#ExploitObserverAlert
CVE-2022-3236
DESCRIPTION: Exploit Observer has 17 entries related to CVE-2022-3236. A code injection vulnerability in the User Portal and Webadmin allows a remote attacker to execute code in Sophos Firewall version v19.0 MR1 and older.
FIRST-EPSS: 0.106520000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2022-3236
DESCRIPTION: Exploit Observer has 17 entries related to CVE-2022-3236. A code injection vulnerability in the User Portal and Webadmin allows a remote attacker to execute code in Sophos Firewall version v19.0 MR1 and older.
FIRST-EPSS: 0.106520000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2023-20963
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2023-20963. In WorkSource, there is a possible parcel mismatch. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-220302519
FIRST-EPSS: 0.002240000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2023-20963
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2023-20963. In WorkSource, there is a possible parcel mismatch. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-220302519
FIRST-EPSS: 0.002240000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2018-19321
DESCRIPTION: Exploit Observer has 6 entries related to CVE-2018-19321. The GPCIDrv and GDrv low-level drivers in GIGABYTE APP Center v1.05.21 and earlier, AORUS GRAPHICS ENGINE before 1.57, XTREME GAMING ENGINE before 1.26, and OC GURU II v2.08 expose functionality to read and write arbitrary physical memory. This could be leveraged by a local attacker to elevate privileges.
FIRST-EPSS: 0.001250000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2018-19321
DESCRIPTION: Exploit Observer has 6 entries related to CVE-2018-19321. The GPCIDrv and GDrv low-level drivers in GIGABYTE APP Center v1.05.21 and earlier, AORUS GRAPHICS ENGINE before 1.57, XTREME GAMING ENGINE before 1.26, and OC GURU II v2.08 expose functionality to read and write arbitrary physical memory. This could be leveraged by a local attacker to elevate privileges.
FIRST-EPSS: 0.001250000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2022-30333
DESCRIPTION: Exploit Observer has 20 entries related to CVE-2022-30333. RARLAB UnRAR before 6.12 on Linux and UNIX allows directory traversal to write to files during an extract (aka unpack) operation, as demonstrated by creating a ~/.ssh/authorized_keys file. NOTE: WinRAR and Android RAR are unaffected.
FIRST-EPSS: 0.805220000
NVD-IS: 3.6
NVD-ES: 3.9
CVE-2022-30333
DESCRIPTION: Exploit Observer has 20 entries related to CVE-2022-30333. RARLAB UnRAR before 6.12 on Linux and UNIX allows directory traversal to write to files during an extract (aka unpack) operation, as demonstrated by creating a ~/.ssh/authorized_keys file. NOTE: WinRAR and Android RAR are unaffected.
FIRST-EPSS: 0.805220000
NVD-IS: 3.6
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2018-10561
DESCRIPTION: Exploit Observer has 23 entries related to CVE-2018-10561. An issue was discovered on Dasan GPON home routers. It is possible to bypass authentication simply by appending "?images" to any URL of the device that requires authentication, as demonstrated by the /menu.html?images/ or /GponForm/diag_FORM?images/ URI. One can then manage the device.
FIRST-EPSS: 0.971660000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2018-10561
DESCRIPTION: Exploit Observer has 23 entries related to CVE-2018-10561. An issue was discovered on Dasan GPON home routers. It is possible to bypass authentication simply by appending "?images" to any URL of the device that requires authentication, as demonstrated by the /menu.html?images/ or /GponForm/diag_FORM?images/ URI. One can then manage the device.
FIRST-EPSS: 0.971660000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2019-16759
DESCRIPTION: Exploit Observer has 62 entries related to CVE-2019-16759. vBulletin 5.x through 5.5.4 allows remote command execution via the widgetConfig[code] parameter in an ajax/render/widget_php routestring request.
FIRST-EPSS: 0.975340000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2019-16759
DESCRIPTION: Exploit Observer has 62 entries related to CVE-2019-16759. vBulletin 5.x through 5.5.4 allows remote command execution via the widgetConfig[code] parameter in an ajax/render/widget_php routestring request.
FIRST-EPSS: 0.975340000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2018-6882
DESCRIPTION: Exploit Observer has 6 entries related to CVE-2018-6882. Cross-site scripting (XSS) vulnerability in the ZmMailMsgView.getAttachmentLinkHtml function in Zimbra Collaboration Suite (ZCS) before 8.7 Patch 1 and 8.8.x before 8.8.7 might allow remote attackers to inject arbitrary web script or HTML via a Content-Location header in an email attachment.
