#ExploitObserverAlert
CVE-2022-24512
DESCRIPTION: Exploit Observer has 4 entries related to CVE-2022-24512. .NET and Visual Studio Remote Code Execution Vulnerability
FIRST-EPSS: 0.017120000
NVD-IS: 3.4
NVD-ES: 2.8
CVE-2022-24512
DESCRIPTION: Exploit Observer has 4 entries related to CVE-2022-24512. .NET and Visual Studio Remote Code Execution Vulnerability
FIRST-EPSS: 0.017120000
NVD-IS: 3.4
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2022-22536
DESCRIPTION: Exploit Observer has 16 entries related to CVE-2022-22536. SAP NetWeaver Application Server ABAP, SAP NetWeaver Application Server Java, ABAP Platform, SAP Content Server 7.53 and SAP Web Dispatcher are vulnerable for request smuggling and request concatenation. An unauthenticated attacker can prepend a victim's request with arbitrary data. This way, the attacker can execute functions impersonating the victim or poison intermediary Web caches. A successful attack could result in complete compromise of Confidentiality, Integrity and Availability of the system.
FIRST-EPSS: 0.958480000
NVD-IS: 6.0
NVD-ES: 3.9
CVE-2022-22536
DESCRIPTION: Exploit Observer has 16 entries related to CVE-2022-22536. SAP NetWeaver Application Server ABAP, SAP NetWeaver Application Server Java, ABAP Platform, SAP Content Server 7.53 and SAP Web Dispatcher are vulnerable for request smuggling and request concatenation. An unauthenticated attacker can prepend a victim's request with arbitrary data. This way, the attacker can execute functions impersonating the victim or poison intermediary Web caches. A successful attack could result in complete compromise of Confidentiality, Integrity and Availability of the system.
FIRST-EPSS: 0.958480000
NVD-IS: 6.0
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2020-8927
DESCRIPTION: Exploit Observer has 17 entries related to CVE-2020-8927. A buffer overflow exists in the Brotli library versions prior to 1.0.8 where an attacker controlling the input length of a "one-shot" decompression request to a script can trigger a crash, which happens when copying over chunks of data larger than 2 GiB. It is recommended to update your Brotli library to 1.0.8 or later. If one cannot update, we recommend to use the "streaming" API as opposed to the "one-shot" API, and impose chunk size limits.
FIRST-EPSS: 0.005250000
NVD-IS: 2.5
NVD-ES: 3.9
CVE-2020-8927
DESCRIPTION: Exploit Observer has 17 entries related to CVE-2020-8927. A buffer overflow exists in the Brotli library versions prior to 1.0.8 where an attacker controlling the input length of a "one-shot" decompression request to a script can trigger a crash, which happens when copying over chunks of data larger than 2 GiB. It is recommended to update your Brotli library to 1.0.8 or later. If one cannot update, we recommend to use the "streaming" API as opposed to the "one-shot" API, and impose chunk size limits.
FIRST-EPSS: 0.005250000
NVD-IS: 2.5
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2023-29357
DESCRIPTION: Exploit Observer has 17 entries related to CVE-2023-29357. Microsoft SharePoint Server Elevation of Privilege Vulnerability
FIRST-EPSS: 0.761240000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2023-29357
DESCRIPTION: Exploit Observer has 17 entries related to CVE-2023-29357. Microsoft SharePoint Server Elevation of Privilege Vulnerability
FIRST-EPSS: 0.761240000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2021-3611
DESCRIPTION: Exploit Observer has 5 entries related to CVE-2021-3611. A stack overflow vulnerability was found in the Intel HD Audio device (intel-hda) of QEMU. A malicious guest could use this flaw to crash the QEMU process on the host, resulting in a denial of service condition. The highest threat from this vulnerability is to system availability. This flaw affects QEMU versions prior to 7.0.0.
FIRST-EPSS: 0.000420000
NVD-IS: 4.0
NVD-ES: 2.0
CVE-2021-3611
DESCRIPTION: Exploit Observer has 5 entries related to CVE-2021-3611. A stack overflow vulnerability was found in the Intel HD Audio device (intel-hda) of QEMU. A malicious guest could use this flaw to crash the QEMU process on the host, resulting in a denial of service condition. The highest threat from this vulnerability is to system availability. This flaw affects QEMU versions prior to 7.0.0.
FIRST-EPSS: 0.000420000
NVD-IS: 4.0
NVD-ES: 2.0
#ExploitObserverAlert
CVE-2023-0461
DESCRIPTION: Exploit Observer has 22 entries related to CVE-2023-0461. There is a use-after-free vulnerability in the Linux Kernel which can be exploited to achieve local privilege escalation. To reach the vulnerability kernel configuration flag CONFIG_TLS or CONFIG_XFRM_ESPINTCP has to be configured, but the operation does not require any privilege.
