#ExploitObserverAlert
CVE-2015-1635
DESCRIPTION: Exploit Observer has 53 entries related to CVE-2015-1635. HTTP.sys in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 allows remote attackers to execute arbitrary code via crafted HTTP requests, aka "HTTP.sys Remote Code Execution Vulnerability."
FIRST-EPSS: 0.975590000
NVD-IS: 10.0
NVD-ES: 10.0
CVE-2015-1635
DESCRIPTION: Exploit Observer has 53 entries related to CVE-2015-1635. HTTP.sys in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 allows remote attackers to execute arbitrary code via crafted HTTP requests, aka "HTTP.sys Remote Code Execution Vulnerability."
FIRST-EPSS: 0.975590000
NVD-IS: 10.0
NVD-ES: 10.0
#ExploitObserverAlert
CVE-2020-0986
DESCRIPTION: Exploit Observer has 7 entries related to CVE-2020-0986. An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1237, CVE-2020-1246, CVE-2020-1262, CVE-2020-1264, CVE-2020-1266, CVE-2020-1269, CVE-2020-1273, CVE-2020-1274, CVE-2020-1275, CVE-2020-1276, CVE-2020-1307, CVE-2020-1316.
FIRST-EPSS: 0.000560000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2020-0986
DESCRIPTION: Exploit Observer has 7 entries related to CVE-2020-0986. An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1237, CVE-2020-1246, CVE-2020-1262, CVE-2020-1264, CVE-2020-1266, CVE-2020-1269, CVE-2020-1273, CVE-2020-1274, CVE-2020-1275, CVE-2020-1276, CVE-2020-1307, CVE-2020-1316.
FIRST-EPSS: 0.000560000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2021-25296
DESCRIPTION: Exploit Observer has 19 entries related to CVE-2021-25296. Nagios XI version xi-5.7.5 is affected by OS command injection. The vulnerability exists in the file /usr/local/nagiosxi/html/includes/configwizards/windowswmi/windowswmi.inc.php due to improper sanitization of authenticated user-controlled input by a single HTTP request, which can lead to OS command injection on the Nagios XI server.
FIRST-EPSS: 0.888680000
NVD-IS: 5.9
NVD-ES: 2.8
CVE-2021-25296
DESCRIPTION: Exploit Observer has 19 entries related to CVE-2021-25296. Nagios XI version xi-5.7.5 is affected by OS command injection. The vulnerability exists in the file /usr/local/nagiosxi/html/includes/configwizards/windowswmi/windowswmi.inc.php due to improper sanitization of authenticated user-controlled input by a single HTTP request, which can lead to OS command injection on the Nagios XI server.
FIRST-EPSS: 0.888680000
NVD-IS: 5.9
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2017-6884
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2017-6884. A command injection vulnerability was discovered on the Zyxel EMG2926 home router with firmware V1.00(AAQT.4)b8. The vulnerability is located in the diagnostic tools, specifically the nslookup function. A malicious user may exploit numerous vectors to execute arbitrary commands on the router, such as the ping_ip parameter to the expert/maintenance/diagnostic/nslookup URI.
FIRST-EPSS: 0.973780000
NVD-IS: 5.9
NVD-ES: 2.8
CVE-2017-6884
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2017-6884. A command injection vulnerability was discovered on the Zyxel EMG2926 home router with firmware V1.00(AAQT.4)b8. The vulnerability is located in the diagnostic tools, specifically the nslookup function. A malicious user may exploit numerous vectors to execute arbitrary commands on the router, such as the ping_ip parameter to the expert/maintenance/diagnostic/nslookup URI.
FIRST-EPSS: 0.973780000
NVD-IS: 5.9
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2017-0262
DESCRIPTION: Exploit Observer has 19 entries related to CVE-2017-0262. Microsoft Office 2010 SP2, Office 2013 SP1, and Office 2016 allow a remote code execution vulnerability when the software fails to properly handle objects in memory, aka "Office Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-0261 and CVE-2017-0281.
