#ExploitObserverAlert
CVE-2018-0154
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2018-0154. A vulnerability in the crypto engine of the Cisco Integrated Services Module for VPN (ISM-VPN) running Cisco IOS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient handling of VPN traffic by the affected device. An attacker could exploit this vulnerability by sending crafted VPN traffic to an affected device. A successful exploit could allow the attacker to cause the affected device to hang or crash, resulting in a DoS condition. Cisco Bug IDs: CSCvd39267.
FIRST-EPSS: 0.003030000
NVD-IS: 3.6
NVD-ES: 3.9
CVE-2018-0154
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2018-0154. A vulnerability in the crypto engine of the Cisco Integrated Services Module for VPN (ISM-VPN) running Cisco IOS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient handling of VPN traffic by the affected device. An attacker could exploit this vulnerability by sending crafted VPN traffic to an affected device. A successful exploit could allow the attacker to cause the affected device to hang or crash, resulting in a DoS condition. Cisco Bug IDs: CSCvd39267.
FIRST-EPSS: 0.003030000
NVD-IS: 3.6
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2023-0386
DESCRIPTION: Exploit Observer has 50 entries related to CVE-2023-0386. A flaw was found in the Linux kernel, where unauthorized access to the execution of the setuid file with capabilities was found in the Linux kernel’s OverlayFS subsystem in how a user copies a capable file from a nosuid mount into another mount. This uid mapping bug allows a local user to escalate their privileges on the system.
FIRST-EPSS: 0.000420000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2023-0386
DESCRIPTION: Exploit Observer has 50 entries related to CVE-2023-0386. A flaw was found in the Linux kernel, where unauthorized access to the execution of the setuid file with capabilities was found in the Linux kernel’s OverlayFS subsystem in how a user copies a capable file from a nosuid mount into another mount. This uid mapping bug allows a local user to escalate their privileges on the system.
FIRST-EPSS: 0.000420000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2013-0641
DESCRIPTION: Exploit Observer has 13 entries related to CVE-2013-0641. Buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.4, 10.x before 10.1.6, and 11.x before 11.0.02 allows remote attackers to execute arbitrary code via a crafted PDF document, as exploited in the wild in February 2013.
FIRST-EPSS: 0.962060000
NVD-IS: 10.0
NVD-ES: 8.6
CVE-2013-0641
DESCRIPTION: Exploit Observer has 13 entries related to CVE-2013-0641. Buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.4, 10.x before 10.1.6, and 11.x before 11.0.02 allows remote attackers to execute arbitrary code via a crafted PDF document, as exploited in the wild in February 2013.
FIRST-EPSS: 0.962060000
NVD-IS: 10.0
NVD-ES: 8.6
#ExploitObserverAlert
CVE-2023-29336
DESCRIPTION: Exploit Observer has 12 entries related to CVE-2023-29336. Win32k Elevation of Privilege Vulnerability
FIRST-EPSS: 0.002000000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2023-29336
DESCRIPTION: Exploit Observer has 12 entries related to CVE-2023-29336. Win32k Elevation of Privilege Vulnerability
FIRST-EPSS: 0.002000000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2022-44698
DESCRIPTION: Exploit Observer has 6 entries related to CVE-2022-44698. Windows SmartScreen Security Feature Bypass Vulnerability
FIRST-EPSS: 0.013690000
NVD-IS: 2.5
NVD-ES: 2.8
CVE-2022-44698
DESCRIPTION: Exploit Observer has 6 entries related to CVE-2022-44698. Windows SmartScreen Security Feature Bypass Vulnerability
FIRST-EPSS: 0.013690000
NVD-IS: 2.5
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2016-1019
DESCRIPTION: Exploit Observer has 20 entries related to CVE-2016-1019. Adobe Flash Player 21.0.0.197 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unspecified vectors, as exploited in the wild in April 2016.
FIRST-EPSS: 0.956080000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2016-1019
DESCRIPTION: Exploit Observer has 20 entries related to CVE-2016-1019. Adobe Flash Player 21.0.0.197 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unspecified vectors, as exploited in the wild in April 2016.
FIRST-EPSS: 0.956080000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2022-26318
DESCRIPTION: Exploit Observer has 11 entries related to CVE-2022-26318. On WatchGuard Firebox and XTM appliances, an unauthenticated user can execute arbitrary code, aka FBX-22786. This vulnerability impacts Fireware OS before 12.7.2_U2, 12.x before 12.1.3_U8, and 12.2.x through 12.5.x before 12.5.9_U2.