There is a use-after-free bug of icsk_ulp_data of a struct inet_connection_sock.
When CONFIG_TLS is enabled, user can install a tls context (struct tls_context) on a connected tcp socket. The context is not cleared if this socket is disconnected and reused as a listener. If a new socket is created from the listener, the context is inherited and vulnerable.
The setsockopt TCP_ULP operation does not require any privilege.
We recommend upgrading past commit 2c02d41d71f90a5168391b6a5f2954112ba2307c
FIRST-EPSS: 0.000420000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2023-0461
DESCRIPTION: Exploit Observer has 22 entries related to CVE-2023-0461. There is a use-after-free vulnerability in the Linux Kernel which can be exploited to achieve local privilege escalation. To reach the vulnerability kernel configuration flag CONFIG_TLS or CONFIG_XFRM_ESPINTCP has to be configured, but the operation does not require any privilege.
There is a use-after-free bug of icsk_ulp_data of a struct inet_connection_sock.
When CONFIG_TLS is enabled, user can install a tls context (struct tls_context) on a connected tcp socket. The context is not cleared if this socket is disconnected and reused as a listener. If a new socket is created from the listener, the context is inherited and vulnerable.
The setsockopt TCP_ULP operation does not require any privilege.
We recommend upgrading past commit 2c02d41d71f90a5168391b6a5f2954112ba2307c
FIRST-EPSS: 0.000420000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2021-22213
DESCRIPTION: Exploit Observer has 4 entries related to CVE-2021-22213. A cross-site leak vulnerability in the OAuth flow of all versions of GitLab CE/EE since 7.10 allowed an attacker to leak an OAuth access token by getting the victim to visit a malicious page with Safari
FIRST-EPSS: 0.001710000
NVD-IS: 3.6
NVD-ES: 2.8
CVE-2021-22213
DESCRIPTION: Exploit Observer has 4 entries related to CVE-2021-22213. A cross-site leak vulnerability in the OAuth flow of all versions of GitLab CE/EE since 7.10 allowed an attacker to leak an OAuth access token by getting the victim to visit a malicious page with Safari
FIRST-EPSS: 0.001710000
NVD-IS: 3.6
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2023-4966
DESCRIPTION: Exploit Observer has 120 entries related to CVE-2023-4966. Sensitive information disclosure in NetScaler ADC and NetScaler Gateway when configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA ?virtual?server.
FIRST-EPSS: 0.922670000
NVD-IS: 3.6
NVD-ES: 3.9
CVE-2023-4966
DESCRIPTION: Exploit Observer has 120 entries related to CVE-2023-4966. Sensitive information disclosure in NetScaler ADC and NetScaler Gateway when configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA ?virtual?server.
FIRST-EPSS: 0.922670000
NVD-IS: 3.6
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2022-23635
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2022-23635. Istio is an open platform to connect, manage, and secure microservices. In affected versions the Istio control plane, `istiod`, is vulnerable to a request processing error, allowing a malicious attacker that sends a specially crafted message which results in the control plane crashing. This endpoint is served over TLS port 15012, but does not require any authentication from the attacker. For simple installations, Istiod is typically only reachable from within the cluster, limiting the blast radius. However, for some deployments, especially [multicluster](https://istio.io/latest/docs/setup/install/multicluster/primary-remote/) topologies, this port is exposed over the public internet. There are no effective workarounds, beyond upgrading. Limiting network access to Istiod to the minimal set of clients can help lessen the scope of the vulnerability to some extent.
FIRST-EPSS: 0.001210000
NVD-IS: 3.6
NVD-ES: 3.9
CVE-2022-23635
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2022-23635. Istio is an open platform to connect, manage, and secure microservices. In affected versions the Istio control plane, `istiod`, is vulnerable to a request processing error, allowing a malicious attacker that sends a specially crafted message which results in the control plane crashing. This endpoint is served over TLS port 15012, but does not require any authentication from the attacker. For simple installations, Istiod is typically only reachable from within the cluster, limiting the blast radius. However, for some deployments, especially [multicluster](https://istio.io/latest/docs/setup/install/multicluster/primary-remote/) topologies, this port is exposed over the public internet. There are no effective workarounds, beyond upgrading. Limiting network access to Istiod to the minimal set of clients can help lessen the scope of the vulnerability to some extent.