FIRST-EPSS: 0.354390000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2017-0262
DESCRIPTION: Exploit Observer has 19 entries related to CVE-2017-0262. Microsoft Office 2010 SP2, Office 2013 SP1, and Office 2016 allow a remote code execution vulnerability when the software fails to properly handle objects in memory, aka "Office Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-0261 and CVE-2017-0281.
FIRST-EPSS: 0.354390000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2023-27350
DESCRIPTION: Exploit Observer has 59 entries related to CVE-2023-27350. This vulnerability allows remote attackers to bypass authentication on affected installations of PaperCut NG 22.0.5 (Build 63914). Authentication is not required to exploit this vulnerability. The specific flaw exists within the SetupCompleted class. The issue results from improper access control. An attacker can leverage this vulnerability to bypass authentication and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-18987.
FIRST-EPSS: 0.972290000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2023-27350
DESCRIPTION: Exploit Observer has 59 entries related to CVE-2023-27350. This vulnerability allows remote attackers to bypass authentication on affected installations of PaperCut NG 22.0.5 (Build 63914). Authentication is not required to exploit this vulnerability. The specific flaw exists within the SetupCompleted class. The issue results from improper access control. An attacker can leverage this vulnerability to bypass authentication and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-18987.
FIRST-EPSS: 0.972290000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2019-9978
DESCRIPTION: Exploit Observer has 34 entries related to CVE-2019-9978. The social-warfare plugin before 3.5.3 for WordPress has stored XSS via the wp-admin/admin-post.php?swp_debug=load_options swp_url parameter, as exploited in the wild in March 2019. This affects Social Warfare and Social Warfare Pro.
FIRST-EPSS: 0.973230000
NVD-IS: 2.7
NVD-ES: 2.8
CVE-2019-9978
DESCRIPTION: Exploit Observer has 34 entries related to CVE-2019-9978. The social-warfare plugin before 3.5.3 for WordPress has stored XSS via the wp-admin/admin-post.php?swp_debug=load_options swp_url parameter, as exploited in the wild in March 2019. This affects Social Warfare and Social Warfare Pro.
FIRST-EPSS: 0.973230000
NVD-IS: 2.7
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2018-0174
DESCRIPTION: Exploit Observer has 6 entries related to CVE-2018-0174. A vulnerability in the DHCP option 82 encapsulation functionality of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability exists because the affected software performs incomplete input validation of option 82 information that it receives in DHCP Version 4 (DHCPv4) packets from DHCP relay agents. An attacker could exploit this vulnerability by sending a crafted DHCPv4 packet to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition. Cisco Bug IDs: CSCuh91645.
FIRST-EPSS: 0.009360000
NVD-IS: 4.0
NVD-ES: 3.9
CVE-2018-0174
DESCRIPTION: Exploit Observer has 6 entries related to CVE-2018-0174. A vulnerability in the DHCP option 82 encapsulation functionality of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability exists because the affected software performs incomplete input validation of option 82 information that it receives in DHCP Version 4 (DHCPv4) packets from DHCP relay agents. An attacker could exploit this vulnerability by sending a crafted DHCPv4 packet to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition. Cisco Bug IDs: CSCuh91645.
