#ExploitObserverAlert
CVE-2023-41061
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2023-41061. A validation issue was addressed with improved logic. This issue is fixed in watchOS 9.6.2, iOS 16.6.1 and iPadOS 16.6.1. A maliciously crafted attachment may result in arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.
FIRST-EPSS: 0.000700000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2023-41061
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2023-41061. A validation issue was addressed with improved logic. This issue is fixed in watchOS 9.6.2, iOS 16.6.1 and iPadOS 16.6.1. A maliciously crafted attachment may result in arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.
FIRST-EPSS: 0.000700000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2022-1364
DESCRIPTION: Exploit Observer has 9 entries related to CVE-2022-1364. Type confusion in V8 Turbofan in Google Chrome prior to 100.0.4896.127 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
FIRST-EPSS: 0.013910000
NVD-IS: 5.9
NVD-ES: 2.8
CVE-2022-1364
DESCRIPTION: Exploit Observer has 9 entries related to CVE-2022-1364. Type confusion in V8 Turbofan in Google Chrome prior to 100.0.4896.127 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
FIRST-EPSS: 0.013910000
NVD-IS: 5.9
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2017-0145
DESCRIPTION: Exploit Observer has 73 entries related to CVE-2017-0145. The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to execute arbitrary code via crafted packets, aka "Windows SMB Remote Code Execution Vulnerability." This vulnerability is different from those described in CVE-2017-0143, CVE-2017-0144, CVE-2017-0146, and CVE-2017-0148.
FIRST-EPSS: 0.972700000
NVD-IS: 5.9
NVD-ES: 2.2
CVE-2017-0145
DESCRIPTION: Exploit Observer has 73 entries related to CVE-2017-0145. The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to execute arbitrary code via crafted packets, aka "Windows SMB Remote Code Execution Vulnerability." This vulnerability is different from those described in CVE-2017-0143, CVE-2017-0144, CVE-2017-0146, and CVE-2017-0148.
FIRST-EPSS: 0.972700000
NVD-IS: 5.9
NVD-ES: 2.2
#ExploitObserverAlert
CVE-2018-8174
DESCRIPTION: Exploit Observer has 76 entries related to CVE-2018-8174. A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka "Windows VBScript Engine Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.
FIRST-EPSS: 0.974330000
NVD-IS: 5.9
NVD-ES: 1.6
CVE-2018-8174
DESCRIPTION: Exploit Observer has 76 entries related to CVE-2018-8174. A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka "Windows VBScript Engine Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.
FIRST-EPSS: 0.974330000
NVD-IS: 5.9
NVD-ES: 1.6
#ExploitObserverAlert
CVE-2021-45382
DESCRIPTION: Exploit Observer has 6 entries related to CVE-2021-45382. A Remote Command Execution (RCE) vulnerability exists in all series H/W revisions D-link DIR-810L, DIR-820L/LW, DIR-826L, DIR-830L, and DIR-836L routers via the DDNS function in ncc2 binary file. Note: DIR-810L, DIR-820L, DIR-830L, DIR-826L, DIR-836L, all hardware revisions, have reached their End of Life ("EOL") /End of Service Life ("EOS") Life-Cycle and as such this issue will not be patched.
FIRST-EPSS: 0.968710000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2021-45382
DESCRIPTION: Exploit Observer has 6 entries related to CVE-2021-45382. A Remote Command Execution (RCE) vulnerability exists in all series H/W revisions D-link DIR-810L, DIR-820L/LW, DIR-826L, DIR-830L, and DIR-836L routers via the DDNS function in ncc2 binary file. Note: DIR-810L, DIR-820L, DIR-830L, DIR-826L, DIR-836L, all hardware revisions, have reached their End of Life ("EOL") /End of Service Life ("EOS") Life-Cycle and as such this issue will not be patched.
FIRST-EPSS: 0.968710000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2019-16928
DESCRIPTION: Exploit Observer has 16 entries related to CVE-2019-16928. Exim 4.92 through 4.92.2 allows remote code execution, a different vulnerability than CVE-2019-15846. There is a heap-based buffer overflow in string_vformat in string.c involving a long EHLO command.
FIRST-EPSS: 0.914660000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2019-16928
DESCRIPTION: Exploit Observer has 16 entries related to CVE-2019-16928. Exim 4.92 through 4.92.2 allows remote code execution, a different vulnerability than CVE-2019-15846. There is a heap-based buffer overflow in string_vformat in string.c involving a long EHLO command.
