#ExploitObserverAlert
CVE-2017-12615
DESCRIPTION: Exploit Observer has 99 entries related to CVE-2017-12615. When running Apache Tomcat 7.0.0 to 7.0.79 on Windows with HTTP PUTs enabled (e.g. via setting the readonly initialisation parameter of the Default to false) it was possible to upload a JSP file to the server via a specially crafted request. This JSP could then be requested and any code it contained would be executed by the server.
FIRST-EPSS: 0.969230000
NVD-IS: 5.9
NVD-ES: 2.2
CVE-2017-12615
DESCRIPTION: Exploit Observer has 99 entries related to CVE-2017-12615. When running Apache Tomcat 7.0.0 to 7.0.79 on Windows with HTTP PUTs enabled (e.g. via setting the readonly initialisation parameter of the Default to false) it was possible to upload a JSP file to the server via a specially crafted request. This JSP could then be requested and any code it contained would be executed by the server.
FIRST-EPSS: 0.969230000
NVD-IS: 5.9
NVD-ES: 2.2
#ExploitObserverAlert
CVE-2021-22506
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2021-22506. Advance configuration exposing Information Leakage vulnerability in Micro Focus Access Manager product, affects all versions prior to version 5.0. The vulnerability could cause information leakage.
FIRST-EPSS: 0.003760000
NVD-IS: 3.6
NVD-ES: 3.9
CVE-2021-22506
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2021-22506. Advance configuration exposing Information Leakage vulnerability in Micro Focus Access Manager product, affects all versions prior to version 5.0. The vulnerability could cause information leakage.
FIRST-EPSS: 0.003760000
NVD-IS: 3.6
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2023-20887
DESCRIPTION: Exploit Observer has 14 entries related to CVE-2023-20887. Aria Operations for Networks contains a command injection vulnerability. A malicious actor with network access to VMware Aria Operations for Networks may be able to perform a command injection attack resulting in remote code execution.
FIRST-EPSS: 0.952390000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2023-20887
DESCRIPTION: Exploit Observer has 14 entries related to CVE-2023-20887. Aria Operations for Networks contains a command injection vulnerability. A malicious actor with network access to VMware Aria Operations for Networks may be able to perform a command injection attack resulting in remote code execution.
FIRST-EPSS: 0.952390000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2019-0708
DESCRIPTION: Exploit Observer has 459 entries related to CVE-2019-0708. A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Remote Desktop Services Remote Code Execution Vulnerability'.
FIRST-EPSS: 0.974960000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2019-0708
DESCRIPTION: Exploit Observer has 459 entries related to CVE-2019-0708. A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Remote Desktop Services Remote Code Execution Vulnerability'.
FIRST-EPSS: 0.974960000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2023-20273
DESCRIPTION: Exploit Observer has 8 entries related to CVE-2023-20273. A vulnerability in the web UI feature of Cisco IOS XE Software could allow an authenticated, remote attacker to inject commands with the privileges of root. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted input to the web UI. A successful exploit could allow the attacker to inject commands to the underlying operating system with root privileges.
FIRST-EPSS: 0.060170000
NVD-IS: 5.9
NVD-ES: 1.2
CVE-2023-20273
DESCRIPTION: Exploit Observer has 8 entries related to CVE-2023-20273. A vulnerability in the web UI feature of Cisco IOS XE Software could allow an authenticated, remote attacker to inject commands with the privileges of root. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted input to the web UI. A successful exploit could allow the attacker to inject commands to the underlying operating system with root privileges.
FIRST-EPSS: 0.060170000
NVD-IS: 5.9
NVD-ES: 1.2
#ExploitObserverAlert
CVE-2017-12232
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2017-12232. A vulnerability in the implementation of a protocol in Cisco Integrated Services Routers Generation 2 (ISR G2) Routers running Cisco IOS 15.0 through 15.6 could allow an unauthenticated, adjacent attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to a misclassification of Ethernet frames. An attacker could exploit this vulnerability by sending a crafted Ethernet frame to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition. Cisco Bug IDs: CSCvc03809.
FIRST-EPSS: 0.001600000
NVD-IS: 3.6
NVD-ES: 2.8
CVE-2017-12232
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2017-12232. A vulnerability in the implementation of a protocol in Cisco Integrated Services Routers Generation 2 (ISR G2) Routers running Cisco IOS 15.0 through 15.6 could allow an unauthenticated, adjacent attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to a misclassification of Ethernet frames. An attacker could exploit this vulnerability by sending a crafted Ethernet frame to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition. Cisco Bug IDs: CSCvc03809.