FIRST-EPSS: 0.001210000
NVD-IS: 3.6
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2022-3768
DESCRIPTION: Exploit Observer has 5 entries related to CVE-2022-3768. The WPSmartContracts WordPress plugin before 1.3.12 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as author
FIRST-EPSS: 0.015930000
NVD-IS: 5.9
NVD-ES: 2.8
CVE-2022-3768
DESCRIPTION: Exploit Observer has 5 entries related to CVE-2022-3768. The WPSmartContracts WordPress plugin before 1.3.12 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as author
FIRST-EPSS: 0.015930000
NVD-IS: 5.9
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2021-1721
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2021-1721. .NET Core and Visual Studio Denial of Service Vulnerability
FIRST-EPSS: 0.001680000
NVD-IS: 3.6
NVD-ES: 2.8
CVE-2021-1721
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2021-1721. .NET Core and Visual Studio Denial of Service Vulnerability
FIRST-EPSS: 0.001680000
NVD-IS: 3.6
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2020-1067
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2020-1067. A remote code execution vulnerability exists in the way that Windows handles objects in memory, aka 'Windows Remote Code Execution Vulnerability'.
FIRST-EPSS: 0.012660000
NVD-IS: 5.9
NVD-ES: 2.8
CVE-2020-1067
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2020-1067. A remote code execution vulnerability exists in the way that Windows handles objects in memory, aka 'Windows Remote Code Execution Vulnerability'.
FIRST-EPSS: 0.012660000
NVD-IS: 5.9
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2023-22515
DESCRIPTION: Exploit Observer has 209 entries related to CVE-2023-22515. Atlassian has been made aware of an issue reported by a handful of customers where external attackers may have exploited a previously unknown vulnerability in publicly accessible Confluence Data Center and Server instances to create unauthorized Confluence administrator accounts and access Confluence instances.
Atlassian Cloud sites are not affected by this vulnerability. If your Confluence site is accessed via an atlassian.net domain, it is hosted by Atlassian and is not vulnerable to this issue.
FIRST-EPSS: 0.955290000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2023-22515
DESCRIPTION: Exploit Observer has 209 entries related to CVE-2023-22515. Atlassian has been made aware of an issue reported by a handful of customers where external attackers may have exploited a previously unknown vulnerability in publicly accessible Confluence Data Center and Server instances to create unauthorized Confluence administrator accounts and access Confluence instances.
Atlassian Cloud sites are not affected by this vulnerability. If your Confluence site is accessed via an atlassian.net domain, it is hosted by Atlassian and is not vulnerable to this issue.
FIRST-EPSS: 0.955290000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2020-13954
DESCRIPTION: Exploit Observer has 17 entries related to CVE-2020-13954. By default, Apache CXF creates a /services page containing a listing of the available endpoint names and addresses. This webpage is vulnerable to a reflected Cross-Site Scripting (XSS) attack via the styleSheetPath, which allows a malicious actor to inject javascript into the web page. This vulnerability affects all versions of Apache CXF prior to 3.4.1 and 3.3.8. Please note that this is a separate issue to CVE-2019-17573.
FIRST-EPSS: 0.165290000
NVD-IS: 2.7
NVD-ES: 2.8
CVE-2020-13954
DESCRIPTION: Exploit Observer has 17 entries related to CVE-2020-13954. By default, Apache CXF creates a /services page containing a listing of the available endpoint names and addresses. This webpage is vulnerable to a reflected Cross-Site Scripting (XSS) attack via the styleSheetPath, which allows a malicious actor to inject javascript into the web page. This vulnerability affects all versions of Apache CXF prior to 3.4.1 and 3.3.8. Please note that this is a separate issue to CVE-2019-17573.
FIRST-EPSS: 0.165290000
NVD-IS: 2.7
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2020-12446
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2020-12446. The ene.sys driver in G.SKILL Trident Z Lighting Control through 1.00.08 exposes mapping and un-mapping of physical memory, reading and writing to Model Specific Register (MSR) registers, and input from and output to I/O ports to local non-privileged users. This leads to privilege escalation to NT AUTHORITY\SYSTEM.
FIRST-EPSS: 0.000440000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2020-12446
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2020-12446. The ene.sys driver in G.SKILL Trident Z Lighting Control through 1.00.08 exposes mapping and un-mapping of physical memory, reading and writing to Model Specific Register (MSR) registers, and input from and output to I/O ports to local non-privileged users. This leads to privilege escalation to NT AUTHORITY\SYSTEM.
FIRST-EPSS: 0.000440000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2020-1472
DESCRIPTION: Exploit Observer has 406 entries related to CVE-2020-1472. An elevation of privilege vulnerability exists when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol (MS-NRPC), aka 'Netlogon Elevation of Privilege Vulnerability'.