FIRST-EPSS: 0.914660000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2011-1889
DESCRIPTION: Exploit Observer has 4 entries related to CVE-2011-1889. The NSPLookupServiceNext function in the client in Microsoft Forefront Threat Management Gateway (TMG) 2010 allows remote attackers to execute arbitrary code via vectors involving unspecified requests, aka "TMG Firewall Client Memory Corruption Vulnerability."
FIRST-EPSS: 0.513530000
NVD-IS: 10.0
NVD-ES: 10.0
CVE-2011-1889
DESCRIPTION: Exploit Observer has 4 entries related to CVE-2011-1889. The NSPLookupServiceNext function in the client in Microsoft Forefront Threat Management Gateway (TMG) 2010 allows remote attackers to execute arbitrary code via vectors involving unspecified requests, aka "TMG Firewall Client Memory Corruption Vulnerability."
FIRST-EPSS: 0.513530000
NVD-IS: 10.0
NVD-ES: 10.0
#ExploitObserverAlert
CVE-2019-4716
DESCRIPTION: Exploit Observer has 7 entries related to CVE-2019-4716. IBM Planning Analytics 2.0.0 through 2.0.8 is vulnerable to a configuration overwrite that allows an unauthenticated user to login as "admin", and then execute code as root or SYSTEM via TM1 scripting. IBM X-Force ID: 172094.
FIRST-EPSS: 0.089140000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2019-4716
DESCRIPTION: Exploit Observer has 7 entries related to CVE-2019-4716. IBM Planning Analytics 2.0.0 through 2.0.8 is vulnerable to a configuration overwrite that allows an unauthenticated user to login as "admin", and then execute code as root or SYSTEM via TM1 scripting. IBM X-Force ID: 172094.
FIRST-EPSS: 0.089140000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2022-31199
DESCRIPTION: Exploit Observer has 4 entries related to CVE-2022-31199. Remote code execution vulnerabilities exist in the Netwrix Auditor User Activity Video Recording component affecting both the Netwrix Auditor server and agents installed on monitored systems. The remote code execution vulnerabilities exist within the underlying protocol used by the component, and potentially allow an unauthenticated remote attacker to execute arbitrary code as the NT AUTHORITY\SYSTEM user on affected systems, including on systems Netwrix Auditor monitors.
FIRST-EPSS: 0.466160000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2022-31199
DESCRIPTION: Exploit Observer has 4 entries related to CVE-2022-31199. Remote code execution vulnerabilities exist in the Netwrix Auditor User Activity Video Recording component affecting both the Netwrix Auditor server and agents installed on monitored systems. The remote code execution vulnerabilities exist within the underlying protocol used by the component, and potentially allow an unauthenticated remote attacker to execute arbitrary code as the NT AUTHORITY\SYSTEM user on affected systems, including on systems Netwrix Auditor monitors.
FIRST-EPSS: 0.466160000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2020-3452
DESCRIPTION: Exploit Observer has 137 entries related to CVE-2020-3452. A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct directory traversal attacks and read sensitive files on a targeted system. The vulnerability is due to a lack of proper input validation of URLs in HTTP requests processed by an affected device. An attacker could exploit this vulnerability by sending a crafted HTTP request containing directory traversal character sequences to an affected device. A successful exploit could allow the attacker to view arbitrary files within the web services file system on the targeted device. The web services file system is enabled when the affected device is configured with either WebVPN or AnyConnect features. This vulnerability cannot be used to obtain access to ASA or FTD system files or underlying operating system (OS) files.
FIRST-EPSS: 0.975290000
NVD-IS: 3.6
NVD-ES: 3.9
CVE-2020-3452
DESCRIPTION: Exploit Observer has 137 entries related to CVE-2020-3452. A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct directory traversal attacks and read sensitive files on a targeted system. The vulnerability is due to a lack of proper input validation of URLs in HTTP requests processed by an affected device. An attacker could exploit this vulnerability by sending a crafted HTTP request containing directory traversal character sequences to an affected device. A successful exploit could allow the attacker to view arbitrary files within the web services file system on the targeted device. The web services file system is enabled when the affected device is configured with either WebVPN or AnyConnect features. This vulnerability cannot be used to obtain access to ASA or FTD system files or underlying operating system (OS) files.