FIRST-EPSS: 0.001600000
NVD-IS: 3.6
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2020-3837
DESCRIPTION: Exploit Observer has 7 entries related to CVE-2020-3837. A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, macOS Catalina 10.15.3, tvOS 13.3.1, watchOS 6.1.2. An application may be able to execute arbitrary code with kernel privileges.
FIRST-EPSS: 0.001350000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2020-3837
DESCRIPTION: Exploit Observer has 7 entries related to CVE-2020-3837. A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, macOS Catalina 10.15.3, tvOS 13.3.1, watchOS 6.1.2. An application may be able to execute arbitrary code with kernel privileges.
FIRST-EPSS: 0.001350000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2022-32917
DESCRIPTION: Exploit Observer has 11 entries related to CVE-2022-32917. The issue was addressed with improved bounds checks. This issue is fixed in macOS Monterey 12.6, iOS 15.7 and iPadOS 15.7, iOS 16, macOS Big Sur 11.7. An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited..
FIRST-EPSS: 0.000590000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2022-32917
DESCRIPTION: Exploit Observer has 11 entries related to CVE-2022-32917. The issue was addressed with improved bounds checks. This issue is fixed in macOS Monterey 12.6, iOS 15.7 and iPadOS 15.7, iOS 16, macOS Big Sur 11.7. An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited..
FIRST-EPSS: 0.000590000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2014-0322
DESCRIPTION: Exploit Observer has 28 entries related to CVE-2014-0322. Use-after-free vulnerability in Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code via vectors involving crafted JavaScript code, CMarkup, and the onpropertychange attribute of a script element, as exploited in the wild in January and February 2014.
FIRST-EPSS: 0.974590000
NVD-IS: 10.0
NVD-ES: 8.6
CVE-2014-0322
DESCRIPTION: Exploit Observer has 28 entries related to CVE-2014-0322. Use-after-free vulnerability in Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code via vectors involving crafted JavaScript code, CMarkup, and the onpropertychange attribute of a script element, as exploited in the wild in January and February 2014.
FIRST-EPSS: 0.974590000
NVD-IS: 10.0
NVD-ES: 8.6
#ExploitObserverAlert
CVE-2021-27104
DESCRIPTION: Exploit Observer has 9 entries related to CVE-2021-27104. Accellion FTA 9_12_370 and earlier is affected by OS command execution via a crafted POST request to various admin endpoints. The fixed version is FTA_9_12_380 and later.
FIRST-EPSS: 0.007790000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2021-27104
DESCRIPTION: Exploit Observer has 9 entries related to CVE-2021-27104. Accellion FTA 9_12_370 and earlier is affected by OS command execution via a crafted POST request to various admin endpoints. The fixed version is FTA_9_12_380 and later.
FIRST-EPSS: 0.007790000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2015-2360
DESCRIPTION: Exploit Observer has 4 entries related to CVE-2015-2360. win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted application, aka "Win32k Elevation of Privilege Vulnerability."
FIRST-EPSS: 0.000840000
NVD-IS: 10.0
NVD-ES: 3.9
CVE-2015-2360
DESCRIPTION: Exploit Observer has 4 entries related to CVE-2015-2360. win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted application, aka "Win32k Elevation of Privilege Vulnerability."
FIRST-EPSS: 0.000840000
NVD-IS: 10.0
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2021-31207
DESCRIPTION: Exploit Observer has 36 entries related to CVE-2021-31207. Microsoft Exchange Server Security Feature Bypass Vulnerability
FIRST-EPSS: 0.952100000
NVD-IS: 5.9
NVD-ES: 0.7
CVE-2021-31207
DESCRIPTION: Exploit Observer has 36 entries related to CVE-2021-31207. Microsoft Exchange Server Security Feature Bypass Vulnerability
FIRST-EPSS: 0.952100000
NVD-IS: 5.9
NVD-ES: 0.7
#ExploitObserverAlert
CVE-2017-6334
DESCRIPTION: Exploit Observer has 5 entries related to CVE-2017-6334. dnslookup.cgi on NETGEAR DGN2200 devices with firmware through 10.0.0.50 allows remote authenticated users to execute arbitrary OS commands via shell metacharacters in the host_name field of an HTTP POST request, a different vulnerability than CVE-2017-6077.
