#ExploitObserverAlert
CVE-2022-41125
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2022-41125. Windows CNG Key Isolation Service Elevation of Privilege Vulnerability
FIRST-EPSS: 0.000440000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2022-41125
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2022-41125. Windows CNG Key Isolation Service Elevation of Privilege Vulnerability
FIRST-EPSS: 0.000440000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2017-11774
DESCRIPTION: Exploit Observer has 8 entries related to CVE-2017-11774. Microsoft Outlook 2010 SP2, Outlook 2013 SP1 and RT SP1, and Outlook 2016 allow an attacker to execute arbitrary commands, due to how Microsoft Office handles objects in memory, aka "Microsoft Outlook Security Feature Bypass Vulnerability."
FIRST-EPSS: 0.862350000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2017-11774
DESCRIPTION: Exploit Observer has 8 entries related to CVE-2017-11774. Microsoft Outlook 2010 SP2, Outlook 2013 SP1 and RT SP1, and Outlook 2016 allow an attacker to execute arbitrary commands, due to how Microsoft Office handles objects in memory, aka "Microsoft Outlook Security Feature Bypass Vulnerability."
FIRST-EPSS: 0.862350000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2020-8644
DESCRIPTION: Exploit Observer has 14 entries related to CVE-2020-8644. PlaySMS before 1.4.3 does not sanitize inputs from a malicious string.
FIRST-EPSS: 0.958010000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2020-8644
DESCRIPTION: Exploit Observer has 14 entries related to CVE-2020-8644. PlaySMS before 1.4.3 does not sanitize inputs from a malicious string.
FIRST-EPSS: 0.958010000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2020-14750
DESCRIPTION: Exploit Observer has 32 entries related to CVE-2020-14750. Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Console). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).
FIRST-EPSS: 0.975530000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2020-14750
DESCRIPTION: Exploit Observer has 32 entries related to CVE-2020-14750. Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Console). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).
FIRST-EPSS: 0.975530000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2023-47246
DESCRIPTION: Exploit Observer has 12 entries related to CVE-2023-47246. In SysAid On-Premise before 23.3.36, a path traversal vulnerability leads to code execution after an attacker writes a file to the Tomcat webroot, as exploited in the wild in November 2023.
FIRST-EPSS: 0.667970000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2023-47246
DESCRIPTION: Exploit Observer has 12 entries related to CVE-2023-47246. In SysAid On-Premise before 23.3.36, a path traversal vulnerability leads to code execution after an attacker writes a file to the Tomcat webroot, as exploited in the wild in November 2023.
FIRST-EPSS: 0.667970000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2020-17144
DESCRIPTION: Exploit Observer has 36 entries related to CVE-2020-17144. Microsoft Exchange Remote Code Execution Vulnerability This CVE ID is unique from CVE-2020-17117, CVE-2020-17132, CVE-2020-17141, CVE-2020-17142.
FIRST-EPSS: 0.266280000
NVD-IS: 6.0
NVD-ES: 1.7
CVE-2020-17144
DESCRIPTION: Exploit Observer has 36 entries related to CVE-2020-17144. Microsoft Exchange Remote Code Execution Vulnerability This CVE ID is unique from CVE-2020-17117, CVE-2020-17132, CVE-2020-17141, CVE-2020-17142.
FIRST-EPSS: 0.266280000
NVD-IS: 6.0
NVD-ES: 1.7
#ExploitObserverAlert
CVE-2021-30632
DESCRIPTION: Exploit Observer has 17 entries related to CVE-2021-30632. Out of bounds write in V8 in Google Chrome prior to 93.0.4577.82 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
FIRST-EPSS: 0.663980000
NVD-IS: 5.9
NVD-ES: 2.8
CVE-2021-30632
DESCRIPTION: Exploit Observer has 17 entries related to CVE-2021-30632. Out of bounds write in V8 in Google Chrome prior to 93.0.4577.82 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
FIRST-EPSS: 0.663980000
NVD-IS: 5.9
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2023-41064
DESCRIPTION: Exploit Observer has 9 entries related to CVE-2023-41064. A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 16.6.1 and iPadOS 16.6.1, macOS Monterey 12.6.9, macOS Ventura 13.5.2, iOS 15.7.9 and iPadOS 15.7.9, macOS Big Sur 11.7.10. Processing a maliciously crafted image may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.
