#ExploitObserverAlert
CVE-2016-9563
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2016-9563. BC-BMT-BPM-DSK in SAP NetWeaver AS JAVA 7.5 allows remote authenticated users to conduct XML External Entity (XXE) attacks via the sap.com~tc~bpem~him~uwlconn~provider~web/bpemuwlconn URI, aka SAP Security Note 2296909.
FIRST-EPSS: 0.918830000
NVD-IS: 3.6
NVD-ES: 2.8
CVE-2016-9563
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2016-9563. BC-BMT-BPM-DSK in SAP NetWeaver AS JAVA 7.5 allows remote authenticated users to conduct XML External Entity (XXE) attacks via the sap.com~tc~bpem~him~uwlconn~provider~web/bpemuwlconn URI, aka SAP Security Note 2296909.
FIRST-EPSS: 0.918830000
NVD-IS: 3.6
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2012-1823
DESCRIPTION: Exploit Observer has 68 entries related to CVE-2012-1823. sapi/cgi/cgi_main.c in PHP before 5.3.12 and 5.4.x before 5.4.2, when configured as a CGI script (aka php-cgi), does not properly handle query strings that lack an = (equals sign) character, which allows remote attackers to execute arbitrary code by placing command-line options in the query string, related to lack of skipping a certain php_getopt for the 'd' case.
FIRST-EPSS: 0.974910000
NVD-IS: 6.4
NVD-ES: 10.0
CVE-2012-1823
DESCRIPTION: Exploit Observer has 68 entries related to CVE-2012-1823. sapi/cgi/cgi_main.c in PHP before 5.3.12 and 5.4.x before 5.4.2, when configured as a CGI script (aka php-cgi), does not properly handle query strings that lack an = (equals sign) character, which allows remote attackers to execute arbitrary code by placing command-line options in the query string, related to lack of skipping a certain php_getopt for the 'd' case.
FIRST-EPSS: 0.974910000
NVD-IS: 6.4
NVD-ES: 10.0
#ExploitObserverAlert
CVE-2020-17519
DESCRIPTION: Exploit Observer has 98 entries related to CVE-2020-17519. A change introduced in Apache Flink 1.11.0 (and released in 1.11.1 and 1.11.2 as well) allows attackers to read any file on the local filesystem of the JobManager through the REST interface of the JobManager process. Access is restricted to files accessible by the JobManager process. All users should upgrade to Flink 1.11.3 or 1.12.0 if their Flink instance(s) are exposed. The issue was fixed in commit b561010b0ee741543c3953306037f00d7a9f0801 from apache/flink:master.
FIRST-EPSS: 0.971700000
NVD-IS: 3.6
NVD-ES: 3.9
CVE-2020-17519
DESCRIPTION: Exploit Observer has 98 entries related to CVE-2020-17519. A change introduced in Apache Flink 1.11.0 (and released in 1.11.1 and 1.11.2 as well) allows attackers to read any file on the local filesystem of the JobManager through the REST interface of the JobManager process. Access is restricted to files accessible by the JobManager process. All users should upgrade to Flink 1.11.3 or 1.12.0 if their Flink instance(s) are exposed. The issue was fixed in commit b561010b0ee741543c3953306037f00d7a9f0801 from apache/flink:master.
FIRST-EPSS: 0.971700000
NVD-IS: 3.6
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2019-1214
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2019-1214. An elevation of privilege vulnerability exists when the Windows Common Log File System (CLFS) driver improperly handles objects in memory, aka 'Windows Common Log File System Driver Elevation of Privilege Vulnerability'.
FIRST-EPSS: 0.001170000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2019-1214
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2019-1214. An elevation of privilege vulnerability exists when the Windows Common Log File System (CLFS) driver improperly handles objects in memory, aka 'Windows Common Log File System Driver Elevation of Privilege Vulnerability'.
FIRST-EPSS: 0.001170000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2012-2539
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2012-2539. Microsoft Word 2003 SP3, 2007 SP2 and SP3, and 2010 SP1; Word Viewer; Office Compatibility Pack SP2 and SP3; and Office Web Apps 2010 SP1 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted RTF data, aka "Word RTF 'listoverridecount' Remote Code Execution Vulnerability."