FIRST-EPSS: 0.009360000
NVD-IS: 4.0
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2021-30116
DESCRIPTION: Exploit Observer has 8 entries related to CVE-2021-30116. Kaseya VSA before 9.5.7 allows credential disclosure, as exploited in the wild in July 2021. By default Kaseya VSA on premise offers a download page where the clients for the installation can be downloaded. The default URL for this page is https://x.x.x.x/dl.asp When an attacker download a client for Windows and installs it, the file KaseyaD.ini is generated (C:\Program Files (x86)\Kaseya\XXXXXXXXXX\KaseyaD.ini) which contains an Agent_Guid and AgentPassword This Agent_Guid and AgentPassword can be used to log in on dl.asp (https://x.x.x.x/dl.asp?un=840997037507813
CVE-2021-30116
DESCRIPTION: Exploit Observer has 8 entries related to CVE-2021-30116. Kaseya VSA before 9.5.7 allows credential disclosure, as exploited in the wild in July 2021. By default Kaseya VSA on premise offers a download page where the clients for the installation can be downloaded. The default URL for this page is https://x.x.x.x/dl.asp When an attacker download a client for Windows and installs it, the file KaseyaD.ini is generated (C:\Program Files (x86)\Kaseya\XXXXXXXXXX\KaseyaD.ini) which contains an Agent_Guid and AgentPassword This Agent_Guid and AgentPassword can be used to log in on dl.asp (https://x.x.x.x/dl.asp?un=840997037507813
#ExploitObserverAlert
CVE-2022-3075
DESCRIPTION: Exploit Observer has 5 entries related to CVE-2022-3075. Insufficient data validation in Mojo in Google Chrome prior to 105.0.5195.102 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
FIRST-EPSS: 0.006370000
NVD-IS: 6.0
NVD-ES: 2.8
CVE-2022-3075
DESCRIPTION: Exploit Observer has 5 entries related to CVE-2022-3075. Insufficient data validation in Mojo in Google Chrome prior to 105.0.5195.102 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
FIRST-EPSS: 0.006370000
NVD-IS: 6.0
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2022-36804
DESCRIPTION: Exploit Observer has 83 entries related to CVE-2022-36804. Multiple API endpoints in Atlassian Bitbucket Server and Data Center 7.0.0 before version 7.6.17, from version 7.7.0 before version 7.17.10, from version 7.18.0 before version 7.21.4, from version 8.0.0 before version 8.0.3, from version 8.1.0 before version 8.1.3, and from version 8.2.0 before version 8.2.2, and from version 8.3.0 before 8.3.1 allows remote attackers with read permissions to a public or private Bitbucket repository to execute arbitrary code by sending a malicious HTTP request. This vulnerability was reported via our Bug Bounty Program by TheGrandPew.
FIRST-EPSS: 0.971360000
NVD-IS: 5.9
NVD-ES: 2.8
CVE-2022-36804
DESCRIPTION: Exploit Observer has 83 entries related to CVE-2022-36804. Multiple API endpoints in Atlassian Bitbucket Server and Data Center 7.0.0 before version 7.6.17, from version 7.7.0 before version 7.17.10, from version 7.18.0 before version 7.21.4, from version 8.0.0 before version 8.0.3, from version 8.1.0 before version 8.1.3, and from version 8.2.0 before version 8.2.2, and from version 8.3.0 before 8.3.1 allows remote attackers with read permissions to a public or private Bitbucket repository to execute arbitrary code by sending a malicious HTTP request. This vulnerability was reported via our Bug Bounty Program by TheGrandPew.
FIRST-EPSS: 0.971360000
NVD-IS: 5.9
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2017-6740
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2017-6740. The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS 12.0 through 12.4 and 15.0 through 15.6 and IOS XE 2.2 through 3.17 contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload. An attacker could exploit these vulnerabilities by sending a crafted SNMP packet to an affected system via IPv4 or IPv6. Only traffic directed to an affected system can be used to exploit these vulnerabilities. The vulnerabilities are due to a buffer overflow condition in the SNMP subsystem of the affected software. The vulnerabilities affect all versions of SNMP: Versions 1, 2c, and 3. To exploit these vulnerabilities via SNMP Version 2c or earlier, the attacker must know the SNMP read-only community string for the affected system. To exploit these vulnerabilities via SNMP Version 3, the attacker must have user credentials for the affected system. All devices that have enabled SNMP and have not explicitly excluded the affected MIBs or OIDs should be considered vulnerable. Cisco Bug IDs: CSCve66601.