FIRST-EPSS: 0.975290000
NVD-IS: 3.6
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2022-21587
DESCRIPTION: Exploit Observer has 16 entries related to CVE-2022-21587. Vulnerability in the Oracle Web Applications Desktop Integrator product of Oracle E-Business Suite (component: Upload). Supported versions that are affected are 12.2.3-12.2.11. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Web Applications Desktop Integrator. Successful attacks of this vulnerability can result in takeover of Oracle Web Applications Desktop Integrator. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).
FIRST-EPSS: 0.965050000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2022-21587
DESCRIPTION: Exploit Observer has 16 entries related to CVE-2022-21587. Vulnerability in the Oracle Web Applications Desktop Integrator product of Oracle E-Business Suite (component: Upload). Supported versions that are affected are 12.2.3-12.2.11. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Web Applications Desktop Integrator. Successful attacks of this vulnerability can result in takeover of Oracle Web Applications Desktop Integrator. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).
FIRST-EPSS: 0.965050000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2019-0211
DESCRIPTION: Exploit Observer has 80 entries related to CVE-2019-0211. In Apache HTTP Server 2.4 releases 2.4.17 to 2.4.38, with MPM event, worker or prefork, code executing in less-privileged child processes or threads (including scripts executed by an in-process scripting interpreter) could execute arbitrary code with the privileges of the parent process (usually root) by manipulating the scoreboard. Non-Unix systems are not affected.
FIRST-EPSS: 0.974190000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2019-0211
DESCRIPTION: Exploit Observer has 80 entries related to CVE-2019-0211. In Apache HTTP Server 2.4 releases 2.4.17 to 2.4.38, with MPM event, worker or prefork, code executing in less-privileged child processes or threads (including scripts executed by an in-process scripting interpreter) could execute arbitrary code with the privileges of the parent process (usually root) by manipulating the scoreboard. Non-Unix systems are not affected.
FIRST-EPSS: 0.974190000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2023-23529
DESCRIPTION: Exploit Observer has 24 entries related to CVE-2023-23529. A type confusion issue was addressed with improved checks. This issue is fixed in iOS 15.7.4 and iPadOS 15.7.4, iOS 16.3.1 and iPadOS 16.3.1, macOS Ventura 13.2.1, Safari 16.3. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.
FIRST-EPSS: 0.000900000
NVD-IS: 5.9
NVD-ES: 2.8
CVE-2023-23529
DESCRIPTION: Exploit Observer has 24 entries related to CVE-2023-23529. A type confusion issue was addressed with improved checks. This issue is fixed in iOS 15.7.4 and iPadOS 15.7.4, iOS 16.3.1 and iPadOS 16.3.1, macOS Ventura 13.2.1, Safari 16.3. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.
FIRST-EPSS: 0.000900000
NVD-IS: 5.9
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2011-4723
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2011-4723. The D-Link DIR-300 router stores cleartext passwords, which allows context-dependent attackers to obtain sensitive information via unspecified vectors.
FIRST-EPSS: 0.002990000
NVD-IS: 6.9
NVD-ES: 8.0
CVE-2011-4723
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2011-4723. The D-Link DIR-300 router stores cleartext passwords, which allows context-dependent attackers to obtain sensitive information via unspecified vectors.
FIRST-EPSS: 0.002990000
NVD-IS: 6.9
NVD-ES: 8.0
#ExploitObserverAlert
CVE-2023-36884
DESCRIPTION: Exploit Observer has 48 entries related to CVE-2023-36884. Windows Search Remote Code Execution Vulnerability
FIRST-EPSS: 0.479490000
NVD-IS: 5.9
NVD-ES: 1.6
CVE-2023-36884
DESCRIPTION: Exploit Observer has 48 entries related to CVE-2023-36884. Windows Search Remote Code Execution Vulnerability
FIRST-EPSS: 0.479490000
NVD-IS: 5.9
NVD-ES: 1.6
#ExploitObserverAlert
CVE-2021-28550
DESCRIPTION: Exploit Observer has 6 entries related to CVE-2021-28550. Acrobat Reader DC versions versions 2021.001.20150 (and earlier), 2020.001.30020 (and earlier) and 2017.011.30194 (and earlier) are affected by a Use After Free vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
FIRST-EPSS: 0.634320000
NVD-IS: 5.9
NVD-ES: 2.8
CVE-2021-28550
DESCRIPTION: Exploit Observer has 6 entries related to CVE-2021-28550. Acrobat Reader DC versions versions 2021.001.20150 (and earlier), 2020.001.30020 (and earlier) and 2017.011.30194 (and earlier) are affected by a Use After Free vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
FIRST-EPSS: 0.634320000
NVD-IS: 5.9
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2021-44228
DESCRIPTION: Exploit Observer has 1853 entries related to CVE-2021-44228. Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled. From log4j 2.15.0, this behavior has been disabled by default. From version 2.16.0 (along with 2.12.2, 2.12.3, and 2.3.1), this functionality has been completely removed. Note that this vulnerability is specific to log4j-core and does not affect log4net, log4cxx, or other Apache Logging Services projects.