FIRST-EPSS: 0.732650000
NVD-IS: 10.0
NVD-ES: 8.6
CVE-2012-2539
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2012-2539. Microsoft Word 2003 SP3, 2007 SP2 and SP3, and 2010 SP1; Word Viewer; Office Compatibility Pack SP2 and SP3; and Office Web Apps 2010 SP1 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted RTF data, aka "Word RTF 'listoverridecount' Remote Code Execution Vulnerability."
FIRST-EPSS: 0.732650000
NVD-IS: 10.0
NVD-ES: 8.6
#ExploitObserverAlert
CVE-2023-4966
DESCRIPTION: Exploit Observer has 348 entries related to CVE-2023-4966. Sensitive information disclosure in NetScaler ADC and NetScaler Gateway when configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA ?virtual?server.
FIRST-EPSS: 0.922670000
NVD-IS: 3.6
NVD-ES: 3.9
CVE-2023-4966
DESCRIPTION: Exploit Observer has 348 entries related to CVE-2023-4966. Sensitive information disclosure in NetScaler ADC and NetScaler Gateway when configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA ?virtual?server.
FIRST-EPSS: 0.922670000
NVD-IS: 3.6
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2021-30554
DESCRIPTION: Exploit Observer has 5 entries related to CVE-2021-30554. Use after free in WebGL in Google Chrome prior to 91.0.4472.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
FIRST-EPSS: 0.017770000
NVD-IS: 5.9
NVD-ES: 2.8
CVE-2021-30554
DESCRIPTION: Exploit Observer has 5 entries related to CVE-2021-30554. Use after free in WebGL in Google Chrome prior to 91.0.4472.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
FIRST-EPSS: 0.017770000
NVD-IS: 5.9
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2012-5076
DESCRIPTION: Exploit Observer has 15 entries related to CVE-2012-5076. Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier allows remote attackers to affect confidentiality, integrity, and availability, related to JAX-WS.
FIRST-EPSS: 0.971190000
NVD-IS: 10.0
NVD-ES: 10.0
CVE-2012-5076
DESCRIPTION: Exploit Observer has 15 entries related to CVE-2012-5076. Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier allows remote attackers to affect confidentiality, integrity, and availability, related to JAX-WS.
FIRST-EPSS: 0.971190000
NVD-IS: 10.0
NVD-ES: 10.0
#ExploitObserverAlert
CVE-2020-0069
DESCRIPTION: Exploit Observer has 11 entries related to CVE-2020-0069. In the ioctl handlers of the Mediatek Command Queue driver, there is a possible out of bounds write due to insufficient input sanitization and missing SELinux restrictions. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-147882143References: M-ALPS04356754
FIRST-EPSS: 0.001110000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2020-0069
DESCRIPTION: Exploit Observer has 11 entries related to CVE-2020-0069. In the ioctl handlers of the Mediatek Command Queue driver, there is a possible out of bounds write due to insufficient input sanitization and missing SELinux restrictions. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-147882143References: M-ALPS04356754
FIRST-EPSS: 0.001110000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2021-30983
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2021-30983. A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 15.2 and iPadOS 15.2. An application may be able to execute arbitrary code with kernel privileges.
FIRST-EPSS: 0.000880000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2021-30983
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2021-30983. A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 15.2 and iPadOS 15.2. An application may be able to execute arbitrary code with kernel privileges.
FIRST-EPSS: 0.000880000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2019-11539
DESCRIPTION: Exploit Observer has 19 entries related to CVE-2019-11539. In Pulse Secure Pulse Connect Secure version 9.0RX before 9.0R3.4, 8.3RX before 8.3R7.1, 8.2RX before 8.2R12.1, and 8.1RX before 8.1R15.1 and Pulse Policy Secure version 9.0RX before 9.0R3.2, 5.4RX before 5.4R7.1, 5.3RX before 5.3R12.1, 5.2RX before 5.2R12.1, and 5.1RX before 5.1R15.1, the admin web interface allows an authenticated attacker to inject and execute commands.
FIRST-EPSS: 0.971880000
NVD-IS: 5.9
NVD-ES: 1.2
CVE-2019-11539
DESCRIPTION: Exploit Observer has 19 entries related to CVE-2019-11539. In Pulse Secure Pulse Connect Secure version 9.0RX before 9.0R3.4, 8.3RX before 8.3R7.1, 8.2RX before 8.2R12.1, and 8.1RX before 8.1R15.1 and Pulse Policy Secure version 9.0RX before 9.0R3.2, 5.4RX before 5.4R7.1, 5.3RX before 5.3R12.1, 5.2RX before 5.2R12.1, and 5.1RX before 5.1R15.1, the admin web interface allows an authenticated attacker to inject and execute commands.