FIRST-EPSS: 0.007490000
NVD-IS: 2.7
NVD-ES: 2.8
CVE-2018-6882
DESCRIPTION: Exploit Observer has 6 entries related to CVE-2018-6882. Cross-site scripting (XSS) vulnerability in the ZmMailMsgView.getAttachmentLinkHtml function in Zimbra Collaboration Suite (ZCS) before 8.7 Patch 1 and 8.8.x before 8.8.7 might allow remote attackers to inject arbitrary web script or HTML via a Content-Location header in an email attachment.
FIRST-EPSS: 0.007490000
NVD-IS: 2.7
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2013-2094
DESCRIPTION: Exploit Observer has 93 entries related to CVE-2013-2094. The perf_swevent_init function in kernel/events/core.c in the Linux kernel before 3.8.9 uses an incorrect integer data type, which allows local users to gain privileges via a crafted perf_event_open system call.
FIRST-EPSS: 0.000660000
NVD-IS: 10.0
NVD-ES: 3.9
CVE-2013-2094
DESCRIPTION: Exploit Observer has 93 entries related to CVE-2013-2094. The perf_swevent_init function in kernel/events/core.c in the Linux kernel before 3.8.9 uses an incorrect integer data type, which allows local users to gain privileges via a crafted perf_event_open system call.
FIRST-EPSS: 0.000660000
NVD-IS: 10.0
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2018-0175
DESCRIPTION: Exploit Observer has 5 entries related to CVE-2018-0175. Format String vulnerability in the Link Layer Discovery Protocol (LLDP) subsystem of Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition or execute arbitrary code with elevated privileges on an affected device. Cisco Bug IDs: CSCvd73664.
FIRST-EPSS: 0.002860000
NVD-IS: 5.9
NVD-ES: 2.1
CVE-2018-0175
DESCRIPTION: Exploit Observer has 5 entries related to CVE-2018-0175. Format String vulnerability in the Link Layer Discovery Protocol (LLDP) subsystem of Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition or execute arbitrary code with elevated privileges on an affected device. Cisco Bug IDs: CSCvd73664.
FIRST-EPSS: 0.002860000
NVD-IS: 5.9
NVD-ES: 2.1
#ExploitObserverAlert
CVE-2017-3881
DESCRIPTION: Exploit Observer has 16 entries related to CVE-2017-3881. A vulnerability in the Cisco Cluster Management Protocol (CMP) processing code in Cisco IOS and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a reload of an affected device or remotely execute code with elevated privileges. The Cluster Management Protocol utilizes Telnet internally as a signaling and command protocol between cluster members. The vulnerability is due to the combination of two factors: (1) the failure to restrict the use of CMP-specific Telnet options only to internal, local communications between cluster members and instead accept and process such options over any Telnet connection to an affected device; and (2) the incorrect processing of malformed CMP-specific Telnet options. An attacker could exploit this vulnerability by sending malformed CMP-specific Telnet options while establishing a Telnet session with an affected Cisco device configured to accept Telnet connections. An exploit could allow an attacker to execute arbitrary code and obtain full control of the device or cause a reload of the affected device. This affects Catalyst switches, Embedded Service 2020 switches, Enhanced Layer 2 EtherSwitch Service Module, Enhanced Layer 2/3 EtherSwitch Service Module, Gigabit Ethernet Switch Module (CGESM) for HP, IE Industrial Ethernet switches, ME 4924-10GE switch, RF Gateway 10, and SM-X Layer 2/3 EtherSwitch Service Module. Cisco Bug IDs: CSCvd48893.
FIRST-EPSS: 0.974700000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2017-3881
DESCRIPTION: Exploit Observer has 16 entries related to CVE-2017-3881. A vulnerability in the Cisco Cluster Management Protocol (CMP) processing code in Cisco IOS and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a reload of an affected device or remotely execute code with elevated privileges. The Cluster Management Protocol utilizes Telnet internally as a signaling and command protocol between cluster members. The vulnerability is due to the combination of two factors: (1) the failure to restrict the use of CMP-specific Telnet options only to internal, local communications between cluster members and instead accept and process such options over any Telnet connection to an affected device; and (2) the incorrect processing of malformed CMP-specific Telnet options. An attacker could exploit this vulnerability by sending malformed CMP-specific Telnet options while establishing a Telnet session with an affected Cisco device configured to accept Telnet connections. An exploit could allow an attacker to execute arbitrary code and obtain full control of the device or cause a reload of the affected device. This affects Catalyst switches, Embedded Service 2020 switches, Enhanced Layer 2 EtherSwitch Service Module, Enhanced Layer 2/3 EtherSwitch Service Module, Gigabit Ethernet Switch Module (CGESM) for HP, IE Industrial Ethernet switches, ME 4924-10GE switch, RF Gateway 10, and SM-X Layer 2/3 EtherSwitch Service Module. Cisco Bug IDs: CSCvd48893.