FIRST-EPSS: 0.089690000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2022-26318
DESCRIPTION: Exploit Observer has 11 entries related to CVE-2022-26318. On WatchGuard Firebox and XTM appliances, an unauthenticated user can execute arbitrary code, aka FBX-22786. This vulnerability impacts Fireware OS before 12.7.2_U2, 12.x before 12.1.3_U8, and 12.2.x through 12.5.x before 12.5.9_U2.
FIRST-EPSS: 0.089690000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2021-34484
DESCRIPTION: Exploit Observer has 4 entries related to CVE-2021-34484. Windows User Profile Service Elevation of Privilege Vulnerability
FIRST-EPSS: 0.001960000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2021-34484
DESCRIPTION: Exploit Observer has 4 entries related to CVE-2021-34484. Windows User Profile Service Elevation of Privilege Vulnerability
FIRST-EPSS: 0.001960000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2017-6316
DESCRIPTION: Exploit Observer has 5 entries related to CVE-2017-6316. Citrix NetScaler SD-WAN devices through v9.1.2.26.561201 allow remote attackers to execute arbitrary shell commands as root via a CGISESSID cookie. On CloudBridge (the former name of NetScaler SD-WAN) devices, the cookie name was CAKEPHP rather than CGISESSID.
FIRST-EPSS: 0.961680000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2017-6316
DESCRIPTION: Exploit Observer has 5 entries related to CVE-2017-6316. Citrix NetScaler SD-WAN devices through v9.1.2.26.561201 allow remote attackers to execute arbitrary shell commands as root via a CGISESSID cookie. On CloudBridge (the former name of NetScaler SD-WAN) devices, the cookie name was CAKEPHP rather than CGISESSID.
FIRST-EPSS: 0.961680000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2021-1879
DESCRIPTION: Exploit Observer has 6 entries related to CVE-2021-1879. This issue was addressed by improved management of object lifetimes. This issue is fixed in iOS 12.5.2, iOS 14.4.2 and iPadOS 14.4.2, watchOS 7.3.3. Processing maliciously crafted web content may lead to universal cross site scripting. Apple is aware of a report that this issue may have been actively exploited..
FIRST-EPSS: 0.002140000
NVD-IS: 2.7
NVD-ES: 2.8
CVE-2021-1879
DESCRIPTION: Exploit Observer has 6 entries related to CVE-2021-1879. This issue was addressed by improved management of object lifetimes. This issue is fixed in iOS 12.5.2, iOS 14.4.2 and iPadOS 14.4.2, watchOS 7.3.3. Processing maliciously crafted web content may lead to universal cross site scripting. Apple is aware of a report that this issue may have been actively exploited..
FIRST-EPSS: 0.002140000
NVD-IS: 2.7
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2013-0431
DESCRIPTION: Exploit Observer has 23 entries related to CVE-2013-0431. Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, and OpenJDK 7, allows user-assisted remote attackers to bypass the Java security sandbox via unspecified vectors related to JMX, aka "Issue 52," a different vulnerability than CVE-2013-1490.
FIRST-EPSS: 0.974880000
NVD-IS: 2.9
NVD-ES: 10.0
CVE-2013-0431
DESCRIPTION: Exploit Observer has 23 entries related to CVE-2013-0431. Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, and OpenJDK 7, allows user-assisted remote attackers to bypass the Java security sandbox via unspecified vectors related to JMX, aka "Issue 52," a different vulnerability than CVE-2013-1490.
FIRST-EPSS: 0.974880000
NVD-IS: 2.9
NVD-ES: 10.0
#ExploitObserverAlert
CVE-2020-3433
DESCRIPTION: Exploit Observer has 10 entries related to CVE-2020-3433. A vulnerability in the interprocess communication (IPC) channel of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to perform a DLL hijacking attack. To exploit this vulnerability, the attacker would need to have valid credentials on the Windows system. The vulnerability is due to insufficient validation of resources that are loaded by the application at run time. An attacker could exploit this vulnerability by sending a crafted IPC message to the AnyConnect process. A successful exploit could allow the attacker to execute arbitrary code on the affected machine with SYSTEM privileges. To exploit this vulnerability, the attacker would need to have valid credentials on the Windows system.
