#ExploitObserverAlert
CVE-2022-41128
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2022-41128. Windows Scripting Languages Remote Code Execution Vulnerability
FIRST-EPSS: 0.209220000
NVD-IS: 5.9
NVD-ES: 2.8
CVE-2022-41128
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2022-41128. Windows Scripting Languages Remote Code Execution Vulnerability
FIRST-EPSS: 0.209220000
NVD-IS: 5.9
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2014-0196
DESCRIPTION: Exploit Observer has 73 entries related to CVE-2014-0196. The n_tty_write function in drivers/tty/n_tty.c in the Linux kernel through 3.14.3 does not properly manage tty driver access in the "LECHO
CVE-2014-0196
DESCRIPTION: Exploit Observer has 73 entries related to CVE-2014-0196. The n_tty_write function in drivers/tty/n_tty.c in the Linux kernel through 3.14.3 does not properly manage tty driver access in the "LECHO
#ExploitObserverAlert
CVE-2016-5195
DESCRIPTION: Exploit Observer has 561 entries related to CVE-2016-5195. Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by leveraging incorrect handling of a copy-on-write (COW) feature to write to a read-only memory mapping, as exploited in the wild in October 2016, aka "Dirty COW."
FIRST-EPSS: 0.879360000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2016-5195
DESCRIPTION: Exploit Observer has 561 entries related to CVE-2016-5195. Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by leveraging incorrect handling of a copy-on-write (COW) feature to write to a read-only memory mapping, as exploited in the wild in October 2016, aka "Dirty COW."
FIRST-EPSS: 0.879360000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2009-0563
DESCRIPTION: Exploit Observer has 9 entries related to CVE-2009-0563. Stack-based buffer overflow in Microsoft Office Word 2002 SP3, 2003 SP3, and 2007 SP1 and SP2; Microsoft Office for Mac 2004 and 2008; Open XML File Format Converter for Mac; Microsoft Office Word Viewer 2003 SP3; Microsoft Office Word Viewer; and Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2 allows remote attackers to execute arbitrary code via a Word document with a crafted tag containing an invalid length field, aka "Word Buffer Overflow Vulnerability."
FIRST-EPSS: 0.863270000
NVD-IS: 10.0
NVD-ES: 8.6
CVE-2009-0563
DESCRIPTION: Exploit Observer has 9 entries related to CVE-2009-0563. Stack-based buffer overflow in Microsoft Office Word 2002 SP3, 2003 SP3, and 2007 SP1 and SP2; Microsoft Office for Mac 2004 and 2008; Open XML File Format Converter for Mac; Microsoft Office Word Viewer 2003 SP3; Microsoft Office Word Viewer; and Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2 allows remote attackers to execute arbitrary code via a Word document with a crafted tag containing an invalid length field, aka "Word Buffer Overflow Vulnerability."
FIRST-EPSS: 0.863270000
NVD-IS: 10.0
NVD-ES: 8.6
#ExploitObserverAlert
CVE-2019-0903
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2019-0903. A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory, aka 'GDI Remote Code Execution Vulnerability'.
FIRST-EPSS: 0.041510000
NVD-IS: 5.9
NVD-ES: 2.8
CVE-2019-0903
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2019-0903. A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory, aka 'GDI Remote Code Execution Vulnerability'.
FIRST-EPSS: 0.041510000
NVD-IS: 5.9
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2020-0938
DESCRIPTION: Exploit Observer has 9 entries related to CVE-2020-0938. A remote code execution vulnerability exists in Microsoft Windows when the Windows Adobe Type Manager Library improperly handles a specially-crafted multi-master font - Adobe Type 1 PostScript format.For all systems except Windows 10, an attacker who successfully exploited the vulnerability could execute code remotely, aka 'Adobe Font Manager Library Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1020.
FIRST-EPSS: 0.939960000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2020-0938
DESCRIPTION: Exploit Observer has 9 entries related to CVE-2020-0938. A remote code execution vulnerability exists in Microsoft Windows when the Windows Adobe Type Manager Library improperly handles a specially-crafted multi-master font - Adobe Type 1 PostScript format.For all systems except Windows 10, an attacker who successfully exploited the vulnerability could execute code remotely, aka 'Adobe Font Manager Library Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1020.
FIRST-EPSS: 0.939960000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2022-30190
DESCRIPTION: Exploit Observer has 317 entries related to CVE-2022-30190. Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability.
FIRST-EPSS: 0.973000000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2022-30190
DESCRIPTION: Exploit Observer has 317 entries related to CVE-2022-30190. Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability.
