#ExploitObserverAlert
CVE-2012-0518
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2012-0518. Unspecified vulnerability in the Oracle Application Server Single Sign-On component in Oracle Fusion Middleware 10.1.4.3.0 allows remote attackers to affect integrity via unknown vectors related to Redirects, a different vulnerability than CVE-2012-3175.
FIRST-EPSS: 0.004750000
NVD-IS: 2.9
NVD-ES: 8.6
CVE-2012-0518
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2012-0518. Unspecified vulnerability in the Oracle Application Server Single Sign-On component in Oracle Fusion Middleware 10.1.4.3.0 allows remote attackers to affect integrity via unknown vectors related to Redirects, a different vulnerability than CVE-2012-3175.
FIRST-EPSS: 0.004750000
NVD-IS: 2.9
NVD-ES: 8.6
#ExploitObserverAlert
CVE-2023-37450
DESCRIPTION: Exploit Observer has 8 entries related to CVE-2023-37450. The issue was addressed with improved checks. This issue is fixed in iOS 16.6 and iPadOS 16.6, Safari 16.5.2, tvOS 16.6, macOS Ventura 13.5, watchOS 9.6. Processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.
FIRST-EPSS: 0.001020000
NVD-IS: 5.9
NVD-ES: 2.8
CVE-2023-37450
DESCRIPTION: Exploit Observer has 8 entries related to CVE-2023-37450. The issue was addressed with improved checks. This issue is fixed in iOS 16.6 and iPadOS 16.6, Safari 16.5.2, tvOS 16.6, macOS Ventura 13.5, watchOS 9.6. Processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.
FIRST-EPSS: 0.001020000
NVD-IS: 5.9
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2019-7194
DESCRIPTION: Exploit Observer has 5 entries related to CVE-2019-7194. This external control of file name or path vulnerability allows remote attackers to access or modify system files. To fix the vulnerability, QNAP recommend updating Photo Station to their latest versions.
FIRST-EPSS: 0.970700000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2019-7194
DESCRIPTION: Exploit Observer has 5 entries related to CVE-2019-7194. This external control of file name or path vulnerability allows remote attackers to access or modify system files. To fix the vulnerability, QNAP recommend updating Photo Station to their latest versions.
FIRST-EPSS: 0.970700000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2023-38831
DESCRIPTION: Exploit Observer has 110 entries related to CVE-2023-38831. RARLAB WinRAR before 6.23 allows attackers to execute arbitrary code when a user attempts to view a benign file within a ZIP archive. The issue occurs because a ZIP archive may include a benign file (such as an ordinary .JPG file) and also a folder that has the same name as the benign file, and the contents of the folder (which may include executable content) are processed during an attempt to access only the benign file. This was exploited in the wild in April through October 2023.
FIRST-EPSS: 0.234040000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2023-38831
DESCRIPTION: Exploit Observer has 110 entries related to CVE-2023-38831. RARLAB WinRAR before 6.23 allows attackers to execute arbitrary code when a user attempts to view a benign file within a ZIP archive. The issue occurs because a ZIP archive may include a benign file (such as an ordinary .JPG file) and also a folder that has the same name as the benign file, and the contents of the folder (which may include executable content) are processed during an attempt to access only the benign file. This was exploited in the wild in April through October 2023.
FIRST-EPSS: 0.234040000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2013-3900
DESCRIPTION: Exploit Observer has 17 entries related to CVE-2013-3900. The WinVerifyTrust function in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly validate PE file digests during Authenticode signature verification, which allows remote attackers to execute arbitrary code via a crafted PE file, aka "WinVerifyTrust Signature Validation Vulnerability."
FIRST-EPSS: 0.414100000
NVD-IS: 10.0
NVD-ES: 4.9
CVE-2013-3900
DESCRIPTION: Exploit Observer has 17 entries related to CVE-2013-3900. The WinVerifyTrust function in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly validate PE file digests during Authenticode signature verification, which allows remote attackers to execute arbitrary code via a crafted PE file, aka "WinVerifyTrust Signature Validation Vulnerability."
FIRST-EPSS: 0.414100000
NVD-IS: 10.0
NVD-ES: 4.9
#ExploitObserverAlert
CVE-2018-11138
DESCRIPTION: Exploit Observer has 5 entries related to CVE-2018-11138. The '/common/download_agent_installer.php' script in the Quest KACE System Management Appliance 8.0.318 is accessible by anonymous users and can be abused to execute arbitrary commands on the system.
FIRST-EPSS: 0.911510000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2018-11138
DESCRIPTION: Exploit Observer has 5 entries related to CVE-2018-11138. The '/common/download_agent_installer.php' script in the Quest KACE System Management Appliance 8.0.318 is accessible by anonymous users and can be abused to execute arbitrary commands on the system.
