has 5 entries related to CVE-2022-41033. Windows COM Event System Service Elevation of Privilege Vulnerability.
FIRST-EPSS: 0.000430000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2021-27877
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2021-27877. An issue was discovered in Veritas Backup Exec before 21.2. It supports multiple authentication schemes: SHA authentication is one of these. This authentication scheme is no longer used in current versions of the product, but hadn't yet been disabled. An attacker could remotely exploit this scheme to gain unauthorized access to an Agent and execute privileged commands.
FIRST-EPSS: 0.631890000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2021-27877
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2021-27877. An issue was discovered in Veritas Backup Exec before 21.2. It supports multiple authentication schemes: SHA authentication is one of these. This authentication scheme is no longer used in current versions of the product, but hadn't yet been disabled. An attacker could remotely exploit this scheme to gain unauthorized access to an Agent and execute privileged commands.
FIRST-EPSS: 0.631890000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2021-1871
DESCRIPTION: Exploit Observer has 5 entries related to CVE-2021-1871. A logic issue was addressed with improved restrictions. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, iOS 14.4 and iPadOS 14.4. A remote attacker may be able to cause arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited..
FIRST-EPSS: 0.007260000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2021-1871
DESCRIPTION: Exploit Observer has 5 entries related to CVE-2021-1871. A logic issue was addressed with improved restrictions. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, iOS 14.4 and iPadOS 14.4. A remote attacker may be able to cause arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited..
FIRST-EPSS: 0.007260000
NVD-IS: 5.9
NVD-ES: 3.9