FIRST-EPSS: 0.973000000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2021-30883
DESCRIPTION: Exploit Observer has 11 entries related to CVE-2021-30883. A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 15.0.2 and iPadOS 15.0.2, macOS Monterey 12.0.1, iOS 14.8.1 and iPadOS 14.8.1, tvOS 15.1, watchOS 8.1, macOS Big Sur 11.6.1. An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited..
FIRST-EPSS: 0.001940000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2021-30883
DESCRIPTION: Exploit Observer has 11 entries related to CVE-2021-30883. A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 15.0.2 and iPadOS 15.0.2, macOS Monterey 12.0.1, iOS 14.8.1 and iPadOS 14.8.1, tvOS 15.1, watchOS 8.1, macOS Big Sur 11.6.1. An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited..
FIRST-EPSS: 0.001940000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2012-2034
DESCRIPTION: Exploit Observer has 4 entries related to CVE-2012-2034. Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on Linux; before 11.1.111.10 on Android 2.x and 3.x; and before 11.1.115.9 on Android 4.x, and Adobe AIR before 3.3.0.3610, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-2037.
FIRST-EPSS: 0.014240000
NVD-IS: 10.0
NVD-ES: 8.6
CVE-2012-2034
DESCRIPTION: Exploit Observer has 4 entries related to CVE-2012-2034. Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on Linux; before 11.1.111.10 on Android 2.x and 3.x; and before 11.1.115.9 on Android 4.x, and Adobe AIR before 3.3.0.3610, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-2037.
FIRST-EPSS: 0.014240000
NVD-IS: 10.0
NVD-ES: 8.6
#ExploitObserverAlert
CVE-2021-30665
DESCRIPTION: Exploit Observer has 7 entries related to CVE-2021-30665. A memory corruption issue was addressed with improved state management. This issue is fixed in watchOS 7.4.1, iOS 14.5.1 and iPadOS 14.5.1, tvOS 14.6, iOS 12.5.3, macOS Big Sur 11.3.1. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited..
FIRST-EPSS: 0.002910000
NVD-IS: 5.9
NVD-ES: 2.8
CVE-2021-30665
DESCRIPTION: Exploit Observer has 7 entries related to CVE-2021-30665. A memory corruption issue was addressed with improved state management. This issue is fixed in watchOS 7.4.1, iOS 14.5.1 and iPadOS 14.5.1, tvOS 14.6, iOS 12.5.3, macOS Big Sur 11.3.1. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited..
FIRST-EPSS: 0.002910000
NVD-IS: 5.9
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2020-14883
DESCRIPTION: Exploit Observer has 53 entries related to CVE-2020-14883. Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Console). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.1 Base Score 7.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H).
FIRST-EPSS: 0.972700000
NVD-IS: 5.9
NVD-ES: 1.2
CVE-2020-14883
DESCRIPTION: Exploit Observer has 53 entries related to CVE-2020-14883. Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Console). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.1 Base Score 7.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H).
FIRST-EPSS: 0.972700000
NVD-IS: 5.9
NVD-ES: 1.2
#ExploitObserverAlert
CVE-2020-12641
DESCRIPTION: Exploit Observer has 7 entries related to CVE-2020-12641. rcube_image.php in Roundcube Webmail before 1.4.4 allows attackers to execute arbitrary code via shell metacharacters in a configuration setting for im_convert_path or im_identify_path.
FIRST-EPSS: 0.076610000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2020-12641
DESCRIPTION: Exploit Observer has 7 entries related to CVE-2020-12641. rcube_image.php in Roundcube Webmail before 1.4.4 allows attackers to execute arbitrary code via shell metacharacters in a configuration setting for im_convert_path or im_identify_path.
FIRST-EPSS: 0.076610000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2016-7262
DESCRIPTION: Exploit Observer has 6 entries related to CVE-2016-7262. Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Office Compatibility Pack SP3, and Excel Viewer allow user-assisted remote attackers to execute arbitrary commands via a crafted cell that is mishandled upon a click, aka "Microsoft Office Security Feature Bypass Vulnerability."
FIRST-EPSS: 0.927320000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2016-7262
DESCRIPTION: Exploit Observer has 6 entries related to CVE-2016-7262. Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Office Compatibility Pack SP3, and Excel Viewer allow user-assisted remote attackers to execute arbitrary commands via a crafted cell that is mishandled upon a click, aka "Microsoft Office Security Feature Bypass Vulnerability."
FIRST-EPSS: 0.927320000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2020-9907
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2020-9907. A memory corruption issue was addressed by removing the vulnerable code. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8. An application may be able to execute arbitrary code with kernel privileges.
FIRST-EPSS: 0.001880000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2020-9907
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2020-9907. A memory corruption issue was addressed by removing the vulnerable code. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8. An application may be able to execute arbitrary code with kernel privileges.