FIRST-EPSS: 0.962270000
NVD-IS: 5.9
NVD-ES: 2.8
CVE-2017-6334
DESCRIPTION: Exploit Observer has 5 entries related to CVE-2017-6334. dnslookup.cgi on NETGEAR DGN2200 devices with firmware through 10.0.0.50 allows remote authenticated users to execute arbitrary OS commands via shell metacharacters in the host_name field of an HTTP POST request, a different vulnerability than CVE-2017-6077.
FIRST-EPSS: 0.962270000
NVD-IS: 5.9
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2021-21193
DESCRIPTION: Exploit Observer has 10 entries related to CVE-2021-21193. Use after free in Blink in Google Chrome prior to 89.0.4389.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
FIRST-EPSS: 0.009190000
NVD-IS: 5.9
NVD-ES: 2.8
CVE-2021-21193
DESCRIPTION: Exploit Observer has 10 entries related to CVE-2021-21193. Use after free in Blink in Google Chrome prior to 89.0.4389.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
FIRST-EPSS: 0.009190000
NVD-IS: 5.9
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2017-6738
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2017-6738. The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS 12.0 through 12.4 and 15.0 through 15.6 and IOS XE 2.2 through 3.17 contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload. An attacker could exploit these vulnerabilities by sending a crafted SNMP packet to an affected system via IPv4 or IPv6. Only traffic directed to an affected system can be used to exploit these vulnerabilities. The vulnerabilities are due to a buffer overflow condition in the SNMP subsystem of the affected software. The vulnerabilities affect all versions of SNMP: Versions 1, 2c, and 3. To exploit these vulnerabilities via SNMP Version 2c or earlier, the attacker must know the SNMP read-only community string for the affected system. To exploit these vulnerabilities via SNMP Version 3, the attacker must have user credentials for the affected system. All devices that have enabled SNMP and have not explicitly excluded the affected MIBs or OIDs should be considered vulnerable. Cisco Bug IDs: CSCve89865, CSCsy56638.
FIRST-EPSS: 0.007960000
NVD-IS: 5.9
NVD-ES: 2.8
CVE-2017-6738
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2017-6738. The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS 12.0 through 12.4 and 15.0 through 15.6 and IOS XE 2.2 through 3.17 contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload. An attacker could exploit these vulnerabilities by sending a crafted SNMP packet to an affected system via IPv4 or IPv6. Only traffic directed to an affected system can be used to exploit these vulnerabilities. The vulnerabilities are due to a buffer overflow condition in the SNMP subsystem of the affected software. The vulnerabilities affect all versions of SNMP: Versions 1, 2c, and 3. To exploit these vulnerabilities via SNMP Version 2c or earlier, the attacker must know the SNMP read-only community string for the affected system. To exploit these vulnerabilities via SNMP Version 3, the attacker must have user credentials for the affected system. All devices that have enabled SNMP and have not explicitly excluded the affected MIBs or OIDs should be considered vulnerable. Cisco Bug IDs: CSCve89865, CSCsy56638.
FIRST-EPSS: 0.007960000
NVD-IS: 5.9
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2017-9805
DESCRIPTION: Exploit Observer has 146 entries related to CVE-2017-9805. The REST Plugin in Apache Struts 2.1.1 through 2.3.x before 2.3.34 and 2.5.x before 2.5.13 uses an XStreamHandler with an instance of XStream for deserialization without any type filtering, which can lead to Remote Code Execution when deserializing XML payloads.
FIRST-EPSS: 0.975450000
NVD-IS: 5.9
NVD-ES: 2.2
CVE-2017-9805
DESCRIPTION: Exploit Observer has 146 entries related to CVE-2017-9805. The REST Plugin in Apache Struts 2.1.1 through 2.3.x before 2.3.34 and 2.5.x before 2.5.13 uses an XStreamHandler with an instance of XStream for deserialization without any type filtering, which can lead to Remote Code Execution when deserializing XML payloads.
FIRST-EPSS: 0.975450000
NVD-IS: 5.9
NVD-ES: 2.2
#ExploitObserverAlert
CVE-2020-8515
DESCRIPTION: Exploit Observer has 37 entries related to CVE-2020-8515. DrayTek Vigor2960 1.3.1_Beta, Vigor3900 1.4.4_Beta, and Vigor300B 1.3.3_Beta, 1.4.2.1_Beta, and 1.4.4_Beta devices allow remote code execution as root (without authentication) via shell metacharacters to the cgi-bin/mainfunction.cgi URI. This issue has been fixed in Vigor3900/2960/300B v1.5.1.
