#ExploitObserverAlert
CVE-2021-30665
DESCRIPTION: Exploit Observer has 7 entries related to CVE-2021-30665. A memory corruption issue was addressed with improved state management. This issue is fixed in watchOS 7.4.1, iOS 14.5.1 and iPadOS 14.5.1, tvOS 14.6, iOS 12.5.3, macOS Big Sur 11.3.1. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited..
FIRST-EPSS: 0.002910000
NVD-IS: 5.9
NVD-ES: 2.8
CVE-2021-30665
DESCRIPTION: Exploit Observer has 7 entries related to CVE-2021-30665. A memory corruption issue was addressed with improved state management. This issue is fixed in watchOS 7.4.1, iOS 14.5.1 and iPadOS 14.5.1, tvOS 14.6, iOS 12.5.3, macOS Big Sur 11.3.1. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited..
FIRST-EPSS: 0.002910000
NVD-IS: 5.9
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2020-14883
DESCRIPTION: Exploit Observer has 53 entries related to CVE-2020-14883. Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Console). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.1 Base Score 7.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H).
FIRST-EPSS: 0.972700000
NVD-IS: 5.9
NVD-ES: 1.2
CVE-2020-14883
DESCRIPTION: Exploit Observer has 53 entries related to CVE-2020-14883. Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Console). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.1 Base Score 7.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H).
FIRST-EPSS: 0.972700000
NVD-IS: 5.9
NVD-ES: 1.2
#ExploitObserverAlert
CVE-2020-12641
DESCRIPTION: Exploit Observer has 7 entries related to CVE-2020-12641. rcube_image.php in Roundcube Webmail before 1.4.4 allows attackers to execute arbitrary code via shell metacharacters in a configuration setting for im_convert_path or im_identify_path.
FIRST-EPSS: 0.076610000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2020-12641
DESCRIPTION: Exploit Observer has 7 entries related to CVE-2020-12641. rcube_image.php in Roundcube Webmail before 1.4.4 allows attackers to execute arbitrary code via shell metacharacters in a configuration setting for im_convert_path or im_identify_path.
FIRST-EPSS: 0.076610000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2016-7262
DESCRIPTION: Exploit Observer has 6 entries related to CVE-2016-7262. Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Office Compatibility Pack SP3, and Excel Viewer allow user-assisted remote attackers to execute arbitrary commands via a crafted cell that is mishandled upon a click, aka "Microsoft Office Security Feature Bypass Vulnerability."
FIRST-EPSS: 0.927320000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2016-7262
DESCRIPTION: Exploit Observer has 6 entries related to CVE-2016-7262. Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Office Compatibility Pack SP3, and Excel Viewer allow user-assisted remote attackers to execute arbitrary commands via a crafted cell that is mishandled upon a click, aka "Microsoft Office Security Feature Bypass Vulnerability."
FIRST-EPSS: 0.927320000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2020-9907
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2020-9907. A memory corruption issue was addressed by removing the vulnerable code. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8. An application may be able to execute arbitrary code with kernel privileges.
FIRST-EPSS: 0.001880000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2020-9907
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2020-9907. A memory corruption issue was addressed by removing the vulnerable code. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8. An application may be able to execute arbitrary code with kernel privileges.
FIRST-EPSS: 0.001880000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2019-16256
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2019-16256. Some Samsung devices include the SIMalliance Toolbox Browser (aka S@T Browser) on the UICC, which might allow remote attackers to retrieve location and IMEI information, or retrieve other data or execute certain commands, via SIM Toolkit (STK) instructions in an SMS message, aka Simjacker.
FIRST-EPSS: 0.044170000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2019-16256
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2019-16256. Some Samsung devices include the SIMalliance Toolbox Browser (aka S@T Browser) on the UICC, which might allow remote attackers to retrieve location and IMEI information, or retrieve other data or execute certain commands, via SIM Toolkit (STK) instructions in an SMS message, aka Simjacker.
FIRST-EPSS: 0.044170000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2020-11652
DESCRIPTION: Exploit Observer has 53 entries related to CVE-2020-11652. An issue was discovered in SaltStack Salt before 2019.2.4 and 3000 before 3000.2. The salt-master process ClearFuncs class allows access to some methods that improperly sanitize paths. These methods allow arbitrary directory access to authenticated users.
FIRST-EPSS: 0.973530000
NVD-IS: 3.6
NVD-ES: 2.8
CVE-2020-11652
DESCRIPTION: Exploit Observer has 53 entries related to CVE-2020-11652. An issue was discovered in SaltStack Salt before 2019.2.4 and 3000 before 3000.2. The salt-master process ClearFuncs class allows access to some methods that improperly sanitize paths. These methods allow arbitrary directory access to authenticated users.
FIRST-EPSS: 0.973530000
NVD-IS: 3.6
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2022-26923
DESCRIPTION: Exploit Observer has 69 entries related to CVE-2022-26923. Active Directory Domain Services Elevation of Privilege Vulnerability.
