#ExploitObserverAlert
CVE-2020-12352
DESCRIPTION: Exploit Observer has 13 entries related to CVE-2020-12352. Improper access control in BlueZ may allow an unauthenticated user to potentially enable information disclosure via adjacent access.
FIRST-EPSS: 0.002190000
NVD-IS: 3.6
NVD-ES: 2.8
CVE-2020-12352
DESCRIPTION: Exploit Observer has 13 entries related to CVE-2020-12352. Improper access control in BlueZ may allow an unauthenticated user to potentially enable information disclosure via adjacent access.
FIRST-EPSS: 0.002190000
NVD-IS: 3.6
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2020-24490
DESCRIPTION: Exploit Observer has 10 entries related to CVE-2020-24490. Improper buffer restrictions in BlueZ may allow an unauthenticated user to potentially enable denial of service via adjacent access. This affects all Linux kernel versions that support BlueZ.
FIRST-EPSS: 0.000620000
NVD-IS: 3.6
NVD-ES: 2.8
CVE-2020-24490
DESCRIPTION: Exploit Observer has 10 entries related to CVE-2020-24490. Improper buffer restrictions in BlueZ may allow an unauthenticated user to potentially enable denial of service via adjacent access. This affects all Linux kernel versions that support BlueZ.
FIRST-EPSS: 0.000620000
NVD-IS: 3.6
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2017-7494
DESCRIPTION: Exploit Observer has 265 entries related to CVE-2017-7494. Samba since version 3.5.0 and before 4.6.4, 4.5.10 and 4.4.14 is vulnerable to remote code execution vulnerability, allowing a malicious client to upload a shared library to a writable share, and then cause the server to load and execute it.
FIRST-EPSS: 0.972640000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2017-7494
DESCRIPTION: Exploit Observer has 265 entries related to CVE-2017-7494. Samba since version 3.5.0 and before 4.6.4, 4.5.10 and 4.4.14 is vulnerable to remote code execution vulnerability, allowing a malicious client to upload a shared library to a writable share, and then cause the server to load and execute it.
FIRST-EPSS: 0.972640000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2017-8715
DESCRIPTION: Exploit Observer has 40 entries related to CVE-2017-8715. The Microsoft Device Guard on Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows a security feature bypass by the way it handles Windows PowerShell sessions, aka "Windows Security Feature Bypass".
FIRST-EPSS: 0.000580000
NVD-IS: 3.4
NVD-ES: 1.8
CVE-2017-8715
DESCRIPTION: Exploit Observer has 40 entries related to CVE-2017-8715. The Microsoft Device Guard on Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows a security feature bypass by the way it handles Windows PowerShell sessions, aka "Windows Security Feature Bypass".
FIRST-EPSS: 0.000580000
NVD-IS: 3.4
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2018-18619
DESCRIPTION: Exploit Observer has 5 entries related to CVE-2018-18619. internal/advanced_comment_system/admin.php in Advanced Comment System 1.0 is prone to an SQL injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query, allowing remote attackers to execute the sqli attack via a URL in the "page" parameter. NOTE: The product is discontinued.
FIRST-EPSS: 0.005080000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2018-18619
DESCRIPTION: Exploit Observer has 5 entries related to CVE-2018-18619. internal/advanced_comment_system/admin.php in Advanced Comment System 1.0 is prone to an SQL injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query, allowing remote attackers to execute the sqli attack via a URL in the "page" parameter. NOTE: The product is discontinued.
FIRST-EPSS: 0.005080000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2018-8210
DESCRIPTION: Exploit Observer has 39 entries related to CVE-2018-8210. A remote code execution vulnerability exists when Windows improperly handles objects in memory, aka "Windows Remote Code Execution Vulnerability." This affects Windows Server 2012 R2, Windows RT 8.1, Windows Server 2012, Windows Server 2016, Windows 8.1, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-8213.
FIRST-EPSS: 0.083790000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2018-8210
DESCRIPTION: Exploit Observer has 39 entries related to CVE-2018-8210. A remote code execution vulnerability exists when Windows improperly handles objects in memory, aka "Windows Remote Code Execution Vulnerability." This affects Windows Server 2012 R2, Windows RT 8.1, Windows Server 2012, Windows Server 2016, Windows 8.1, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-8213.