FIRST-EPSS: 0.000770000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2020-3433
DESCRIPTION: Exploit Observer has 10 entries related to CVE-2020-3433. A vulnerability in the interprocess communication (IPC) channel of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to perform a DLL hijacking attack. To exploit this vulnerability, the attacker would need to have valid credentials on the Windows system. The vulnerability is due to insufficient validation of resources that are loaded by the application at run time. An attacker could exploit this vulnerability by sending a crafted IPC message to the AnyConnect process. A successful exploit could allow the attacker to execute arbitrary code on the affected machine with SYSTEM privileges. To exploit this vulnerability, the attacker would need to have valid credentials on the Windows system.
FIRST-EPSS: 0.000770000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2019-8506
DESCRIPTION: Exploit Observer has 8 entries related to CVE-2019-8506. A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution.
FIRST-EPSS: 0.074720000
NVD-IS: 5.9
NVD-ES: 2.8
CVE-2019-8506
DESCRIPTION: Exploit Observer has 8 entries related to CVE-2019-8506. A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution.
FIRST-EPSS: 0.074720000
NVD-IS: 5.9
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2021-36260
DESCRIPTION: Exploit Observer has 59 entries related to CVE-2021-36260. A command injection vulnerability in the web server of some Hikvision product. Due to the insufficient input validation, attacker can exploit the vulnerability to launch a command injection attack by sending some messages with malicious commands.
FIRST-EPSS: 0.975060000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2021-36260
DESCRIPTION: Exploit Observer has 59 entries related to CVE-2021-36260. A command injection vulnerability in the web server of some Hikvision product. Due to the insufficient input validation, attacker can exploit the vulnerability to launch a command injection attack by sending some messages with malicious commands.
FIRST-EPSS: 0.975060000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2023-28205
DESCRIPTION: Exploit Observer has 4 entries related to CVE-2023-28205. A use after free issue was addressed with improved memory management. This issue is fixed in Safari 16.4.1, iOS 15.7.5 and iPadOS 15.7.5, iOS 16.4.1 and iPadOS 16.4.1, macOS Ventura 13.3.1. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.
FIRST-EPSS: 0.001460000
NVD-IS: 5.9
NVD-ES: 2.8
CVE-2023-28205
DESCRIPTION: Exploit Observer has 4 entries related to CVE-2023-28205. A use after free issue was addressed with improved memory management. This issue is fixed in Safari 16.4.1, iOS 15.7.5 and iPadOS 15.7.5, iOS 16.4.1 and iPadOS 16.4.1, macOS Ventura 13.3.1. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.
FIRST-EPSS: 0.001460000
NVD-IS: 5.9
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2009-3960
DESCRIPTION: Exploit Observer has 6 entries related to CVE-2009-3960. Unspecified vulnerability in BlazeDS 3.2 and earlier, as used in LiveCycle 8.0.1, 8.2.1, and 9.0, LiveCycle Data Services 2.5.1, 2.6.1, and 3.0, Flex Data Services 2.0.1, and ColdFusion 7.0.2, 8.0, 8.0.1, and 9.0, allows remote attackers to obtain sensitive information via vectors that are associated with a request, and related to injected tags and external entity references in XML documents.
FIRST-EPSS: 0.969230000
NVD-IS: 2.9
NVD-ES: 8.6
CVE-2009-3960
DESCRIPTION: Exploit Observer has 6 entries related to CVE-2009-3960. Unspecified vulnerability in BlazeDS 3.2 and earlier, as used in LiveCycle 8.0.1, 8.2.1, and 9.0, LiveCycle Data Services 2.5.1, 2.6.1, and 3.0, Flex Data Services 2.0.1, and ColdFusion 7.0.2, 8.0, 8.0.1, and 9.0, allows remote attackers to obtain sensitive information via vectors that are associated with a request, and related to injected tags and external entity references in XML documents.
FIRST-EPSS: 0.969230000
NVD-IS: 2.9
NVD-ES: 8.6
#ExploitObserverAlert
CVE-2013-2251
DESCRIPTION: Exploit Observer has 69 entries related to CVE-2013-2251. Apache Struts 2.0.0 through 2.3.15 allows remote attackers to execute arbitrary OGNL expressions via a parameter with a crafted (1) action:, (2) redirect:, or (3) redirectAction: prefix.
