#ExploitObserverAlert
CVE-2019-1315
DESCRIPTION: Exploit Observer has 18 entries related to CVE-2019-1315. An elevation of privilege vulnerability exists when Windows Error Reporting manager improperly handles hard links, aka 'Windows Error Reporting Manager Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1339, CVE-2019-1342.
FIRST-EPSS: 0.921340000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2019-1315
DESCRIPTION: Exploit Observer has 18 entries related to CVE-2019-1315. An elevation of privilege vulnerability exists when Windows Error Reporting manager improperly handles hard links, aka 'Windows Error Reporting Manager Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1339, CVE-2019-1342.
FIRST-EPSS: 0.921340000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2022-41082
DESCRIPTION: Exploit Observer has 94 entries related to CVE-2022-41082. Microsoft Exchange Server Remote Code Execution Vulnerability.
FIRST-EPSS: 0.969490000
NVD-IS: 5.9
NVD-ES: 2.8
CVE-2022-41082
DESCRIPTION: Exploit Observer has 94 entries related to CVE-2022-41082. Microsoft Exchange Server Remote Code Execution Vulnerability.
FIRST-EPSS: 0.969490000
NVD-IS: 5.9
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2017-6736
DESCRIPTION: Exploit Observer has 9 entries related to CVE-2017-6736. The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS 12.0 through 12.4 and 15.0 through 15.6 and IOS XE 2.2 through 3.17 contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload. An attacker could exploit these vulnerabilities by sending a crafted SNMP packet to an affected system via IPv4 or IPv6. Only traffic directed to an affected system can be used to exploit these vulnerabilities. The vulnerabilities are due to a buffer overflow condition in the SNMP subsystem of the affected software. The vulnerabilities affect all versions of SNMP: Versions 1, 2c, and 3. To exploit these vulnerabilities via SNMP Version 2c or earlier, the attacker must know the SNMP read-only community string for the affected system. To exploit these vulnerabilities via SNMP Version 3, the attacker must have user credentials for the affected system. All devices that have enabled SNMP and have not explicitly excluded the affected MIBs or OIDs should be considered vulnerable. Cisco Bug IDs: CSCve57697.
FIRST-EPSS: 0.013030000
NVD-IS: 5.9
NVD-ES: 2.8
CVE-2017-6736
DESCRIPTION: Exploit Observer has 9 entries related to CVE-2017-6736. The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS 12.0 through 12.4 and 15.0 through 15.6 and IOS XE 2.2 through 3.17 contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload. An attacker could exploit these vulnerabilities by sending a crafted SNMP packet to an affected system via IPv4 or IPv6. Only traffic directed to an affected system can be used to exploit these vulnerabilities. The vulnerabilities are due to a buffer overflow condition in the SNMP subsystem of the affected software. The vulnerabilities affect all versions of SNMP: Versions 1, 2c, and 3. To exploit these vulnerabilities via SNMP Version 2c or earlier, the attacker must know the SNMP read-only community string for the affected system. To exploit these vulnerabilities via SNMP Version 3, the attacker must have user credentials for the affected system. All devices that have enabled SNMP and have not explicitly excluded the affected MIBs or OIDs should be considered vulnerable. Cisco Bug IDs: CSCve57697.
FIRST-EPSS: 0.013030000
NVD-IS: 5.9
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2021-37415
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2021-37415. Zoho ManageEngine ServiceDesk Plus before 11302 is vulnerable to authentication bypass that allows a few REST-API URLs without authentication.
FIRST-EPSS: 0.958200000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2021-37415
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2021-37415. Zoho ManageEngine ServiceDesk Plus before 11302 is vulnerable to authentication bypass that allows a few REST-API URLs without authentication.
FIRST-EPSS: 0.958200000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2021-42013
DESCRIPTION: Exploit Observer has 168 entries related to CVE-2021-42013. It was found that the fix for CVE-2021-41773 in Apache HTTP Server 2.4.50 was insufficient. An attacker could use a path traversal attack to map URLs to files outside the directories configured by Alias-like directives. If files outside of these directories are not protected by the usual default configuration "require all denied", these requests can succeed. If CGI scripts are also enabled for these aliased pathes, this could allow for remote code execution. This issue only affects Apache 2.4.49 and Apache 2.4.50 and not earlier versions.
FIRST-EPSS: 0.973400000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2021-42013
DESCRIPTION: Exploit Observer has 168 entries related to CVE-2021-42013. It was found that the fix for CVE-2021-41773 in Apache HTTP Server 2.4.50 was insufficient. An attacker could use a path traversal attack to map URLs to files outside the directories configured by Alias-like directives. If files outside of these directories are not protected by the usual default configuration "require all denied", these requests can succeed. If CGI scripts are also enabled for these aliased pathes, this could allow for remote code execution. This issue only affects Apache 2.4.49 and Apache 2.4.50 and not earlier versions.
FIRST-EPSS: 0.973400000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2019-1253
DESCRIPTION: Exploit Observer has 32 entries related to CVE-2019-1253. An elevation of privilege vulnerability exists when the Windows AppX Deployment Server improperly handles junctions.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1215, CVE-2019-1278, CVE-2019-1303.
FIRST-EPSS: 0.000800000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2019-1253
DESCRIPTION: Exploit Observer has 32 entries related to CVE-2019-1253. An elevation of privilege vulnerability exists when the Windows AppX Deployment Server improperly handles junctions.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1215, CVE-2019-1278, CVE-2019-1303.