FIRST-EPSS: 0.911510000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2021-38406
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2021-38406. Delta Electronic DOPSoft 2 (Version 2.00.07 and prior) lacks proper validation of user-supplied data when parsing specific project files. This could result in multiple out-of-bounds write instances. An attacker could leverage this vulnerability to execute code in the context of the current process.
FIRST-EPSS: 0.929090000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2021-38406
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2021-38406. Delta Electronic DOPSoft 2 (Version 2.00.07 and prior) lacks proper validation of user-supplied data when parsing specific project files. This could result in multiple out-of-bounds write instances. An attacker could leverage this vulnerability to execute code in the context of the current process.
FIRST-EPSS: 0.929090000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2019-1003030
DESCRIPTION: Exploit Observer has 11 entries related to CVE-2019-1003030. A sandbox bypass vulnerability exists in Jenkins Pipeline: Groovy Plugin 2.63 and earlier in pom.xml, src/main/java/org/jenkinsci/plugins/workflow/cps/CpsGroovyShell.java that allows attackers able to control pipeline scripts to execute arbitrary code on the Jenkins master JVM.
FIRST-EPSS: 0.006590000
NVD-IS: 6.0
NVD-ES: 3.1
CVE-2019-1003030
DESCRIPTION: Exploit Observer has 11 entries related to CVE-2019-1003030. A sandbox bypass vulnerability exists in Jenkins Pipeline: Groovy Plugin 2.63 and earlier in pom.xml, src/main/java/org/jenkinsci/plugins/workflow/cps/CpsGroovyShell.java that allows attackers able to control pipeline scripts to execute arbitrary code on the Jenkins master JVM.
FIRST-EPSS: 0.006590000
NVD-IS: 6.0
NVD-ES: 3.1
#ExploitObserverAlert
CVE-2018-2380
DESCRIPTION: Exploit Observer has 5 entries related to CVE-2018-2380. SAP CRM, 7.01, 7.02,7.30, 7.31, 7.33, 7.54, allows an attacker to exploit insufficient validation of path information provided by users, thus characters representing "traverse to parent directory" are passed through to the file APIs.
FIRST-EPSS: 0.027900000
NVD-IS: 3.7
NVD-ES: 2.3
CVE-2018-2380
DESCRIPTION: Exploit Observer has 5 entries related to CVE-2018-2380. SAP CRM, 7.01, 7.02,7.30, 7.31, 7.33, 7.54, allows an attacker to exploit insufficient validation of path information provided by users, thus characters representing "traverse to parent directory" are passed through to the file APIs.
FIRST-EPSS: 0.027900000
NVD-IS: 3.7
NVD-ES: 2.3
#ExploitObserverAlert
CVE-2015-4852
DESCRIPTION: Exploit Observer has 60 entries related to CVE-2015-4852. The WLS Security component in Oracle WebLogic Server 10.3.6.0, 12.1.2.0, 12.1.3.0, and 12.2.1.0 allows remote attackers to execute arbitrary commands via a crafted serialized Java object in T3 protocol traffic to TCP port 7001, related to oracle_common/modules/com.bea.core.apache.commons.collections.jar. NOTE: the scope of this CVE is limited to the WebLogic Server product.
FIRST-EPSS: 0.966900000
NVD-IS: 6.4
NVD-ES: 10.0
CVE-2015-4852
DESCRIPTION: Exploit Observer has 60 entries related to CVE-2015-4852. The WLS Security component in Oracle WebLogic Server 10.3.6.0, 12.1.2.0, 12.1.3.0, and 12.2.1.0 allows remote attackers to execute arbitrary commands via a crafted serialized Java object in T3 protocol traffic to TCP port 7001, related to oracle_common/modules/com.bea.core.apache.commons.collections.jar. NOTE: the scope of this CVE is limited to the WebLogic Server product.
FIRST-EPSS: 0.966900000
NVD-IS: 6.4
NVD-ES: 10.0
#ExploitObserverAlert
CVE-2022-3236
DESCRIPTION: Exploit Observer has 17 entries related to CVE-2022-3236. A code injection vulnerability in the User Portal and Webadmin allows a remote attacker to execute code in Sophos Firewall version v19.0 MR1 and older.
FIRST-EPSS: 0.106520000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2022-3236
DESCRIPTION: Exploit Observer has 17 entries related to CVE-2022-3236. A code injection vulnerability in the User Portal and Webadmin allows a remote attacker to execute code in Sophos Firewall version v19.0 MR1 and older.
