#ExploitObserverAlert
CVE-2017-0143
DESCRIPTION: Exploit Observer has 160 entries related to CVE-2017-0143. The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to execute arbitrary code via crafted packets, aka "Windows SMB Remote Code Execution Vulnerability." This vulnerability is different from those described in CVE-2017-0144, CVE-2017-0145, CVE-2017-0146, and CVE-2017-0148.
FIRST-EPSS: 0.973010000
NVD-IS: 5.9
NVD-ES: 2.2
CVE-2017-0143
DESCRIPTION: Exploit Observer has 160 entries related to CVE-2017-0143. The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to execute arbitrary code via crafted packets, aka "Windows SMB Remote Code Execution Vulnerability." This vulnerability is different from those described in CVE-2017-0144, CVE-2017-0145, CVE-2017-0146, and CVE-2017-0148.
FIRST-EPSS: 0.973010000
NVD-IS: 5.9
NVD-ES: 2.2
#ExploitObserverAlert
CVE-2018-2628
DESCRIPTION: Exploit Observer has 114 entries related to CVE-2018-2628. Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS Core Components). Supported versions that are affected are 10.3.6.0, 12.1.3.0, 12.2.1.2 and 12.2.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.0 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).
FIRST-EPSS: 0.975090000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2018-2628
DESCRIPTION: Exploit Observer has 114 entries related to CVE-2018-2628. Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS Core Components). Supported versions that are affected are 10.3.6.0, 12.1.3.0, 12.2.1.2 and 12.2.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.0 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).
FIRST-EPSS: 0.975090000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2022-41033
DESCRIPTION: Exploit Observer has 5 entries related to CVE-2022-41033. Windows COM Event System Service Elevation of Privilege Vulnerability.
FIRST-EPSS: 0.000430000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2022-41033
DESCRIPTION: Exploit Observer has 5 entries related to CVE-2022-41033. Windows COM Event System Service Elevation of Privilege Vulnerability.
FIRST-EPSS: 0.000430000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2021-27877
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2021-27877. An issue was discovered in Veritas Backup Exec before 21.2. It supports multiple authentication schemes: SHA authentication is one of these. This authentication scheme is no longer used in current versions of the product, but hadn't yet been disabled. An attacker could remotely exploit this scheme to gain unauthorized access to an Agent and execute privileged commands.
FIRST-EPSS: 0.631890000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2021-27877
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2021-27877. An issue was discovered in Veritas Backup Exec before 21.2. It supports multiple authentication schemes: SHA authentication is one of these. This authentication scheme is no longer used in current versions of the product, but hadn't yet been disabled. An attacker could remotely exploit this scheme to gain unauthorized access to an Agent and execute privileged commands.
FIRST-EPSS: 0.631890000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2021-1871
DESCRIPTION: Exploit Observer has 5 entries related to CVE-2021-1871. A logic issue was addressed with improved restrictions. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, iOS 14.4 and iPadOS 14.4. A remote attacker may be able to cause arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited..
FIRST-EPSS: 0.007260000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2021-1871
DESCRIPTION: Exploit Observer has 5 entries related to CVE-2021-1871. A logic issue was addressed with improved restrictions. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, iOS 14.4 and iPadOS 14.4. A remote attacker may be able to cause arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited..
FIRST-EPSS: 0.007260000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2013-2597
DESCRIPTION: Exploit Observer has 5 entries related to CVE-2013-2597. Stack-based buffer overflow in the acdb_ioctl function in audio_acdb.c in the acdb audio driver for the Linux kernel 2.6.x and 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to gain privileges via an application that leverages /dev/msm_acdb access and provides a large size value in an ioctl argument.
FIRST-EPSS: 0.001570000
NVD-IS: 10.0
NVD-ES: 3.9
CVE-2013-2597
DESCRIPTION: Exploit Observer has 5 entries related to CVE-2013-2597. Stack-based buffer overflow in the acdb_ioctl function in audio_acdb.c in the acdb audio driver for the Linux kernel 2.6.x and 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to gain privileges via an application that leverages /dev/msm_acdb access and provides a large size value in an ioctl argument.