FIRST-EPSS: 0.971880000
NVD-IS: 5.9
NVD-ES: 1.2
#ExploitObserverAlert
CVE-2021-36741
DESCRIPTION: Exploit Observer has 6 entries related to CVE-2021-36741. An improper input validation vulnerability in Trend Micro Apex One, Apex One as a Service, OfficeScan XG, and Worry-Free Business Security 10.0 SP1 allows a remote attached to upload arbitrary files on affected installations. Please note: an attacker must first obtain the ability to logon to the product?s management console in order to exploit this vulnerability.
FIRST-EPSS: 0.015970000
NVD-IS: 5.9
NVD-ES: 2.8
CVE-2021-36741
DESCRIPTION: Exploit Observer has 6 entries related to CVE-2021-36741. An improper input validation vulnerability in Trend Micro Apex One, Apex One as a Service, OfficeScan XG, and Worry-Free Business Security 10.0 SP1 allows a remote attached to upload arbitrary files on affected installations. Please note: an attacker must first obtain the ability to logon to the product?s management console in order to exploit this vulnerability.
FIRST-EPSS: 0.015970000
NVD-IS: 5.9
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2017-5689
DESCRIPTION: Exploit Observer has 82 entries related to CVE-2017-5689. An unprivileged network attacker could gain system privileges to provisioned Intel manageability SKUs: Intel Active Management Technology (AMT) and Intel Standard Manageability (ISM). An unprivileged local attacker could provision manageability features gaining unprivileged network or local system privileges on Intel manageability SKUs: Intel Active Management Technology (AMT), Intel Standard Manageability (ISM), and Intel Small Business Technology (SBT).
FIRST-EPSS: 0.974160000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2017-5689
DESCRIPTION: Exploit Observer has 82 entries related to CVE-2017-5689. An unprivileged network attacker could gain system privileges to provisioned Intel manageability SKUs: Intel Active Management Technology (AMT) and Intel Standard Manageability (ISM). An unprivileged local attacker could provision manageability features gaining unprivileged network or local system privileges on Intel manageability SKUs: Intel Active Management Technology (AMT), Intel Standard Manageability (ISM), and Intel Small Business Technology (SBT).
FIRST-EPSS: 0.974160000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2019-1069
DESCRIPTION: Exploit Observer has 13 entries related to CVE-2019-1069. An elevation of privilege vulnerability exists in the way the Task Scheduler Service validates certain file operations, aka 'Task Scheduler Elevation of Privilege Vulnerability'.
FIRST-EPSS: 0.004480000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2019-1069
DESCRIPTION: Exploit Observer has 13 entries related to CVE-2019-1069. An elevation of privilege vulnerability exists in the way the Task Scheduler Service validates certain file operations, aka 'Task Scheduler Elevation of Privilege Vulnerability'.
FIRST-EPSS: 0.004480000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2020-9859
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2020-9859. A memory consumption issue was addressed with improved memory handling. This issue is fixed in iOS 13.5.1 and iPadOS 13.5.1, macOS Catalina 10.15.5 Supplemental Update, tvOS 13.4.6, watchOS 6.2.6. An application may be able to execute arbitrary code with kernel privileges.
FIRST-EPSS: 0.000700000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2020-9859
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2020-9859. A memory consumption issue was addressed with improved memory handling. This issue is fixed in iOS 13.5.1 and iPadOS 13.5.1, macOS Catalina 10.15.5 Supplemental Update, tvOS 13.4.6, watchOS 6.2.6. An application may be able to execute arbitrary code with kernel privileges.
FIRST-EPSS: 0.000700000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2021-26858
DESCRIPTION: Exploit Observer has 40 entries related to CVE-2021-26858. Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-26412, CVE-2021-26854, CVE-2021-26855, CVE-2021-26857, CVE-2021-27065, CVE-2021-27078.
FIRST-EPSS: 0.555370000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2021-26858
DESCRIPTION: Exploit Observer has 40 entries related to CVE-2021-26858. Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-26412, CVE-2021-26854, CVE-2021-26855, CVE-2021-26857, CVE-2021-27065, CVE-2021-27078.