FIRST-EPSS: 0.006670000
NVD-IS: 5.9
NVD-ES: 2.8
CVE-2022-26923
DESCRIPTION: Exploit Observer has 69 entries related to CVE-2022-26923. Active Directory Domain Services Elevation of Privilege Vulnerability.
FIRST-EPSS: 0.006670000
NVD-IS: 5.9
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2013-3897
DESCRIPTION: Exploit Observer has 6 entries related to CVE-2013-3897. Use-after-free vulnerability in the CDisplayPointer class in mshtml.dll in Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted JavaScript code that uses the onpropertychange event handler, as exploited in the wild in September and October 2013, aka "Internet Explorer Memory Corruption Vulnerability."
FIRST-EPSS: 0.964320000
NVD-IS: 10.0
NVD-ES: 8.6
CVE-2013-3897
DESCRIPTION: Exploit Observer has 6 entries related to CVE-2013-3897. Use-after-free vulnerability in the CDisplayPointer class in mshtml.dll in Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted JavaScript code that uses the onpropertychange event handler, as exploited in the wild in September and October 2013, aka "Internet Explorer Memory Corruption Vulnerability."
FIRST-EPSS: 0.964320000
NVD-IS: 10.0
NVD-ES: 8.6
#ExploitObserverAlert
CVE-2018-10933
DESCRIPTION: Exploit Observer has 110 entries related to CVE-2018-10933. A vulnerability was found in libssh's server-side state machine before versions 0.7.6 and 0.8.4. A malicious client could create channels without first performing authentication, resulting in unauthorized access.
FIRST-EPSS: 0.111640000
NVD-IS: 5.2
NVD-ES: 3.9
CVE-2018-10933
DESCRIPTION: Exploit Observer has 110 entries related to CVE-2018-10933. A vulnerability was found in libssh's server-side state machine before versions 0.7.6 and 0.8.4. A malicious client could create channels without first performing authentication, resulting in unauthorized access.
FIRST-EPSS: 0.111640000
NVD-IS: 5.2
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2019-1064
DESCRIPTION: Exploit Observer has 19 entries related to CVE-2019-1064. An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links, aka 'Windows Elevation of Privilege Vulnerability'.
FIRST-EPSS: 0.888110000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2019-1064
DESCRIPTION: Exploit Observer has 19 entries related to CVE-2019-1064. An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links, aka 'Windows Elevation of Privilege Vulnerability'.
FIRST-EPSS: 0.888110000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2015-8651
DESCRIPTION: Exploit Observer has 17 entries related to CVE-2015-8651. Integer overflow in Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux, Adobe AIR before 20.0.0.233, Adobe AIR SDK before 20.0.0.233, and Adobe AIR SDK
CVE-2015-8651
DESCRIPTION: Exploit Observer has 17 entries related to CVE-2015-8651. Integer overflow in Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux, Adobe AIR before 20.0.0.233, Adobe AIR SDK before 20.0.0.233, and Adobe AIR SDK
#ExploitObserverAlert
CVE-2020-3118
DESCRIPTION: Exploit Observer has 5 entries related to CVE-2020-3118. A vulnerability in the Cisco Discovery Protocol implementation for Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to execute arbitrary code or cause a reload on an affected device. The vulnerability is due to improper validation of string input from certain fields in Cisco Discovery Protocol messages. An attacker could exploit this vulnerability by sending a malicious Cisco Discovery Protocol packet to an affected device. A successful exploit could allow the attacker to cause a stack overflow, which could allow the attacker to execute arbitrary code with administrative privileges on an affected device. Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent).
FIRST-EPSS: 0.002190000
NVD-IS: 5.9
NVD-ES: 2.8
CVE-2020-3118
DESCRIPTION: Exploit Observer has 5 entries related to CVE-2020-3118. A vulnerability in the Cisco Discovery Protocol implementation for Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to execute arbitrary code or cause a reload on an affected device. The vulnerability is due to improper validation of string input from certain fields in Cisco Discovery Protocol messages. An attacker could exploit this vulnerability by sending a malicious Cisco Discovery Protocol packet to an affected device. A successful exploit could allow the attacker to cause a stack overflow, which could allow the attacker to execute arbitrary code with administrative privileges on an affected device. Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent).
FIRST-EPSS: 0.002190000
NVD-IS: 5.9
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2021-30807
DESCRIPTION: Exploit Observer has 17 entries related to CVE-2021-30807. A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Big Sur 11.5.1, iOS 14.7.1 and iPadOS 14.7.1, watchOS 7.6.1. An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited.
FIRST-EPSS: 0.000830000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2021-30807
DESCRIPTION: Exploit Observer has 17 entries related to CVE-2021-30807. A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Big Sur 11.5.1, iOS 14.7.1 and iPadOS 14.7.1, watchOS 7.6.1. An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited.