FIRST-EPSS: 0.083790000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2017-0218
DESCRIPTION: Exploit Observer has 37 entries related to CVE-2017-0218. Microsoft Windows 10 Gold, Windows 10 1511, Windows 10 1607, and Windows Server 2016 allow an attacker to exploit a security feature bypass vulnerability in Device Guard that could allow the attacker to inject malicious code into a Windows PowerShell session, aka "Device Guard Code Integrity Policy Security Feature Bypass Vulnerability." This CVE ID is unique from CVE-2017-0173, CVE-2017-0215, CVE-2017-0216, and CVE-2017-0219.
FIRST-EPSS: 0.000540000
NVD-IS: 3.4
NVD-ES: 1.8
CVE-2017-0218
DESCRIPTION: Exploit Observer has 37 entries related to CVE-2017-0218. Microsoft Windows 10 Gold, Windows 10 1511, Windows 10 1607, and Windows Server 2016 allow an attacker to exploit a security feature bypass vulnerability in Device Guard that could allow the attacker to inject malicious code into a Windows PowerShell session, aka "Device Guard Code Integrity Policy Security Feature Bypass Vulnerability." This CVE ID is unique from CVE-2017-0173, CVE-2017-0215, CVE-2017-0216, and CVE-2017-0219.
FIRST-EPSS: 0.000540000
NVD-IS: 3.4
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2022-26755
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2022-26755. This issue was addressed with improved environment sanitization. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4, macOS Big Sur 11.6.6. A malicious application may be able to break out of its sandbox.
FIRST-EPSS: 0.000560000
NVD-IS: 4.0
NVD-ES: 1.8
CVE-2022-26755
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2022-26755. This issue was addressed with improved environment sanitization. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4, macOS Big Sur 11.6.6. A malicious application may be able to break out of its sandbox.
FIRST-EPSS: 0.000560000
NVD-IS: 4.0
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2009-2698
DESCRIPTION: Exploit Observer has 59 entries related to CVE-2009-2698. The udp_sendmsg function in the UDP implementation in (1) net/ipv4/udp.c and (2) net/ipv6/udp.c in the Linux kernel before 2.6.19 allows local users to gain privileges or cause a denial of service (NULL pointer dereference and system crash) via vectors involving the MSG_MORE flag and a UDP socket.
FIRST-EPSS: 0.000480000
NVD-IS: 10.0
NVD-ES: 3.9
CVE-2009-2698
DESCRIPTION: Exploit Observer has 59 entries related to CVE-2009-2698. The udp_sendmsg function in the UDP implementation in (1) net/ipv4/udp.c and (2) net/ipv6/udp.c in the Linux kernel before 2.6.19 allows local users to gain privileges or cause a denial of service (NULL pointer dereference and system crash) via vectors involving the MSG_MORE flag and a UDP socket.
FIRST-EPSS: 0.000480000
NVD-IS: 10.0
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2023-33592
DESCRIPTION: Exploit Observer has 4 entries related to CVE-2023-33592. Lost and Found Information System v1.0 was discovered to contain a SQL injection vulnerability via the component /php-lfis/admin/?page=system_info/contact_information.
FIRST-EPSS: 0.001080000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2023-33592
DESCRIPTION: Exploit Observer has 4 entries related to CVE-2023-33592. Lost and Found Information System v1.0 was discovered to contain a SQL injection vulnerability via the component /php-lfis/admin/?page=system_info/contact_information.
FIRST-EPSS: 0.001080000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2023-32629
DESCRIPTION: Exploit Observer has 12 entries related to CVE-2023-32629. Local privilege escalation vulnerability in Ubuntu Kernels overlayfs ovl_copy_up_meta_inode_data skip permission checks when calling ovl_do_setxattr on Ubuntu kernels
FIRST-EPSS: 0.000420000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2023-32629
DESCRIPTION: Exploit Observer has 12 entries related to CVE-2023-32629. Local privilege escalation vulnerability in Ubuntu Kernels overlayfs ovl_copy_up_meta_inode_data skip permission checks when calling ovl_do_setxattr on Ubuntu kernels
FIRST-EPSS: 0.000420000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2022-24512
DESCRIPTION: Exploit Observer has 4 entries related to CVE-2022-24512. .NET and Visual Studio Remote Code Execution Vulnerability
FIRST-EPSS: 0.017120000
NVD-IS: 3.4
NVD-ES: 2.8
CVE-2022-24512
DESCRIPTION: Exploit Observer has 4 entries related to CVE-2022-24512. .NET and Visual Studio Remote Code Execution Vulnerability
FIRST-EPSS: 0.017120000
NVD-IS: 3.4
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2022-22536
DESCRIPTION: Exploit Observer has 16 entries related to CVE-2022-22536. SAP NetWeaver Application Server ABAP, SAP NetWeaver Application Server Java, ABAP Platform, SAP Content Server 7.53 and SAP Web Dispatcher are vulnerable for request smuggling and request concatenation. An unauthenticated attacker can prepend a victim's request with arbitrary data. This way, the attacker can execute functions impersonating the victim or poison intermediary Web caches. A successful attack could result in complete compromise of Confidentiality, Integrity and Availability of the system.