FIRST-EPSS: 0.007960000
NVD-IS: 5.9
NVD-ES: 2.8
CVE-2017-6740
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2017-6740. The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS 12.0 through 12.4 and 15.0 through 15.6 and IOS XE 2.2 through 3.17 contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload. An attacker could exploit these vulnerabilities by sending a crafted SNMP packet to an affected system via IPv4 or IPv6. Only traffic directed to an affected system can be used to exploit these vulnerabilities. The vulnerabilities are due to a buffer overflow condition in the SNMP subsystem of the affected software. The vulnerabilities affect all versions of SNMP: Versions 1, 2c, and 3. To exploit these vulnerabilities via SNMP Version 2c or earlier, the attacker must know the SNMP read-only community string for the affected system. To exploit these vulnerabilities via SNMP Version 3, the attacker must have user credentials for the affected system. All devices that have enabled SNMP and have not explicitly excluded the affected MIBs or OIDs should be considered vulnerable. Cisco Bug IDs: CSCve66601.
FIRST-EPSS: 0.007960000
NVD-IS: 5.9
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2017-9822
DESCRIPTION: Exploit Observer has 30 entries related to CVE-2017-9822. DNN (aka DotNetNuke) before 9.1.1 has Remote Code Execution via a cookie, aka "2017-08 (Critical) Possible remote code execution on DNN sites."
FIRST-EPSS: 0.960980000
NVD-IS: 5.9
NVD-ES: 2.8
CVE-2017-9822
DESCRIPTION: Exploit Observer has 30 entries related to CVE-2017-9822. DNN (aka DotNetNuke) before 9.1.1 has Remote Code Execution via a cookie, aka "2017-08 (Critical) Possible remote code execution on DNN sites."
FIRST-EPSS: 0.960980000
NVD-IS: 5.9
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2014-4404
DESCRIPTION: Exploit Observer has 13 entries related to CVE-2014-4404. Heap-based buffer overflow in IOHIDFamily in Apple iOS before 8 and Apple TV before 7 allows attackers to execute arbitrary code in a privileged context via an application that provides crafted key-mapping properties.
FIRST-EPSS: 0.005100000
NVD-IS: 10.0
NVD-ES: 8.6
CVE-2014-4404
DESCRIPTION: Exploit Observer has 13 entries related to CVE-2014-4404. Heap-based buffer overflow in IOHIDFamily in Apple iOS before 8 and Apple TV before 7 allows attackers to execute arbitrary code in a privileged context via an application that provides crafted key-mapping properties.
FIRST-EPSS: 0.005100000
NVD-IS: 10.0
NVD-ES: 8.6
#ExploitObserverAlert
CVE-2021-3560
DESCRIPTION: Exploit Observer has 120 entries related to CVE-2021-3560. It was found that polkit could be tricked into bypassing the credential checks for D-Bus requests, elevating the privileges of the requestor to the root user. This flaw could be used by an unprivileged local attacker to, for example, create a new local administrator. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
FIRST-EPSS: 0.011770000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2021-3560
DESCRIPTION: Exploit Observer has 120 entries related to CVE-2021-3560. It was found that polkit could be tricked into bypassing the credential checks for D-Bus requests, elevating the privileges of the requestor to the root user. This flaw could be used by an unprivileged local attacker to, for example, create a new local administrator. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
FIRST-EPSS: 0.011770000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2019-17621
DESCRIPTION: Exploit Observer has 30 entries related to CVE-2019-17621. The UPnP endpoint URL /gena.cgi in the D-Link DIR-859 Wi-Fi router 1.05 and 1.06B01 Beta01 allows an Unauthenticated remote attacker to execute system commands as root, by sending a specially crafted HTTP SUBSCRIBE request to the UPnP service when connecting to the local network.
FIRST-EPSS: 0.971330000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2019-17621
DESCRIPTION: Exploit Observer has 30 entries related to CVE-2019-17621. The UPnP endpoint URL /gena.cgi in the D-Link DIR-859 Wi-Fi router 1.05 and 1.06B01 Beta01 allows an Unauthenticated remote attacker to execute system commands as root, by sending a specially crafted HTTP SUBSCRIBE request to the UPnP service when connecting to the local network.