FIRST-EPSS: 0.974320000
NVD-IS: 10.0
NVD-ES: 8.6
CVE-2013-2251
DESCRIPTION: Exploit Observer has 69 entries related to CVE-2013-2251. Apache Struts 2.0.0 through 2.3.15 allows remote attackers to execute arbitrary OGNL expressions via a parameter with a crafted (1) action:, (2) redirect:, or (3) redirectAction: prefix.
FIRST-EPSS: 0.974320000
NVD-IS: 10.0
NVD-ES: 8.6
#ExploitObserverAlert
CVE-2017-6742
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2017-6742. The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS 12.0 through 12.4 and 15.0 through 15.6 and IOS XE 2.2 through 3.17 contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload. An attacker could exploit these vulnerabilities by sending a crafted SNMP packet to an affected system via IPv4 or IPv6. Only traffic directed to an affected system can be used to exploit these vulnerabilities. The vulnerabilities are due to a buffer overflow condition in the SNMP subsystem of the affected software. The vulnerabilities affect all versions of SNMP: Versions 1, 2c, and 3. To exploit these vulnerabilities via SNMP Version 2c or earlier, the attacker must know the SNMP read-only community string for the affected system. To exploit these vulnerabilities via SNMP Version 3, the attacker must have user credentials for the affected system. All devices that have enabled SNMP and have not explicitly excluded the affected MIBs or OIDs should be considered vulnerable. Cisco Bug IDs: CSCve54313.
FIRST-EPSS: 0.006270000
NVD-IS: 5.9
NVD-ES: 2.8
CVE-2017-6742
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2017-6742. The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS 12.0 through 12.4 and 15.0 through 15.6 and IOS XE 2.2 through 3.17 contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload. An attacker could exploit these vulnerabilities by sending a crafted SNMP packet to an affected system via IPv4 or IPv6. Only traffic directed to an affected system can be used to exploit these vulnerabilities. The vulnerabilities are due to a buffer overflow condition in the SNMP subsystem of the affected software. The vulnerabilities affect all versions of SNMP: Versions 1, 2c, and 3. To exploit these vulnerabilities via SNMP Version 2c or earlier, the attacker must know the SNMP read-only community string for the affected system. To exploit these vulnerabilities via SNMP Version 3, the attacker must have user credentials for the affected system. All devices that have enabled SNMP and have not explicitly excluded the affected MIBs or OIDs should be considered vulnerable. Cisco Bug IDs: CSCve54313.
FIRST-EPSS: 0.006270000
NVD-IS: 5.9
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2020-15999
DESCRIPTION: Exploit Observer has 31 entries related to CVE-2020-15999. Heap buffer overflow in Freetype in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
FIRST-EPSS: 0.052940000
NVD-IS: 3.6
NVD-ES: 2.8
CVE-2020-15999
DESCRIPTION: Exploit Observer has 31 entries related to CVE-2020-15999. Heap buffer overflow in Freetype in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
FIRST-EPSS: 0.052940000
NVD-IS: 3.6
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2020-4427
DESCRIPTION: Exploit Observer has 6 entries related to CVE-2020-4427. IBM Data Risk Manager 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, and 2.0.6 could allow a remote attacker to bypass security restrictions when configured with SAML authentication. By sending a specially crafted HTTP request, an attacker could exploit this vulnerability to bypass the authentication process and gain full administrative access to the system. IBM X-Force ID: 180532.
FIRST-EPSS: 0.009980000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2020-4427
DESCRIPTION: Exploit Observer has 6 entries related to CVE-2020-4427. IBM Data Risk Manager 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, and 2.0.6 could allow a remote attacker to bypass security restrictions when configured with SAML authentication. By sending a specially crafted HTTP request, an attacker could exploit this vulnerability to bypass the authentication process and gain full administrative access to the system. IBM X-Force ID: 180532.
FIRST-EPSS: 0.009980000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2013-0625
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2013-0625. Adobe ColdFusion 9.0, 9.0.1, and 9.0.2, when a password is not configured, allows remote attackers to bypass authentication and possibly execute arbitrary code via unspecified vectors, as exploited in the wild in January 2013.
FIRST-EPSS: 0.861850000
NVD-IS: 6.4
NVD-ES: 8.6
CVE-2013-0625
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2013-0625. Adobe ColdFusion 9.0, 9.0.1, and 9.0.2, when a password is not configured, allows remote attackers to bypass authentication and possibly execute arbitrary code via unspecified vectors, as exploited in the wild in January 2013.
FIRST-EPSS: 0.861850000
NVD-IS: 6.4
NVD-ES: 8.6