FIRST-EPSS: 0.958480000
NVD-IS: 6.0
NVD-ES: 3.9
CVE-2022-22536
DESCRIPTION: Exploit Observer has 16 entries related to CVE-2022-22536. SAP NetWeaver Application Server ABAP, SAP NetWeaver Application Server Java, ABAP Platform, SAP Content Server 7.53 and SAP Web Dispatcher are vulnerable for request smuggling and request concatenation. An unauthenticated attacker can prepend a victim's request with arbitrary data. This way, the attacker can execute functions impersonating the victim or poison intermediary Web caches. A successful attack could result in complete compromise of Confidentiality, Integrity and Availability of the system.
FIRST-EPSS: 0.958480000
NVD-IS: 6.0
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2020-8927
DESCRIPTION: Exploit Observer has 17 entries related to CVE-2020-8927. A buffer overflow exists in the Brotli library versions prior to 1.0.8 where an attacker controlling the input length of a "one-shot" decompression request to a script can trigger a crash, which happens when copying over chunks of data larger than 2 GiB. It is recommended to update your Brotli library to 1.0.8 or later. If one cannot update, we recommend to use the "streaming" API as opposed to the "one-shot" API, and impose chunk size limits.
FIRST-EPSS: 0.005250000
NVD-IS: 2.5
NVD-ES: 3.9
CVE-2020-8927
DESCRIPTION: Exploit Observer has 17 entries related to CVE-2020-8927. A buffer overflow exists in the Brotli library versions prior to 1.0.8 where an attacker controlling the input length of a "one-shot" decompression request to a script can trigger a crash, which happens when copying over chunks of data larger than 2 GiB. It is recommended to update your Brotli library to 1.0.8 or later. If one cannot update, we recommend to use the "streaming" API as opposed to the "one-shot" API, and impose chunk size limits.
FIRST-EPSS: 0.005250000
NVD-IS: 2.5
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2023-29357
DESCRIPTION: Exploit Observer has 17 entries related to CVE-2023-29357. Microsoft SharePoint Server Elevation of Privilege Vulnerability
FIRST-EPSS: 0.761240000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2023-29357
DESCRIPTION: Exploit Observer has 17 entries related to CVE-2023-29357. Microsoft SharePoint Server Elevation of Privilege Vulnerability
FIRST-EPSS: 0.761240000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2021-3611
DESCRIPTION: Exploit Observer has 5 entries related to CVE-2021-3611. A stack overflow vulnerability was found in the Intel HD Audio device (intel-hda) of QEMU. A malicious guest could use this flaw to crash the QEMU process on the host, resulting in a denial of service condition. The highest threat from this vulnerability is to system availability. This flaw affects QEMU versions prior to 7.0.0.
FIRST-EPSS: 0.000420000
NVD-IS: 4.0
NVD-ES: 2.0
CVE-2021-3611
DESCRIPTION: Exploit Observer has 5 entries related to CVE-2021-3611. A stack overflow vulnerability was found in the Intel HD Audio device (intel-hda) of QEMU. A malicious guest could use this flaw to crash the QEMU process on the host, resulting in a denial of service condition. The highest threat from this vulnerability is to system availability. This flaw affects QEMU versions prior to 7.0.0.
FIRST-EPSS: 0.000420000
NVD-IS: 4.0
NVD-ES: 2.0
#ExploitObserverAlert
CVE-2023-0461
DESCRIPTION: Exploit Observer has 22 entries related to CVE-2023-0461. There is a use-after-free vulnerability in the Linux Kernel which can be exploited to achieve local privilege escalation. To reach the vulnerability kernel configuration flag CONFIG_TLS or CONFIG_XFRM_ESPINTCP has to be configured, but the operation does not require any privilege.
There is a use-after-free bug of icsk_ulp_data of a struct inet_connection_sock.
When CONFIG_TLS is enabled, user can install a tls context (struct tls_context) on a connected tcp socket. The context is not cleared if this socket is disconnected and reused as a listener. If a new socket is created from the listener, the context is inherited and vulnerable.
The setsockopt TCP_ULP operation does not require any privilege.