FIRST-EPSS: 0.003300000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2023-41064
DESCRIPTION: Exploit Observer has 9 entries related to CVE-2023-41064. A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 16.6.1 and iPadOS 16.6.1, macOS Monterey 12.6.9, macOS Ventura 13.5.2, iOS 15.7.9 and iPadOS 15.7.9, macOS Big Sur 11.7.10. Processing a maliciously crafted image may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.
FIRST-EPSS: 0.003300000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2023-41061
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2023-41061. A validation issue was addressed with improved logic. This issue is fixed in watchOS 9.6.2, iOS 16.6.1 and iPadOS 16.6.1. A maliciously crafted attachment may result in arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.
FIRST-EPSS: 0.000700000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2023-41061
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2023-41061. A validation issue was addressed with improved logic. This issue is fixed in watchOS 9.6.2, iOS 16.6.1 and iPadOS 16.6.1. A maliciously crafted attachment may result in arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.
FIRST-EPSS: 0.000700000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2022-1364
DESCRIPTION: Exploit Observer has 9 entries related to CVE-2022-1364. Type confusion in V8 Turbofan in Google Chrome prior to 100.0.4896.127 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
FIRST-EPSS: 0.013910000
NVD-IS: 5.9
NVD-ES: 2.8
CVE-2022-1364
DESCRIPTION: Exploit Observer has 9 entries related to CVE-2022-1364. Type confusion in V8 Turbofan in Google Chrome prior to 100.0.4896.127 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
FIRST-EPSS: 0.013910000
NVD-IS: 5.9
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2017-0145
DESCRIPTION: Exploit Observer has 73 entries related to CVE-2017-0145. The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to execute arbitrary code via crafted packets, aka "Windows SMB Remote Code Execution Vulnerability." This vulnerability is different from those described in CVE-2017-0143, CVE-2017-0144, CVE-2017-0146, and CVE-2017-0148.
FIRST-EPSS: 0.972700000
NVD-IS: 5.9
NVD-ES: 2.2
CVE-2017-0145
DESCRIPTION: Exploit Observer has 73 entries related to CVE-2017-0145. The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to execute arbitrary code via crafted packets, aka "Windows SMB Remote Code Execution Vulnerability." This vulnerability is different from those described in CVE-2017-0143, CVE-2017-0144, CVE-2017-0146, and CVE-2017-0148.
FIRST-EPSS: 0.972700000
NVD-IS: 5.9
NVD-ES: 2.2
#ExploitObserverAlert
CVE-2018-8174
DESCRIPTION: Exploit Observer has 76 entries related to CVE-2018-8174. A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka "Windows VBScript Engine Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.
FIRST-EPSS: 0.974330000
NVD-IS: 5.9
NVD-ES: 1.6
CVE-2018-8174
DESCRIPTION: Exploit Observer has 76 entries related to CVE-2018-8174. A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka "Windows VBScript Engine Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.
FIRST-EPSS: 0.974330000
NVD-IS: 5.9
NVD-ES: 1.6
#ExploitObserverAlert
CVE-2021-45382
DESCRIPTION: Exploit Observer has 6 entries related to CVE-2021-45382. A Remote Command Execution (RCE) vulnerability exists in all series H/W revisions D-link DIR-810L, DIR-820L/LW, DIR-826L, DIR-830L, and DIR-836L routers via the DDNS function in ncc2 binary file. Note: DIR-810L, DIR-820L, DIR-830L, DIR-826L, DIR-836L, all hardware revisions, have reached their End of Life ("EOL") /End of Service Life ("EOS") Life-Cycle and as such this issue will not be patched.