FIRST-EPSS: 0.001570000
NVD-IS: 10.0
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2019-10758
DESCRIPTION: Exploit Observer has 32 entries related to CVE-2019-10758. mongo-express before 0.54.0 is vulnerable to Remote Code Execution via endpoints that uses the `toBSON` method. A misuse of the `vm` dependency to perform `exec` commands in a non-safe environment.
FIRST-EPSS: 0.974290000
NVD-IS: 6.0
NVD-ES: 3.1
CVE-2019-10758
DESCRIPTION: Exploit Observer has 32 entries related to CVE-2019-10758. mongo-express before 0.54.0 is vulnerable to Remote Code Execution via endpoints that uses the `toBSON` method. A misuse of the `vm` dependency to perform `exec` commands in a non-safe environment.
FIRST-EPSS: 0.974290000
NVD-IS: 6.0
NVD-ES: 3.1
#ExploitObserverAlert
CVE-2022-27924
DESCRIPTION: Exploit Observer has 6 entries related to CVE-2022-27924. Zimbra Collaboration (aka ZCS) 8.8.15 and 9.0 allows an unauthenticated attacker to inject arbitrary memcache commands into a targeted instance. These memcache commands becomes unescaped, causing an overwrite of arbitrary cached entries.
FIRST-EPSS: 0.096650000
NVD-IS: 3.6
NVD-ES: 3.9
CVE-2022-27924
DESCRIPTION: Exploit Observer has 6 entries related to CVE-2022-27924. Zimbra Collaboration (aka ZCS) 8.8.15 and 9.0 allows an unauthenticated attacker to inject arbitrary memcache commands into a targeted instance. These memcache commands becomes unescaped, causing an overwrite of arbitrary cached entries.
FIRST-EPSS: 0.096650000
NVD-IS: 3.6
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2012-0518
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2012-0518. Unspecified vulnerability in the Oracle Application Server Single Sign-On component in Oracle Fusion Middleware 10.1.4.3.0 allows remote attackers to affect integrity via unknown vectors related to Redirects, a different vulnerability than CVE-2012-3175.
FIRST-EPSS: 0.004750000
NVD-IS: 2.9
NVD-ES: 8.6
CVE-2012-0518
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2012-0518. Unspecified vulnerability in the Oracle Application Server Single Sign-On component in Oracle Fusion Middleware 10.1.4.3.0 allows remote attackers to affect integrity via unknown vectors related to Redirects, a different vulnerability than CVE-2012-3175.
FIRST-EPSS: 0.004750000
NVD-IS: 2.9
NVD-ES: 8.6
#ExploitObserverAlert
CVE-2023-37450
DESCRIPTION: Exploit Observer has 8 entries related to CVE-2023-37450. The issue was addressed with improved checks. This issue is fixed in iOS 16.6 and iPadOS 16.6, Safari 16.5.2, tvOS 16.6, macOS Ventura 13.5, watchOS 9.6. Processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.
FIRST-EPSS: 0.001020000
NVD-IS: 5.9
NVD-ES: 2.8
CVE-2023-37450
DESCRIPTION: Exploit Observer has 8 entries related to CVE-2023-37450. The issue was addressed with improved checks. This issue is fixed in iOS 16.6 and iPadOS 16.6, Safari 16.5.2, tvOS 16.6, macOS Ventura 13.5, watchOS 9.6. Processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.
FIRST-EPSS: 0.001020000
NVD-IS: 5.9
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2019-7194
DESCRIPTION: Exploit Observer has 5 entries related to CVE-2019-7194. This external control of file name or path vulnerability allows remote attackers to access or modify system files. To fix the vulnerability, QNAP recommend updating Photo Station to their latest versions.
FIRST-EPSS: 0.970700000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2019-7194
DESCRIPTION: Exploit Observer has 5 entries related to CVE-2019-7194. This external control of file name or path vulnerability allows remote attackers to access or modify system files. To fix the vulnerability, QNAP recommend updating Photo Station to their latest versions.