FIRST-EPSS: 0.974540000
NVD-IS: 6.0
NVD-ES: 3.9
CVE-2021-44228
DESCRIPTION: Exploit Observer has 1853 entries related to CVE-2021-44228. Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled. From log4j 2.15.0, this behavior has been disabled by default. From version 2.16.0 (along with 2.12.2, 2.12.3, and 2.3.1), this functionality has been completely removed. Note that this vulnerability is specific to log4j-core and does not affect log4net, log4cxx, or other Apache Logging Services projects.
FIRST-EPSS: 0.974540000
NVD-IS: 6.0
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2014-6352
DESCRIPTION: Exploit Observer has 14 entries related to CVE-2014-6352. Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow remote attackers to execute arbitrary code via a crafted OLE object, as exploited in the wild in October 2014 with a crafted PowerPoint document.
FIRST-EPSS: 0.969110000
NVD-IS: 10.0
NVD-ES: 8.6
CVE-2014-6352
DESCRIPTION: Exploit Observer has 14 entries related to CVE-2014-6352. Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow remote attackers to execute arbitrary code via a crafted OLE object, as exploited in the wild in October 2014 with a crafted PowerPoint document.
FIRST-EPSS: 0.969110000
NVD-IS: 10.0
NVD-ES: 8.6
#ExploitObserverAlert
CVE-2018-6065
DESCRIPTION: Exploit Observer has 10 entries related to CVE-2018-6065. Integer overflow in computing the required allocation size when instantiating a new javascript object in V8 in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
FIRST-EPSS: 0.903840000
NVD-IS: 5.9
NVD-ES: 2.8
CVE-2018-6065
DESCRIPTION: Exploit Observer has 10 entries related to CVE-2018-6065. Integer overflow in computing the required allocation size when instantiating a new javascript object in V8 in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
FIRST-EPSS: 0.903840000
NVD-IS: 5.9
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2016-9563
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2016-9563. BC-BMT-BPM-DSK in SAP NetWeaver AS JAVA 7.5 allows remote authenticated users to conduct XML External Entity (XXE) attacks via the sap.com~tc~bpem~him~uwlconn~provider~web/bpemuwlconn URI, aka SAP Security Note 2296909.
FIRST-EPSS: 0.918830000
NVD-IS: 3.6
NVD-ES: 2.8
CVE-2016-9563
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2016-9563. BC-BMT-BPM-DSK in SAP NetWeaver AS JAVA 7.5 allows remote authenticated users to conduct XML External Entity (XXE) attacks via the sap.com~tc~bpem~him~uwlconn~provider~web/bpemuwlconn URI, aka SAP Security Note 2296909.
FIRST-EPSS: 0.918830000
NVD-IS: 3.6
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2012-1823
DESCRIPTION: Exploit Observer has 68 entries related to CVE-2012-1823. sapi/cgi/cgi_main.c in PHP before 5.3.12 and 5.4.x before 5.4.2, when configured as a CGI script (aka php-cgi), does not properly handle query strings that lack an = (equals sign) character, which allows remote attackers to execute arbitrary code by placing command-line options in the query string, related to lack of skipping a certain php_getopt for the 'd' case.
FIRST-EPSS: 0.974910000
NVD-IS: 6.4
NVD-ES: 10.0
CVE-2012-1823
DESCRIPTION: Exploit Observer has 68 entries related to CVE-2012-1823. sapi/cgi/cgi_main.c in PHP before 5.3.12 and 5.4.x before 5.4.2, when configured as a CGI script (aka php-cgi), does not properly handle query strings that lack an = (equals sign) character, which allows remote attackers to execute arbitrary code by placing command-line options in the query string, related to lack of skipping a certain php_getopt for the 'd' case.
FIRST-EPSS: 0.974910000
NVD-IS: 6.4
NVD-ES: 10.0