FIRST-EPSS: 0.974540000
NVD-IS: 6.0
NVD-ES: 3.9
CVE-2020-1472
DESCRIPTION: Exploit Observer has 406 entries related to CVE-2020-1472. An elevation of privilege vulnerability exists when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol (MS-NRPC), aka 'Netlogon Elevation of Privilege Vulnerability'.
FIRST-EPSS: 0.974540000
NVD-IS: 6.0
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2022-27191
DESCRIPTION: Exploit Observer has 24 entries related to CVE-2022-27191. The golang.org/x/crypto/ssh package before 0.0.0-20220314234659-1baeb1ce4c0b for Go allows an attacker to crash a server in certain circumstances involving AddHostKey.
FIRST-EPSS: 0.002530000
NVD-IS: 3.6
NVD-ES: 3.9
CVE-2022-27191
DESCRIPTION: Exploit Observer has 24 entries related to CVE-2022-27191. The golang.org/x/crypto/ssh package before 0.0.0-20220314234659-1baeb1ce4c0b for Go allows an attacker to crash a server in certain circumstances involving AddHostKey.
FIRST-EPSS: 0.002530000
NVD-IS: 3.6
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2022-36760
DESCRIPTION: Exploit Observer has 9 entries related to CVE-2022-36760. Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') vulnerability in mod_proxy_ajp of Apache HTTP Server allows an attacker to smuggle requests to the AJP server it forwards requests to. This issue affects Apache HTTP Server Apache HTTP Server 2.4 version 2.4.54 and prior versions.
FIRST-EPSS: 0.013020000
NVD-IS: 6.0
NVD-ES: 2.2
CVE-2022-36760
DESCRIPTION: Exploit Observer has 9 entries related to CVE-2022-36760. Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') vulnerability in mod_proxy_ajp of Apache HTTP Server allows an attacker to smuggle requests to the AJP server it forwards requests to. This issue affects Apache HTTP Server Apache HTTP Server 2.4 version 2.4.54 and prior versions.
FIRST-EPSS: 0.013020000
NVD-IS: 6.0
NVD-ES: 2.2
#ExploitObserverAlert
CVE-2012-4360
DESCRIPTION: Exploit Observer has 4 entries related to CVE-2012-4360. Cross-site scripting (XSS) vulnerability in the mod_pagespeed module 0.10.19.1 through 0.10.22.4 for the Apache HTTP Server allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
FIRST-EPSS: 0.002000000
NVD-IS: 2.9
NVD-ES: 8.6
CVE-2012-4360
DESCRIPTION: Exploit Observer has 4 entries related to CVE-2012-4360. Cross-site scripting (XSS) vulnerability in the mod_pagespeed module 0.10.19.1 through 0.10.22.4 for the Apache HTTP Server allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
FIRST-EPSS: 0.002000000
NVD-IS: 2.9
NVD-ES: 8.6
#ExploitObserverAlert
CVE-2022-22978
DESCRIPTION: Exploit Observer has 34 entries related to CVE-2022-22978. In spring security versions prior to 5.4.11 , 5.5.7 , 5.6.4 and older unsupported versions, RegexRequestMatcher can easily be misconfigured to be bypassed on some servlet containers. Applications using RegexRequestMatcher with `.` in the regular expression are possibly vulnerable to an authorization bypass.
FIRST-EPSS: 0.011580000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2022-22978
DESCRIPTION: Exploit Observer has 34 entries related to CVE-2022-22978. In spring security versions prior to 5.4.11 , 5.5.7 , 5.6.4 and older unsupported versions, RegexRequestMatcher can easily be misconfigured to be bypassed on some servlet containers. Applications using RegexRequestMatcher with `.` in the regular expression are possibly vulnerable to an authorization bypass.
FIRST-EPSS: 0.011580000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2022-37436
DESCRIPTION: Exploit Observer has 9 entries related to CVE-2022-37436. Prior to Apache HTTP Server 2.4.55, a malicious backend can cause the response headers to be truncated early, resulting in some headers being incorporated into the response body. If the later headers have any security purpose, they will not be interpreted by the client.
FIRST-EPSS: 0.000440000
NVD-IS: 1.4
NVD-ES: 3.9
CVE-2022-37436
DESCRIPTION: Exploit Observer has 9 entries related to CVE-2022-37436. Prior to Apache HTTP Server 2.4.55, a malicious backend can cause the response headers to be truncated early, resulting in some headers being incorporated into the response body. If the later headers have any security purpose, they will not be interpreted by the client.
FIRST-EPSS: 0.000440000
NVD-IS: 1.4
NVD-ES: 3.9