FIRST-EPSS: 0.970700000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2023-38831
DESCRIPTION: Exploit Observer has 110 entries related to CVE-2023-38831. RARLAB WinRAR before 6.23 allows attackers to execute arbitrary code when a user attempts to view a benign file within a ZIP archive. The issue occurs because a ZIP archive may include a benign file (such as an ordinary .JPG file) and also a folder that has the same name as the benign file, and the contents of the folder (which may include executable content) are processed during an attempt to access only the benign file. This was exploited in the wild in April through October 2023.
FIRST-EPSS: 0.234040000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2023-38831
DESCRIPTION: Exploit Observer has 110 entries related to CVE-2023-38831. RARLAB WinRAR before 6.23 allows attackers to execute arbitrary code when a user attempts to view a benign file within a ZIP archive. The issue occurs because a ZIP archive may include a benign file (such as an ordinary .JPG file) and also a folder that has the same name as the benign file, and the contents of the folder (which may include executable content) are processed during an attempt to access only the benign file. This was exploited in the wild in April through October 2023.
FIRST-EPSS: 0.234040000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2013-3900
DESCRIPTION: Exploit Observer has 17 entries related to CVE-2013-3900. The WinVerifyTrust function in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly validate PE file digests during Authenticode signature verification, which allows remote attackers to execute arbitrary code via a crafted PE file, aka "WinVerifyTrust Signature Validation Vulnerability."
FIRST-EPSS: 0.414100000
NVD-IS: 10.0
NVD-ES: 4.9
CVE-2013-3900
DESCRIPTION: Exploit Observer has 17 entries related to CVE-2013-3900. The WinVerifyTrust function in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly validate PE file digests during Authenticode signature verification, which allows remote attackers to execute arbitrary code via a crafted PE file, aka "WinVerifyTrust Signature Validation Vulnerability."
FIRST-EPSS: 0.414100000
NVD-IS: 10.0
NVD-ES: 4.9
#ExploitObserverAlert
CVE-2018-11138
DESCRIPTION: Exploit Observer has 5 entries related to CVE-2018-11138. The '/common/download_agent_installer.php' script in the Quest KACE System Management Appliance 8.0.318 is accessible by anonymous users and can be abused to execute arbitrary commands on the system.
FIRST-EPSS: 0.911510000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2018-11138
DESCRIPTION: Exploit Observer has 5 entries related to CVE-2018-11138. The '/common/download_agent_installer.php' script in the Quest KACE System Management Appliance 8.0.318 is accessible by anonymous users and can be abused to execute arbitrary commands on the system.
FIRST-EPSS: 0.911510000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2021-38406
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2021-38406. Delta Electronic DOPSoft 2 (Version 2.00.07 and prior) lacks proper validation of user-supplied data when parsing specific project files. This could result in multiple out-of-bounds write instances. An attacker could leverage this vulnerability to execute code in the context of the current process.
FIRST-EPSS: 0.929090000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2021-38406
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2021-38406. Delta Electronic DOPSoft 2 (Version 2.00.07 and prior) lacks proper validation of user-supplied data when parsing specific project files. This could result in multiple out-of-bounds write instances. An attacker could leverage this vulnerability to execute code in the context of the current process.
FIRST-EPSS: 0.929090000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2019-1003030
DESCRIPTION: Exploit Observer has 11 entries related to CVE-2019-1003030. A sandbox bypass vulnerability exists in Jenkins Pipeline: Groovy Plugin 2.63 and earlier in pom.xml, src/main/java/org/jenkinsci/plugins/workflow/cps/CpsGroovyShell.java that allows attackers able to control pipeline scripts to execute arbitrary code on the Jenkins master JVM.
FIRST-EPSS: 0.006590000
NVD-IS: 6.0
NVD-ES: 3.1
CVE-2019-1003030
DESCRIPTION: Exploit Observer has 11 entries related to CVE-2019-1003030. A sandbox bypass vulnerability exists in Jenkins Pipeline: Groovy Plugin 2.63 and earlier in pom.xml, src/main/java/org/jenkinsci/plugins/workflow/cps/CpsGroovyShell.java that allows attackers able to control pipeline scripts to execute arbitrary code on the Jenkins master JVM.