FIRST-EPSS: 0.000830000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2021-3493
DESCRIPTION: Exploit Observer has 83 entries related to CVE-2021-3493. The overlayfs implementation in the linux kernel did not properly validate with respect to user namespaces the setting of file capabilities on files in an underlying file system. Due to the combination of unprivileged user namespaces along with a patch carried in the Ubuntu kernel to allow unprivileged overlay mounts, an attacker could use this to gain elevated privileges.
FIRST-EPSS: 0.005820000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2021-3493
DESCRIPTION: Exploit Observer has 83 entries related to CVE-2021-3493. The overlayfs implementation in the linux kernel did not properly validate with respect to user namespaces the setting of file capabilities on files in an underlying file system. Due to the combination of unprivileged user namespaces along with a patch carried in the Ubuntu kernel to allow unprivileged overlay mounts, an attacker could use this to gain elevated privileges.
FIRST-EPSS: 0.005820000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2022-41678
DESCRIPTION: Exploit Observer has 4 entries related to CVE-2022-41678. Once an user is authenticated on Jolokia, he can potentially trigger arbitrary code execution. In details, in ActiveMQ configurations, jetty allows org.jolokia.http.AgentServlet to handler request to /api/jolokia org.jolokia.http.HttpRequestHandler
CVE-2022-41678
DESCRIPTION: Exploit Observer has 4 entries related to CVE-2022-41678. Once an user is authenticated on Jolokia, he can potentially trigger arbitrary code execution. In details, in ActiveMQ configurations, jetty allows org.jolokia.http.AgentServlet to handler request to /api/jolokia org.jolokia.http.HttpRequestHandler
#ExploitObserverAlert
CVE-2020-0796
DESCRIPTION: Exploit Observer has 376 entries related to CVE-2020-0796. A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 3.1.1 (SMBv3) protocol handles certain requests, aka 'Windows SMBv3 Client/Server Remote Code Execution Vulnerability'.
FIRST-EPSS: 0.974840000
NVD-IS: 6.0
NVD-ES: 3.9
CVE-2020-0796
DESCRIPTION: Exploit Observer has 376 entries related to CVE-2020-0796. A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 3.1.1 (SMBv3) protocol handles certain requests, aka 'Windows SMBv3 Client/Server Remote Code Execution Vulnerability'.
FIRST-EPSS: 0.974840000
NVD-IS: 6.0
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2023-4863
DESCRIPTION: Exploit Observer has 65 entries related to CVE-2023-4863. Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Critical)
FIRST-EPSS: 0.410100000
NVD-IS: 5.9
NVD-ES: 2.8
CVE-2023-4863
DESCRIPTION: Exploit Observer has 65 entries related to CVE-2023-4863. Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Critical)
FIRST-EPSS: 0.410100000
NVD-IS: 5.9
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2022-24086
DESCRIPTION: Exploit Observer has 32 entries related to CVE-2022-24086. Adobe Commerce versions 2.4.3-p1 (and earlier) and 2.3.7-p2 (and earlier) are affected by an improper input validation vulnerability during the checkout process. Exploitation of this issue does not require user interaction and could result in arbitrary code execution.
FIRST-EPSS: 0.264450000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2022-24086
DESCRIPTION: Exploit Observer has 32 entries related to CVE-2022-24086. Adobe Commerce versions 2.4.3-p1 (and earlier) and 2.3.7-p2 (and earlier) are affected by an improper input validation vulnerability during the checkout process. Exploitation of this issue does not require user interaction and could result in arbitrary code execution.
FIRST-EPSS: 0.264450000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2020-1147
DESCRIPTION: Exploit Observer has 18 entries related to CVE-2020-1147. A remote code execution vulnerability exists in .NET Framework, Microsoft SharePoint, and Visual Studio when the software fails to check the source markup of XML file input, aka '.NET Framework, SharePoint Server, and Visual Studio Remote Code Execution Vulnerability'.
FIRST-EPSS: 0.904190000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2020-1147
DESCRIPTION: Exploit Observer has 18 entries related to CVE-2020-1147. A remote code execution vulnerability exists in .NET Framework, Microsoft SharePoint, and Visual Studio when the software fails to check the source markup of XML file input, aka '.NET Framework, SharePoint Server, and Visual Studio Remote Code Execution Vulnerability'.
FIRST-EPSS: 0.904190000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2014-0160
DESCRIPTION: Exploit Observer has 660 entries related to CVE-2014-0160. The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as demonstrated by reading private keys, related to d1_both.c and t1_lib.c, aka the Heartbleed bug.
FIRST-EPSS: 0.975310000
NVD-IS: 3.6
NVD-ES: 3.9
CVE-2014-0160
DESCRIPTION: Exploit Observer has 660 entries related to CVE-2014-0160. The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as demonstrated by reading private keys, related to d1_both.c and t1_lib.c, aka the Heartbleed bug.
FIRST-EPSS: 0.975310000
NVD-IS: 3.6
NVD-ES: 3.9