FIRST-EPSS: 0.974700000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2022-22675
DESCRIPTION: Exploit Observer has 12 entries related to CVE-2022-22675. An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in tvOS 15.5, watchOS 8.6, macOS Big Sur 11.6.6, macOS Monterey 12.3.1, iOS 15.4.1 and iPadOS 15.4.1. An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited..
FIRST-EPSS: 0.001210000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2022-22675
DESCRIPTION: Exploit Observer has 12 entries related to CVE-2022-22675. An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in tvOS 15.5, watchOS 8.6, macOS Big Sur 11.6.6, macOS Monterey 12.3.1, iOS 15.4.1 and iPadOS 15.4.1. An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited..
FIRST-EPSS: 0.001210000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2018-14558
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2018-14558. An issue was discovered on Tenda AC7 devices with firmware through V15.03.06.44_CN(AC7), AC9 devices with firmware through V15.03.05.19(6318)_CN(AC9), and AC10 devices with firmware through V15.03.06.23_CN(AC10). A command Injection vulnerability allows attackers to execute arbitrary OS commands via a crafted goform/setUsbUnload request. This occurs because the "formsetUsbUnload" function executes a dosystemCmd function with untrusted input.
FIRST-EPSS: 0.936190000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2018-14558
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2018-14558. An issue was discovered on Tenda AC7 devices with firmware through V15.03.06.44_CN(AC7), AC9 devices with firmware through V15.03.05.19(6318)_CN(AC9), and AC10 devices with firmware through V15.03.06.23_CN(AC10). A command Injection vulnerability allows attackers to execute arbitrary OS commands via a crafted goform/setUsbUnload request. This occurs because the "formsetUsbUnload" function executes a dosystemCmd function with untrusted input.
FIRST-EPSS: 0.936190000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2020-3161
DESCRIPTION: Exploit Observer has 7 entries related to CVE-2020-3161. A vulnerability in the web server for Cisco IP Phones could allow an unauthenticated, remote attacker to execute code with root privileges or cause a reload of an affected IP phone, resulting in a denial of service (DoS) condition. The vulnerability is due to a lack of proper input validation of HTTP requests. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web server of a targeted device. A successful exploit could allow the attacker to remotely execute code with root privileges or cause a reload of an affected IP phone, resulting in a DoS condition.
FIRST-EPSS: 0.014320000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2020-3161
DESCRIPTION: Exploit Observer has 7 entries related to CVE-2020-3161. A vulnerability in the web server for Cisco IP Phones could allow an unauthenticated, remote attacker to execute code with root privileges or cause a reload of an affected IP phone, resulting in a denial of service (DoS) condition. The vulnerability is due to a lack of proper input validation of HTTP requests. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web server of a targeted device. A successful exploit could allow the attacker to remotely execute code with root privileges or cause a reload of an affected IP phone, resulting in a DoS condition.
FIRST-EPSS: 0.014320000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2018-0154
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2018-0154. A vulnerability in the crypto engine of the Cisco Integrated Services Module for VPN (ISM-VPN) running Cisco IOS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient handling of VPN traffic by the affected device. An attacker could exploit this vulnerability by sending crafted VPN traffic to an affected device. A successful exploit could allow the attacker to cause the affected device to hang or crash, resulting in a DoS condition. Cisco Bug IDs: CSCvd39267.
FIRST-EPSS: 0.003030000
NVD-IS: 3.6
NVD-ES: 3.9
CVE-2018-0154
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2018-0154. A vulnerability in the crypto engine of the Cisco Integrated Services Module for VPN (ISM-VPN) running Cisco IOS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient handling of VPN traffic by the affected device. An attacker could exploit this vulnerability by sending crafted VPN traffic to an affected device. A successful exploit could allow the attacker to cause the affected device to hang or crash, resulting in a DoS condition. Cisco Bug IDs: CSCvd39267.