FIRST-EPSS: 0.006590000
NVD-IS: 6.0
NVD-ES: 3.1
#ExploitObserverAlert
CVE-2018-2380
DESCRIPTION: Exploit Observer has 5 entries related to CVE-2018-2380. SAP CRM, 7.01, 7.02,7.30, 7.31, 7.33, 7.54, allows an attacker to exploit insufficient validation of path information provided by users, thus characters representing "traverse to parent directory" are passed through to the file APIs.
FIRST-EPSS: 0.027900000
NVD-IS: 3.7
NVD-ES: 2.3
CVE-2018-2380
DESCRIPTION: Exploit Observer has 5 entries related to CVE-2018-2380. SAP CRM, 7.01, 7.02,7.30, 7.31, 7.33, 7.54, allows an attacker to exploit insufficient validation of path information provided by users, thus characters representing "traverse to parent directory" are passed through to the file APIs.
FIRST-EPSS: 0.027900000
NVD-IS: 3.7
NVD-ES: 2.3
#ExploitObserverAlert
CVE-2015-4852
DESCRIPTION: Exploit Observer has 60 entries related to CVE-2015-4852. The WLS Security component in Oracle WebLogic Server 10.3.6.0, 12.1.2.0, 12.1.3.0, and 12.2.1.0 allows remote attackers to execute arbitrary commands via a crafted serialized Java object in T3 protocol traffic to TCP port 7001, related to oracle_common/modules/com.bea.core.apache.commons.collections.jar. NOTE: the scope of this CVE is limited to the WebLogic Server product.
FIRST-EPSS: 0.966900000
NVD-IS: 6.4
NVD-ES: 10.0
CVE-2015-4852
DESCRIPTION: Exploit Observer has 60 entries related to CVE-2015-4852. The WLS Security component in Oracle WebLogic Server 10.3.6.0, 12.1.2.0, 12.1.3.0, and 12.2.1.0 allows remote attackers to execute arbitrary commands via a crafted serialized Java object in T3 protocol traffic to TCP port 7001, related to oracle_common/modules/com.bea.core.apache.commons.collections.jar. NOTE: the scope of this CVE is limited to the WebLogic Server product.
FIRST-EPSS: 0.966900000
NVD-IS: 6.4
NVD-ES: 10.0
#ExploitObserverAlert
CVE-2022-3236
DESCRIPTION: Exploit Observer has 17 entries related to CVE-2022-3236. A code injection vulnerability in the User Portal and Webadmin allows a remote attacker to execute code in Sophos Firewall version v19.0 MR1 and older.
FIRST-EPSS: 0.106520000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2022-3236
DESCRIPTION: Exploit Observer has 17 entries related to CVE-2022-3236. A code injection vulnerability in the User Portal and Webadmin allows a remote attacker to execute code in Sophos Firewall version v19.0 MR1 and older.
FIRST-EPSS: 0.106520000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2023-20963
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2023-20963. In WorkSource, there is a possible parcel mismatch. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-220302519
FIRST-EPSS: 0.002240000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2023-20963
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2023-20963. In WorkSource, there is a possible parcel mismatch. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-220302519
FIRST-EPSS: 0.002240000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2018-19321
DESCRIPTION: Exploit Observer has 6 entries related to CVE-2018-19321. The GPCIDrv and GDrv low-level drivers in GIGABYTE APP Center v1.05.21 and earlier, AORUS GRAPHICS ENGINE before 1.57, XTREME GAMING ENGINE before 1.26, and OC GURU II v2.08 expose functionality to read and write arbitrary physical memory. This could be leveraged by a local attacker to elevate privileges.
FIRST-EPSS: 0.001250000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2018-19321
DESCRIPTION: Exploit Observer has 6 entries related to CVE-2018-19321. The GPCIDrv and GDrv low-level drivers in GIGABYTE APP Center v1.05.21 and earlier, AORUS GRAPHICS ENGINE before 1.57, XTREME GAMING ENGINE before 1.26, and OC GURU II v2.08 expose functionality to read and write arbitrary physical memory. This could be leveraged by a local attacker to elevate privileges.
FIRST-EPSS: 0.001250000
NVD-IS: 5.9
NVD-ES: 1.8