FIRST-EPSS: 0.968710000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2021-45382
DESCRIPTION: Exploit Observer has 6 entries related to CVE-2021-45382. A Remote Command Execution (RCE) vulnerability exists in all series H/W revisions D-link DIR-810L, DIR-820L/LW, DIR-826L, DIR-830L, and DIR-836L routers via the DDNS function in ncc2 binary file. Note: DIR-810L, DIR-820L, DIR-830L, DIR-826L, DIR-836L, all hardware revisions, have reached their End of Life ("EOL") /End of Service Life ("EOS") Life-Cycle and as such this issue will not be patched.
FIRST-EPSS: 0.968710000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2019-16928
DESCRIPTION: Exploit Observer has 16 entries related to CVE-2019-16928. Exim 4.92 through 4.92.2 allows remote code execution, a different vulnerability than CVE-2019-15846. There is a heap-based buffer overflow in string_vformat in string.c involving a long EHLO command.
FIRST-EPSS: 0.914660000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2019-16928
DESCRIPTION: Exploit Observer has 16 entries related to CVE-2019-16928. Exim 4.92 through 4.92.2 allows remote code execution, a different vulnerability than CVE-2019-15846. There is a heap-based buffer overflow in string_vformat in string.c involving a long EHLO command.
FIRST-EPSS: 0.914660000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2011-1889
DESCRIPTION: Exploit Observer has 4 entries related to CVE-2011-1889. The NSPLookupServiceNext function in the client in Microsoft Forefront Threat Management Gateway (TMG) 2010 allows remote attackers to execute arbitrary code via vectors involving unspecified requests, aka "TMG Firewall Client Memory Corruption Vulnerability."
FIRST-EPSS: 0.513530000
NVD-IS: 10.0
NVD-ES: 10.0
CVE-2011-1889
DESCRIPTION: Exploit Observer has 4 entries related to CVE-2011-1889. The NSPLookupServiceNext function in the client in Microsoft Forefront Threat Management Gateway (TMG) 2010 allows remote attackers to execute arbitrary code via vectors involving unspecified requests, aka "TMG Firewall Client Memory Corruption Vulnerability."
FIRST-EPSS: 0.513530000
NVD-IS: 10.0
NVD-ES: 10.0
#ExploitObserverAlert
CVE-2019-4716
DESCRIPTION: Exploit Observer has 7 entries related to CVE-2019-4716. IBM Planning Analytics 2.0.0 through 2.0.8 is vulnerable to a configuration overwrite that allows an unauthenticated user to login as "admin", and then execute code as root or SYSTEM via TM1 scripting. IBM X-Force ID: 172094.
FIRST-EPSS: 0.089140000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2019-4716
DESCRIPTION: Exploit Observer has 7 entries related to CVE-2019-4716. IBM Planning Analytics 2.0.0 through 2.0.8 is vulnerable to a configuration overwrite that allows an unauthenticated user to login as "admin", and then execute code as root or SYSTEM via TM1 scripting. IBM X-Force ID: 172094.
FIRST-EPSS: 0.089140000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2022-31199
DESCRIPTION: Exploit Observer has 4 entries related to CVE-2022-31199. Remote code execution vulnerabilities exist in the Netwrix Auditor User Activity Video Recording component affecting both the Netwrix Auditor server and agents installed on monitored systems. The remote code execution vulnerabilities exist within the underlying protocol used by the component, and potentially allow an unauthenticated remote attacker to execute arbitrary code as the NT AUTHORITY\SYSTEM user on affected systems, including on systems Netwrix Auditor monitors.
FIRST-EPSS: 0.466160000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2022-31199
DESCRIPTION: Exploit Observer has 4 entries related to CVE-2022-31199. Remote code execution vulnerabilities exist in the Netwrix Auditor User Activity Video Recording component affecting both the Netwrix Auditor server and agents installed on monitored systems. The remote code execution vulnerabilities exist within the underlying protocol used by the component, and potentially allow an unauthenticated remote attacker to execute arbitrary code as the NT AUTHORITY\SYSTEM user on affected systems, including on systems Netwrix Auditor monitors.