FIRST-EPSS: 0.003030000
NVD-IS: 3.6
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2023-0386
DESCRIPTION: Exploit Observer has 50 entries related to CVE-2023-0386. A flaw was found in the Linux kernel, where unauthorized access to the execution of the setuid file with capabilities was found in the Linux kernel’s OverlayFS subsystem in how a user copies a capable file from a nosuid mount into another mount. This uid mapping bug allows a local user to escalate their privileges on the system.
FIRST-EPSS: 0.000420000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2023-0386
DESCRIPTION: Exploit Observer has 50 entries related to CVE-2023-0386. A flaw was found in the Linux kernel, where unauthorized access to the execution of the setuid file with capabilities was found in the Linux kernel’s OverlayFS subsystem in how a user copies a capable file from a nosuid mount into another mount. This uid mapping bug allows a local user to escalate their privileges on the system.
FIRST-EPSS: 0.000420000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2013-0641
DESCRIPTION: Exploit Observer has 13 entries related to CVE-2013-0641. Buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.4, 10.x before 10.1.6, and 11.x before 11.0.02 allows remote attackers to execute arbitrary code via a crafted PDF document, as exploited in the wild in February 2013.
FIRST-EPSS: 0.962060000
NVD-IS: 10.0
NVD-ES: 8.6
CVE-2013-0641
DESCRIPTION: Exploit Observer has 13 entries related to CVE-2013-0641. Buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.4, 10.x before 10.1.6, and 11.x before 11.0.02 allows remote attackers to execute arbitrary code via a crafted PDF document, as exploited in the wild in February 2013.
FIRST-EPSS: 0.962060000
NVD-IS: 10.0
NVD-ES: 8.6
#ExploitObserverAlert
CVE-2023-29336
DESCRIPTION: Exploit Observer has 12 entries related to CVE-2023-29336. Win32k Elevation of Privilege Vulnerability
FIRST-EPSS: 0.002000000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2023-29336
DESCRIPTION: Exploit Observer has 12 entries related to CVE-2023-29336. Win32k Elevation of Privilege Vulnerability
FIRST-EPSS: 0.002000000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2022-44698
DESCRIPTION: Exploit Observer has 6 entries related to CVE-2022-44698. Windows SmartScreen Security Feature Bypass Vulnerability
FIRST-EPSS: 0.013690000
NVD-IS: 2.5
NVD-ES: 2.8
CVE-2022-44698
DESCRIPTION: Exploit Observer has 6 entries related to CVE-2022-44698. Windows SmartScreen Security Feature Bypass Vulnerability
FIRST-EPSS: 0.013690000
NVD-IS: 2.5
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2016-1019
DESCRIPTION: Exploit Observer has 20 entries related to CVE-2016-1019. Adobe Flash Player 21.0.0.197 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unspecified vectors, as exploited in the wild in April 2016.
FIRST-EPSS: 0.956080000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2016-1019
DESCRIPTION: Exploit Observer has 20 entries related to CVE-2016-1019. Adobe Flash Player 21.0.0.197 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unspecified vectors, as exploited in the wild in April 2016.
FIRST-EPSS: 0.956080000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2022-26318
DESCRIPTION: Exploit Observer has 11 entries related to CVE-2022-26318. On WatchGuard Firebox and XTM appliances, an unauthenticated user can execute arbitrary code, aka FBX-22786. This vulnerability impacts Fireware OS before 12.7.2_U2, 12.x before 12.1.3_U8, and 12.2.x through 12.5.x before 12.5.9_U2.
FIRST-EPSS: 0.089690000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2022-26318
DESCRIPTION: Exploit Observer has 11 entries related to CVE-2022-26318. On WatchGuard Firebox and XTM appliances, an unauthenticated user can execute arbitrary code, aka FBX-22786. This vulnerability impacts Fireware OS before 12.7.2_U2, 12.x before 12.1.3_U8, and 12.2.x through 12.5.x before 12.5.9_U2.
FIRST-EPSS: 0.089690000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2021-34484
DESCRIPTION: Exploit Observer has 4 entries related to CVE-2021-34484. Windows User Profile Service Elevation of Privilege Vulnerability
FIRST-EPSS: 0.001960000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2021-34484
DESCRIPTION: Exploit Observer has 4 entries related to CVE-2021-34484. Windows User Profile Service Elevation of Privilege Vulnerability
FIRST-EPSS: 0.001960000
NVD-IS: 5.9
NVD-ES: 1.8