We recommend upgrading past commit 2c02d41d71f90a5168391b6a5f2954112ba2307c
FIRST-EPSS: 0.000420000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2023-0461
DESCRIPTION: Exploit Observer has 22 entries related to CVE-2023-0461. There is a use-after-free vulnerability in the Linux Kernel which can be exploited to achieve local privilege escalation. To reach the vulnerability kernel configuration flag CONFIG_TLS or CONFIG_XFRM_ESPINTCP has to be configured, but the operation does not require any privilege.
There is a use-after-free bug of icsk_ulp_data of a struct inet_connection_sock.
When CONFIG_TLS is enabled, user can install a tls context (struct tls_context) on a connected tcp socket. The context is not cleared if this socket is disconnected and reused as a listener. If a new socket is created from the listener, the context is inherited and vulnerable.
The setsockopt TCP_ULP operation does not require any privilege.
We recommend upgrading past commit 2c02d41d71f90a5168391b6a5f2954112ba2307c
FIRST-EPSS: 0.000420000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2021-22213
DESCRIPTION: Exploit Observer has 4 entries related to CVE-2021-22213. A cross-site leak vulnerability in the OAuth flow of all versions of GitLab CE/EE since 7.10 allowed an attacker to leak an OAuth access token by getting the victim to visit a malicious page with Safari
FIRST-EPSS: 0.001710000
NVD-IS: 3.6
NVD-ES: 2.8
CVE-2021-22213
DESCRIPTION: Exploit Observer has 4 entries related to CVE-2021-22213. A cross-site leak vulnerability in the OAuth flow of all versions of GitLab CE/EE since 7.10 allowed an attacker to leak an OAuth access token by getting the victim to visit a malicious page with Safari
FIRST-EPSS: 0.001710000
NVD-IS: 3.6
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2023-4966
DESCRIPTION: Exploit Observer has 120 entries related to CVE-2023-4966. Sensitive information disclosure in NetScaler ADC and NetScaler Gateway when configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA ?virtual?server.
FIRST-EPSS: 0.922670000
NVD-IS: 3.6
NVD-ES: 3.9
CVE-2023-4966
DESCRIPTION: Exploit Observer has 120 entries related to CVE-2023-4966. Sensitive information disclosure in NetScaler ADC and NetScaler Gateway when configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA ?virtual?server.
FIRST-EPSS: 0.922670000
NVD-IS: 3.6
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2022-23635
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2022-23635. Istio is an open platform to connect, manage, and secure microservices. In affected versions the Istio control plane, `istiod`, is vulnerable to a request processing error, allowing a malicious attacker that sends a specially crafted message which results in the control plane crashing. This endpoint is served over TLS port 15012, but does not require any authentication from the attacker. For simple installations, Istiod is typically only reachable from within the cluster, limiting the blast radius. However, for some deployments, especially [multicluster](https://istio.io/latest/docs/setup/install/multicluster/primary-remote/) topologies, this port is exposed over the public internet. There are no effective workarounds, beyond upgrading. Limiting network access to Istiod to the minimal set of clients can help lessen the scope of the vulnerability to some extent.
FIRST-EPSS: 0.001210000
NVD-IS: 3.6
NVD-ES: 3.9
CVE-2022-23635
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2022-23635. Istio is an open platform to connect, manage, and secure microservices. In affected versions the Istio control plane, `istiod`, is vulnerable to a request processing error, allowing a malicious attacker that sends a specially crafted message which results in the control plane crashing. This endpoint is served over TLS port 15012, but does not require any authentication from the attacker. For simple installations, Istiod is typically only reachable from within the cluster, limiting the blast radius. However, for some deployments, especially [multicluster](https://istio.io/latest/docs/setup/install/multicluster/primary-remote/) topologies, this port is exposed over the public internet. There are no effective workarounds, beyond upgrading. Limiting network access to Istiod to the minimal set of clients can help lessen the scope of the vulnerability to some extent.
FIRST-EPSS: 0.001210000
NVD-IS: 3.6
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2022-3768
DESCRIPTION: Exploit Observer has 5 entries related to CVE-2022-3768. The WPSmartContracts WordPress plugin before 1.3.12 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as author
FIRST-EPSS: 0.015930000
NVD-IS: 5.9
NVD-ES: 2.8
CVE-2022-3768
DESCRIPTION: Exploit Observer has 5 entries related to CVE-2022-3768. The WPSmartContracts WordPress plugin before 1.3.12 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as author
FIRST-EPSS: 0.015930000
NVD-IS: 5.9
NVD-ES: 2.8