FIRST-EPSS: 0.001880000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2019-16256
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2019-16256. Some Samsung devices include the SIMalliance Toolbox Browser (aka S@T Browser) on the UICC, which might allow remote attackers to retrieve location and IMEI information, or retrieve other data or execute certain commands, via SIM Toolkit (STK) instructions in an SMS message, aka Simjacker.
FIRST-EPSS: 0.044170000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2019-16256
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2019-16256. Some Samsung devices include the SIMalliance Toolbox Browser (aka S@T Browser) on the UICC, which might allow remote attackers to retrieve location and IMEI information, or retrieve other data or execute certain commands, via SIM Toolkit (STK) instructions in an SMS message, aka Simjacker.
FIRST-EPSS: 0.044170000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2020-11652
DESCRIPTION: Exploit Observer has 53 entries related to CVE-2020-11652. An issue was discovered in SaltStack Salt before 2019.2.4 and 3000 before 3000.2. The salt-master process ClearFuncs class allows access to some methods that improperly sanitize paths. These methods allow arbitrary directory access to authenticated users.
FIRST-EPSS: 0.973530000
NVD-IS: 3.6
NVD-ES: 2.8
CVE-2020-11652
DESCRIPTION: Exploit Observer has 53 entries related to CVE-2020-11652. An issue was discovered in SaltStack Salt before 2019.2.4 and 3000 before 3000.2. The salt-master process ClearFuncs class allows access to some methods that improperly sanitize paths. These methods allow arbitrary directory access to authenticated users.
FIRST-EPSS: 0.973530000
NVD-IS: 3.6
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2022-26923
DESCRIPTION: Exploit Observer has 69 entries related to CVE-2022-26923. Active Directory Domain Services Elevation of Privilege Vulnerability.
FIRST-EPSS: 0.006670000
NVD-IS: 5.9
NVD-ES: 2.8
CVE-2022-26923
DESCRIPTION: Exploit Observer has 69 entries related to CVE-2022-26923. Active Directory Domain Services Elevation of Privilege Vulnerability.
FIRST-EPSS: 0.006670000
NVD-IS: 5.9
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2013-3897
DESCRIPTION: Exploit Observer has 6 entries related to CVE-2013-3897. Use-after-free vulnerability in the CDisplayPointer class in mshtml.dll in Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted JavaScript code that uses the onpropertychange event handler, as exploited in the wild in September and October 2013, aka "Internet Explorer Memory Corruption Vulnerability."
FIRST-EPSS: 0.964320000
NVD-IS: 10.0
NVD-ES: 8.6
CVE-2013-3897
DESCRIPTION: Exploit Observer has 6 entries related to CVE-2013-3897. Use-after-free vulnerability in the CDisplayPointer class in mshtml.dll in Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted JavaScript code that uses the onpropertychange event handler, as exploited in the wild in September and October 2013, aka "Internet Explorer Memory Corruption Vulnerability."
FIRST-EPSS: 0.964320000
NVD-IS: 10.0
NVD-ES: 8.6
#ExploitObserverAlert
CVE-2018-10933
DESCRIPTION: Exploit Observer has 110 entries related to CVE-2018-10933. A vulnerability was found in libssh's server-side state machine before versions 0.7.6 and 0.8.4. A malicious client could create channels without first performing authentication, resulting in unauthorized access.
FIRST-EPSS: 0.111640000
NVD-IS: 5.2
NVD-ES: 3.9
CVE-2018-10933
DESCRIPTION: Exploit Observer has 110 entries related to CVE-2018-10933. A vulnerability was found in libssh's server-side state machine before versions 0.7.6 and 0.8.4. A malicious client could create channels without first performing authentication, resulting in unauthorized access.
FIRST-EPSS: 0.111640000
NVD-IS: 5.2
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2019-1064
DESCRIPTION: Exploit Observer has 19 entries related to CVE-2019-1064. An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links, aka 'Windows Elevation of Privilege Vulnerability'.
FIRST-EPSS: 0.888110000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2019-1064
DESCRIPTION: Exploit Observer has 19 entries related to CVE-2019-1064. An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links, aka 'Windows Elevation of Privilege Vulnerability'.
FIRST-EPSS: 0.888110000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2015-8651
DESCRIPTION: Exploit Observer has 17 entries related to CVE-2015-8651. Integer overflow in Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux, Adobe AIR before 20.0.0.233, Adobe AIR SDK before 20.0.0.233, and Adobe AIR SDK
CVE-2015-8651
DESCRIPTION: Exploit Observer has 17 entries related to CVE-2015-8651. Integer overflow in Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux, Adobe AIR before 20.0.0.233, Adobe AIR SDK before 20.0.0.233, and Adobe AIR SDK