FIRST-EPSS: 0.971330000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2018-19949
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2018-19949. If exploited, this command injection vulnerability could allow remote attackers to run arbitrary commands. QNAP has already fixed the issue in the following QTS versions. QTS 4.4.2.1231 on build 20200302; QTS 4.4.1.1201 on build 20200130; QTS 4.3.6.1218 on build 20200214; QTS 4.3.4.1190 on build 20200107; QTS 4.3.3.1161 on build 20200109; QTS 4.2.6 on build 20200109.
FIRST-EPSS: 0.006720000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2018-19949
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2018-19949. If exploited, this command injection vulnerability could allow remote attackers to run arbitrary commands. QNAP has already fixed the issue in the following QTS versions. QTS 4.4.2.1231 on build 20200302; QTS 4.4.1.1201 on build 20200130; QTS 4.3.6.1218 on build 20200214; QTS 4.3.4.1190 on build 20200107; QTS 4.3.3.1161 on build 20200109; QTS 4.2.6 on build 20200109.
FIRST-EPSS: 0.006720000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2023-5631
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2023-5631. Roundcube before 1.4.15, 1.5.x before 1.5.5, and 1.6.x before 1.6.4 allows stored XSS via an HTML e-mail message with a crafted SVG document because of program/lib/Roundcube/rcube_washtml.php behavior. This could allow a remote attacker to load arbitrary JavaScript code.
FIRST-EPSS: 0.009860000
NVD-IS: 2.7
NVD-ES: 2.3
CVE-2023-5631
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2023-5631. Roundcube before 1.4.15, 1.5.x before 1.5.5, and 1.6.x before 1.6.4 allows stored XSS via an HTML e-mail message with a crafted SVG document because of program/lib/Roundcube/rcube_washtml.php behavior. This could allow a remote attacker to load arbitrary JavaScript code.
FIRST-EPSS: 0.009860000
NVD-IS: 2.7
NVD-ES: 2.3
#ExploitObserverAlert
CVE-2002-0367
DESCRIPTION: Exploit Observer has 9 entries related to CVE-2002-0367. smss.exe debugging subsystem in Windows NT and Windows 2000 does not properly authenticate programs that connect to other programs, which allows local users to gain administrator or SYSTEM privileges by duplicating a handle to a privileged process, as demonstrated by DebPloit.
FIRST-EPSS: 0.000920000
NVD-IS: 10.0
NVD-ES: 3.9
CVE-2002-0367
DESCRIPTION: Exploit Observer has 9 entries related to CVE-2002-0367. smss.exe debugging subsystem in Windows NT and Windows 2000 does not properly authenticate programs that connect to other programs, which allows local users to gain administrator or SYSTEM privileges by duplicating a handle to a privileged process, as demonstrated by DebPloit.
FIRST-EPSS: 0.000920000
NVD-IS: 10.0
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2021-33766
DESCRIPTION: Exploit Observer has 17 entries related to CVE-2021-33766. Microsoft Exchange Information Disclosure Vulnerability
FIRST-EPSS: 0.930380000
NVD-IS: 3.6
NVD-ES: 3.9
CVE-2021-33766
DESCRIPTION: Exploit Observer has 17 entries related to CVE-2021-33766. Microsoft Exchange Information Disclosure Vulnerability
FIRST-EPSS: 0.930380000
NVD-IS: 3.6
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2023-42793
DESCRIPTION: Exploit Observer has 19 entries related to CVE-2023-42793. In JetBrains TeamCity before 2023.05.4 authentication bypass leading to RCE on TeamCity Server was possible
FIRST-EPSS: 0.972640000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2023-42793
DESCRIPTION: Exploit Observer has 19 entries related to CVE-2023-42793. In JetBrains TeamCity before 2023.05.4 authentication bypass leading to RCE on TeamCity Server was possible
FIRST-EPSS: 0.972640000
NVD-IS: 5.9
NVD-ES: 3.9