FIRST-EPSS: 0.466160000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2020-3452
DESCRIPTION: Exploit Observer has 137 entries related to CVE-2020-3452. A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct directory traversal attacks and read sensitive files on a targeted system. The vulnerability is due to a lack of proper input validation of URLs in HTTP requests processed by an affected device. An attacker could exploit this vulnerability by sending a crafted HTTP request containing directory traversal character sequences to an affected device. A successful exploit could allow the attacker to view arbitrary files within the web services file system on the targeted device. The web services file system is enabled when the affected device is configured with either WebVPN or AnyConnect features. This vulnerability cannot be used to obtain access to ASA or FTD system files or underlying operating system (OS) files.
FIRST-EPSS: 0.975290000
NVD-IS: 3.6
NVD-ES: 3.9
CVE-2020-3452
DESCRIPTION: Exploit Observer has 137 entries related to CVE-2020-3452. A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct directory traversal attacks and read sensitive files on a targeted system. The vulnerability is due to a lack of proper input validation of URLs in HTTP requests processed by an affected device. An attacker could exploit this vulnerability by sending a crafted HTTP request containing directory traversal character sequences to an affected device. A successful exploit could allow the attacker to view arbitrary files within the web services file system on the targeted device. The web services file system is enabled when the affected device is configured with either WebVPN or AnyConnect features. This vulnerability cannot be used to obtain access to ASA or FTD system files or underlying operating system (OS) files.
FIRST-EPSS: 0.975290000
NVD-IS: 3.6
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2022-21587
DESCRIPTION: Exploit Observer has 16 entries related to CVE-2022-21587. Vulnerability in the Oracle Web Applications Desktop Integrator product of Oracle E-Business Suite (component: Upload). Supported versions that are affected are 12.2.3-12.2.11. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Web Applications Desktop Integrator. Successful attacks of this vulnerability can result in takeover of Oracle Web Applications Desktop Integrator. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).
FIRST-EPSS: 0.965050000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2022-21587
DESCRIPTION: Exploit Observer has 16 entries related to CVE-2022-21587. Vulnerability in the Oracle Web Applications Desktop Integrator product of Oracle E-Business Suite (component: Upload). Supported versions that are affected are 12.2.3-12.2.11. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Web Applications Desktop Integrator. Successful attacks of this vulnerability can result in takeover of Oracle Web Applications Desktop Integrator. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).
FIRST-EPSS: 0.965050000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2019-0211
DESCRIPTION: Exploit Observer has 80 entries related to CVE-2019-0211. In Apache HTTP Server 2.4 releases 2.4.17 to 2.4.38, with MPM event, worker or prefork, code executing in less-privileged child processes or threads (including scripts executed by an in-process scripting interpreter) could execute arbitrary code with the privileges of the parent process (usually root) by manipulating the scoreboard. Non-Unix systems are not affected.
FIRST-EPSS: 0.974190000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2019-0211
DESCRIPTION: Exploit Observer has 80 entries related to CVE-2019-0211. In Apache HTTP Server 2.4 releases 2.4.17 to 2.4.38, with MPM event, worker or prefork, code executing in less-privileged child processes or threads (including scripts executed by an in-process scripting interpreter) could execute arbitrary code with the privileges of the parent process (usually root) by manipulating the scoreboard. Non-Unix systems are not affected.
FIRST-EPSS: 0.974190000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2023-23529
DESCRIPTION: Exploit Observer has 24 entries related to CVE-2023-23529. A type confusion issue was addressed with improved checks. This issue is fixed in iOS 15.7.4 and iPadOS 15.7.4, iOS 16.3.1 and iPadOS 16.3.1, macOS Ventura 13.2.1, Safari 16.3. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.
FIRST-EPSS: 0.000900000
NVD-IS: 5.9
NVD-ES: 2.8
CVE-2023-23529
DESCRIPTION: Exploit Observer has 24 entries related to CVE-2023-23529. A type confusion issue was addressed with improved checks. This issue is fixed in iOS 15.7.4 and iPadOS 15.7.4, iOS 16.3.1 and iPadOS 16.3.1, macOS Ventura 13.2.1, Safari 16.3. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.
FIRST-EPSS: 0.000900000
NVD-IS: 5.9
NVD-ES: 2.8