FIRST-EPSS: 0.106520000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2023-20963
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2023-20963. In WorkSource, there is a possible parcel mismatch. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-220302519
FIRST-EPSS: 0.002240000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2023-20963
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2023-20963. In WorkSource, there is a possible parcel mismatch. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-220302519
FIRST-EPSS: 0.002240000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2018-19321
DESCRIPTION: Exploit Observer has 6 entries related to CVE-2018-19321. The GPCIDrv and GDrv low-level drivers in GIGABYTE APP Center v1.05.21 and earlier, AORUS GRAPHICS ENGINE before 1.57, XTREME GAMING ENGINE before 1.26, and OC GURU II v2.08 expose functionality to read and write arbitrary physical memory. This could be leveraged by a local attacker to elevate privileges.
FIRST-EPSS: 0.001250000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2018-19321
DESCRIPTION: Exploit Observer has 6 entries related to CVE-2018-19321. The GPCIDrv and GDrv low-level drivers in GIGABYTE APP Center v1.05.21 and earlier, AORUS GRAPHICS ENGINE before 1.57, XTREME GAMING ENGINE before 1.26, and OC GURU II v2.08 expose functionality to read and write arbitrary physical memory. This could be leveraged by a local attacker to elevate privileges.
FIRST-EPSS: 0.001250000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2022-30333
DESCRIPTION: Exploit Observer has 20 entries related to CVE-2022-30333. RARLAB UnRAR before 6.12 on Linux and UNIX allows directory traversal to write to files during an extract (aka unpack) operation, as demonstrated by creating a ~/.ssh/authorized_keys file. NOTE: WinRAR and Android RAR are unaffected.
FIRST-EPSS: 0.805220000
NVD-IS: 3.6
NVD-ES: 3.9
CVE-2022-30333
DESCRIPTION: Exploit Observer has 20 entries related to CVE-2022-30333. RARLAB UnRAR before 6.12 on Linux and UNIX allows directory traversal to write to files during an extract (aka unpack) operation, as demonstrated by creating a ~/.ssh/authorized_keys file. NOTE: WinRAR and Android RAR are unaffected.
FIRST-EPSS: 0.805220000
NVD-IS: 3.6
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2018-10561
DESCRIPTION: Exploit Observer has 23 entries related to CVE-2018-10561. An issue was discovered on Dasan GPON home routers. It is possible to bypass authentication simply by appending "?images" to any URL of the device that requires authentication, as demonstrated by the /menu.html?images/ or /GponForm/diag_FORM?images/ URI. One can then manage the device.
FIRST-EPSS: 0.971660000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2018-10561
DESCRIPTION: Exploit Observer has 23 entries related to CVE-2018-10561. An issue was discovered on Dasan GPON home routers. It is possible to bypass authentication simply by appending "?images" to any URL of the device that requires authentication, as demonstrated by the /menu.html?images/ or /GponForm/diag_FORM?images/ URI. One can then manage the device.
FIRST-EPSS: 0.971660000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2019-16759
DESCRIPTION: Exploit Observer has 62 entries related to CVE-2019-16759. vBulletin 5.x through 5.5.4 allows remote command execution via the widgetConfig[code] parameter in an ajax/render/widget_php routestring request.
FIRST-EPSS: 0.975340000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2019-16759
DESCRIPTION: Exploit Observer has 62 entries related to CVE-2019-16759. vBulletin 5.x through 5.5.4 allows remote command execution via the widgetConfig[code] parameter in an ajax/render/widget_php routestring request.
FIRST-EPSS: 0.975340000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2018-6882
DESCRIPTION: Exploit Observer has 6 entries related to CVE-2018-6882. Cross-site scripting (XSS) vulnerability in the ZmMailMsgView.getAttachmentLinkHtml function in Zimbra Collaboration Suite (ZCS) before 8.7 Patch 1 and 8.8.x before 8.8.7 might allow remote attackers to inject arbitrary web script or HTML via a Content-Location header in an email attachment.
FIRST-EPSS: 0.007490000
NVD-IS: 2.7
NVD-ES: 2.8
CVE-2018-6882
DESCRIPTION: Exploit Observer has 6 entries related to CVE-2018-6882. Cross-site scripting (XSS) vulnerability in the ZmMailMsgView.getAttachmentLinkHtml function in Zimbra Collaboration Suite (ZCS) before 8.7 Patch 1 and 8.8.x before 8.8.7 might allow remote attackers to inject arbitrary web script or HTML via a Content-Location header in an email attachment.
FIRST-EPSS: 0.007490000
NVD-IS: 2.7
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2013-2094
DESCRIPTION: Exploit Observer has 93 entries related to CVE-2013-2094. The perf_swevent_init function in kernel/events/core.c in the Linux kernel before 3.8.9 uses an incorrect integer data type, which allows local users to gain privileges via a crafted perf_event_open system call.