FIRST-EPSS: 0.555370000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2013-3660
DESCRIPTION: Exploit Observer has 19 entries related to CVE-2013-3660. The EPATHOBJ::pprFlattenRec function in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, and Windows Server 2012 does not properly initialize a pointer for the next object in a certain list, which allows local users to obtain write access to the PATHRECORD chain, and consequently gain privileges, by triggering excessive consumption of paged memory and then making many FlattenPath function calls, aka "Win32k Read AV Vulnerability."
FIRST-EPSS: 0.000610000
NVD-IS: 10.0
NVD-ES: 3.4
CVE-2013-3660
DESCRIPTION: Exploit Observer has 19 entries related to CVE-2013-3660. The EPATHOBJ::pprFlattenRec function in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, and Windows Server 2012 does not properly initialize a pointer for the next object in a certain list, which allows local users to obtain write access to the PATHRECORD chain, and consequently gain privileges, by triggering excessive consumption of paged memory and then making many FlattenPath function calls, aka "Win32k Read AV Vulnerability."
FIRST-EPSS: 0.000610000
NVD-IS: 10.0
NVD-ES: 3.4
#ExploitObserverAlert
CVE-2017-12617
DESCRIPTION: Exploit Observer has 132 entries related to CVE-2017-12617. When running Apache Tomcat versions 9.0.0.M1 to 9.0.0, 8.5.0 to 8.5.22, 8.0.0.RC1 to 8.0.46 and 7.0.0 to 7.0.81 with HTTP PUTs enabled (e.g. via setting the readonly initialisation parameter of the Default servlet to false) it was possible to upload a JSP file to the server via a specially crafted request. This JSP could then be requested and any code it contained would be executed by the server.
FIRST-EPSS: 0.974700000
NVD-IS: 5.9
NVD-ES: 2.2
CVE-2017-12617
DESCRIPTION: Exploit Observer has 132 entries related to CVE-2017-12617. When running Apache Tomcat versions 9.0.0.M1 to 9.0.0, 8.5.0 to 8.5.22, 8.0.0.RC1 to 8.0.46 and 7.0.0 to 7.0.81 with HTTP PUTs enabled (e.g. via setting the readonly initialisation parameter of the Default servlet to false) it was possible to upload a JSP file to the server via a specially crafted request. This JSP could then be requested and any code it contained would be executed by the server.
FIRST-EPSS: 0.974700000
NVD-IS: 5.9
NVD-ES: 2.2
#ExploitObserverAlert
CVE-2021-38646
DESCRIPTION: Exploit Observer has 5 entries related to CVE-2021-38646. Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability
FIRST-EPSS: 0.012750000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2021-38646
DESCRIPTION: Exploit Observer has 5 entries related to CVE-2021-38646. Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability
FIRST-EPSS: 0.012750000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2016-4437
DESCRIPTION: Exploit Observer has 64 entries related to CVE-2016-4437. Apache Shiro before 1.2.5, when a cipher key has not been configured for the "remember me" feature, allows remote attackers to execute arbitrary code or bypass intended access restrictions via an unspecified request parameter.
FIRST-EPSS: 0.975070000
NVD-IS: 5.9
NVD-ES: 2.2
CVE-2016-4437
DESCRIPTION: Exploit Observer has 64 entries related to CVE-2016-4437. Apache Shiro before 1.2.5, when a cipher key has not been configured for the "remember me" feature, allows remote attackers to execute arbitrary code or bypass intended access restrictions via an unspecified request parameter.
FIRST-EPSS: 0.975070000
NVD-IS: 5.9
NVD-ES: 2.2
#ExploitObserverAlert
CVE-2019-13720
DESCRIPTION: Exploit Observer has 16 entries related to CVE-2019-13720. Use after free in WebAudio in Google Chrome prior to 78.0.3904.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
FIRST-EPSS: 0.974200000
NVD-IS: 5.9
NVD-ES: 2.8
CVE-2019-13720
DESCRIPTION: Exploit Observer has 16 entries related to CVE-2019-13720. Use after free in WebAudio in Google Chrome prior to 78.0.3904.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
FIRST-EPSS: 0.974200000
NVD-IS: 5.9
NVD-ES: 2.8