FIRST-EPSS: 0.969210000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2020-8515
DESCRIPTION: Exploit Observer has 37 entries related to CVE-2020-8515. DrayTek Vigor2960 1.3.1_Beta, Vigor3900 1.4.4_Beta, and Vigor300B 1.3.3_Beta, 1.4.2.1_Beta, and 1.4.4_Beta devices allow remote code execution as root (without authentication) via shell metacharacters to the cgi-bin/mainfunction.cgi URI. This issue has been fixed in Vigor3900/2960/300B v1.5.1.
FIRST-EPSS: 0.969210000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2021-30713
DESCRIPTION: Exploit Observer has 4 entries related to CVE-2021-30713. A permissions issue was addressed with improved validation. This issue is fixed in macOS Big Sur 11.4. A malicious application may be able to bypass Privacy preferences. Apple is aware of a report that this issue may have been actively exploited..
FIRST-EPSS: 0.005750000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2021-30713
DESCRIPTION: Exploit Observer has 4 entries related to CVE-2021-30713. A permissions issue was addressed with improved validation. This issue is fixed in macOS Big Sur 11.4. A malicious application may be able to bypass Privacy preferences. Apple is aware of a report that this issue may have been actively exploited..
FIRST-EPSS: 0.005750000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2019-1385
DESCRIPTION: Exploit Observer has 13 entries related to CVE-2019-1385. An elevation of privilege vulnerability exists when the Windows AppX Deployment Extensions improperly performs privilege management, resulting in access to system files.To exploit this vulnerability, an authenticated attacker would need to run a specially crafted application to elevate privileges.The security update addresses the vulnerability by correcting how AppX Deployment Extensions manages privileges., aka 'Windows AppX Deployment Extensions Elevation of Privilege Vulnerability'.
FIRST-EPSS: 0.004870000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2019-1385
DESCRIPTION: Exploit Observer has 13 entries related to CVE-2019-1385. An elevation of privilege vulnerability exists when the Windows AppX Deployment Extensions improperly performs privilege management, resulting in access to system files.To exploit this vulnerability, an authenticated attacker would need to run a specially crafted application to elevate privileges.The security update addresses the vulnerability by correcting how AppX Deployment Extensions manages privileges., aka 'Windows AppX Deployment Extensions Elevation of Privilege Vulnerability'.
FIRST-EPSS: 0.004870000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2019-3396
DESCRIPTION: Exploit Observer has 109 entries related to CVE-2019-3396. The Widget Connector macro in Atlassian Confluence Server before version 6.6.12 (the fixed version for 6.6.x), from version 6.7.0 before 6.12.3 (the fixed version for 6.12.x), from version 6.13.0 before 6.13.3 (the fixed version for 6.13.x), and from version 6.14.0 before 6.14.2 (the fixed version for 6.14.x), allows remote attackers to achieve path traversal and remote code execution on a Confluence Server or Data Center instance via server-side template injection.
FIRST-EPSS: 0.975040000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2019-3396
DESCRIPTION: Exploit Observer has 109 entries related to CVE-2019-3396. The Widget Connector macro in Atlassian Confluence Server before version 6.6.12 (the fixed version for 6.6.x), from version 6.7.0 before 6.12.3 (the fixed version for 6.12.x), from version 6.13.0 before 6.13.3 (the fixed version for 6.13.x), and from version 6.14.0 before 6.14.2 (the fixed version for 6.14.x), allows remote attackers to achieve path traversal and remote code execution on a Confluence Server or Data Center instance via server-side template injection.
FIRST-EPSS: 0.975040000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2021-22899
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2021-22899. A command injection vulnerability exists in Pulse Connect Secure before 9.1R11.4 allows a remote authenticated attacker to perform remote code execution via Windows Resource Profiles Feature
FIRST-EPSS: 0.002870000
NVD-IS: 5.9
NVD-ES: 2.8
CVE-2021-22899
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2021-22899. A command injection vulnerability exists in Pulse Connect Secure before 9.1R11.4 allows a remote authenticated attacker to perform remote code execution via Windows Resource Profiles Feature
FIRST-EPSS: 0.002870000
NVD-IS: 5.9
NVD-ES: 2.8