FIRST-EPSS: 0.000660000
NVD-IS: 10.0
NVD-ES: 3.9
CVE-2013-2094
DESCRIPTION: Exploit Observer has 93 entries related to CVE-2013-2094. The perf_swevent_init function in kernel/events/core.c in the Linux kernel before 3.8.9 uses an incorrect integer data type, which allows local users to gain privileges via a crafted perf_event_open system call.
FIRST-EPSS: 0.000660000
NVD-IS: 10.0
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2018-0175
DESCRIPTION: Exploit Observer has 5 entries related to CVE-2018-0175. Format String vulnerability in the Link Layer Discovery Protocol (LLDP) subsystem of Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition or execute arbitrary code with elevated privileges on an affected device. Cisco Bug IDs: CSCvd73664.
FIRST-EPSS: 0.002860000
NVD-IS: 5.9
NVD-ES: 2.1
CVE-2018-0175
DESCRIPTION: Exploit Observer has 5 entries related to CVE-2018-0175. Format String vulnerability in the Link Layer Discovery Protocol (LLDP) subsystem of Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition or execute arbitrary code with elevated privileges on an affected device. Cisco Bug IDs: CSCvd73664.
FIRST-EPSS: 0.002860000
NVD-IS: 5.9
NVD-ES: 2.1
#ExploitObserverAlert
CVE-2017-3881
DESCRIPTION: Exploit Observer has 16 entries related to CVE-2017-3881. A vulnerability in the Cisco Cluster Management Protocol (CMP) processing code in Cisco IOS and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a reload of an affected device or remotely execute code with elevated privileges. The Cluster Management Protocol utilizes Telnet internally as a signaling and command protocol between cluster members. The vulnerability is due to the combination of two factors: (1) the failure to restrict the use of CMP-specific Telnet options only to internal, local communications between cluster members and instead accept and process such options over any Telnet connection to an affected device; and (2) the incorrect processing of malformed CMP-specific Telnet options. An attacker could exploit this vulnerability by sending malformed CMP-specific Telnet options while establishing a Telnet session with an affected Cisco device configured to accept Telnet connections. An exploit could allow an attacker to execute arbitrary code and obtain full control of the device or cause a reload of the affected device. This affects Catalyst switches, Embedded Service 2020 switches, Enhanced Layer 2 EtherSwitch Service Module, Enhanced Layer 2/3 EtherSwitch Service Module, Gigabit Ethernet Switch Module (CGESM) for HP, IE Industrial Ethernet switches, ME 4924-10GE switch, RF Gateway 10, and SM-X Layer 2/3 EtherSwitch Service Module. Cisco Bug IDs: CSCvd48893.
FIRST-EPSS: 0.974700000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2017-3881
DESCRIPTION: Exploit Observer has 16 entries related to CVE-2017-3881. A vulnerability in the Cisco Cluster Management Protocol (CMP) processing code in Cisco IOS and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a reload of an affected device or remotely execute code with elevated privileges. The Cluster Management Protocol utilizes Telnet internally as a signaling and command protocol between cluster members. The vulnerability is due to the combination of two factors: (1) the failure to restrict the use of CMP-specific Telnet options only to internal, local communications between cluster members and instead accept and process such options over any Telnet connection to an affected device; and (2) the incorrect processing of malformed CMP-specific Telnet options. An attacker could exploit this vulnerability by sending malformed CMP-specific Telnet options while establishing a Telnet session with an affected Cisco device configured to accept Telnet connections. An exploit could allow an attacker to execute arbitrary code and obtain full control of the device or cause a reload of the affected device. This affects Catalyst switches, Embedded Service 2020 switches, Enhanced Layer 2 EtherSwitch Service Module, Enhanced Layer 2/3 EtherSwitch Service Module, Gigabit Ethernet Switch Module (CGESM) for HP, IE Industrial Ethernet switches, ME 4924-10GE switch, RF Gateway 10, and SM-X Layer 2/3 EtherSwitch Service Module. Cisco Bug IDs: CSCvd48893.
FIRST-EPSS: 0.974700000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2022-22675
DESCRIPTION: Exploit Observer has 12 entries related to CVE-2022-22675. An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in tvOS 15.5, watchOS 8.6, macOS Big Sur 11.6.6, macOS Monterey 12.3.1, iOS 15.4.1 and iPadOS 15.4.1. An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited..
FIRST-EPSS: 0.001210000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2022-22675
DESCRIPTION: Exploit Observer has 12 entries related to CVE-2022-22675. An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in tvOS 15.5, watchOS 8.6, macOS Big Sur 11.6.6, macOS Monterey 12.3.1, iOS 15.4.1 and iPadOS 15.4.1. An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited..
FIRST-EPSS: 0.001210000
NVD-IS: 5.9
NVD-ES: 1.8