FIRST-EPSS: 0.000800000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2023-28204
DESCRIPTION: Exploit Observer has 4 entries related to CVE-2023-28204. An out-of-bounds read was addressed with improved input validation. This issue is fixed in watchOS 9.5, tvOS 16.5, macOS Ventura 13.4, iOS 15.7.6 and iPadOS 15.7.6, Safari 16.5, iOS 16.5 and iPadOS 16.5. Processing web content may disclose sensitive information. Apple is aware of a report that this issue may have been actively exploited.
FIRST-EPSS: 0.001500000
NVD-IS: 3.6
NVD-ES: 2.8
CVE-2023-28204
DESCRIPTION: Exploit Observer has 4 entries related to CVE-2023-28204. An out-of-bounds read was addressed with improved input validation. This issue is fixed in watchOS 9.5, tvOS 16.5, macOS Ventura 13.4, iOS 15.7.6 and iPadOS 15.7.6, Safari 16.5, iOS 16.5 and iPadOS 16.5. Processing web content may disclose sensitive information. Apple is aware of a report that this issue may have been actively exploited.
FIRST-EPSS: 0.001500000
NVD-IS: 3.6
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2021-1675
DESCRIPTION: Exploit Observer has 257 entries related to CVE-2021-1675. Windows Print Spooler Remote Code Execution Vulnerability
FIRST-EPSS: 0.962600000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2021-1675
DESCRIPTION: Exploit Observer has 257 entries related to CVE-2021-1675. Windows Print Spooler Remote Code Execution Vulnerability
FIRST-EPSS: 0.962600000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2023-22515
DESCRIPTION: Exploit Observer has 244 entries related to CVE-2023-22515. Atlassian has been made aware of an issue reported by a handful of customers where external attackers may have exploited a previously unknown vulnerability in publicly accessible Confluence Data Center and Server instances to create unauthorized Confluence administrator accounts and access Confluence instances. Atlassian Cloud sites are not affected by this vulnerability. If your Confluence site is accessed via an atlassian.net domain, it is hosted by Atlassian and is not vulnerable to this issue.
FIRST-EPSS: 0.955290000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2023-22515
DESCRIPTION: Exploit Observer has 244 entries related to CVE-2023-22515. Atlassian has been made aware of an issue reported by a handful of customers where external attackers may have exploited a previously unknown vulnerability in publicly accessible Confluence Data Center and Server instances to create unauthorized Confluence administrator accounts and access Confluence instances. Atlassian Cloud sites are not affected by this vulnerability. If your Confluence site is accessed via an atlassian.net domain, it is hosted by Atlassian and is not vulnerable to this issue.
FIRST-EPSS: 0.955290000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2014-0496
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2014-0496. Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.9 and 11.x before 11.0.06 on Windows and Mac OS X allows attackers to execute arbitrary code via unspecified vectors.
FIRST-EPSS: 0.033400000
NVD-IS: 10.0
NVD-ES: 10.0
CVE-2014-0496
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2014-0496. Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.9 and 11.x before 11.0.06 on Windows and Mac OS X allows attackers to execute arbitrary code via unspecified vectors.
FIRST-EPSS: 0.033400000
NVD-IS: 10.0
NVD-ES: 10.0
#ExploitObserverAlert
CVE-2012-5054
DESCRIPTION: Exploit Observer has 4 entries related to CVE-2012-5054. Integer overflow in the copyRawDataTo method in the Matrix3D class in Adobe Flash Player before 11.4.402.265 allows remote attackers to execute arbitrary code via malformed arguments.
FIRST-EPSS: 0.373400000
NVD-IS: 10.0
NVD-ES: 8.6
CVE-2012-5054
DESCRIPTION: Exploit Observer has 4 entries related to CVE-2012-5054. Integer overflow in the copyRawDataTo method in the Matrix3D class in Adobe Flash Player before 11.4.402.265 allows remote attackers to execute arbitrary code via malformed arguments.
FIRST-EPSS: 0.373400000
NVD-IS: 10.0
NVD-ES: 8.6
#ExploitObserverAlert
CVE-2022-40765
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2022-40765. A vulnerability in the Edge Gateway component of Mitel MiVoice Connect through 19.3 (22.22.6100.0) could allow an authenticated attacker with internal network access to conduct a command-injection attack, due to insufficient restriction of URL parameters.
FIRST-EPSS: 0.002010000
NVD-IS: 5.9
NVD-ES: 0.9
CVE-2022-40765
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2022-40765. A vulnerability in the Edge Gateway component of Mitel MiVoice Connect through 19.3 (22.22.6100.0) could allow an authenticated attacker with internal network access to conduct a command-injection attack, due to insufficient restriction of URL parameters.
FIRST-EPSS: 0.002010000
NVD-IS: 5.9
NVD-ES: 0.9
#ExploitObserverAlert
CVE-2018-10562
DESCRIPTION: Exploit Observer has 18 entries related to CVE-2018-10562. An issue was discovered on Dasan GPON home routers. Command Injection can occur via the dest_host parameter in a diag_action=ping request to a GponForm/diag_Form URI. Because the router saves ping results in /tmp and transmits them to the user when the user revisits /diag.html, it's quite simple to execute commands and retrieve their output.
FIRST-EPSS: 0.974410000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2018-10562
DESCRIPTION: Exploit Observer has 18 entries related to CVE-2018-10562. An issue was discovered on Dasan GPON home routers. Command Injection can occur via the dest_host parameter in a diag_action=ping request to a GponForm/diag_Form URI. Because the router saves ping results in /tmp and transmits them to the user when the user revisits /diag.html, it's quite simple to execute commands and retrieve their output.
FIRST-EPSS: 0.974410000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2007-3010
DESCRIPTION: Exploit Observer has 10 entries related to CVE-2007-3010. masterCGI in the Unified Maintenance Tool in Alcatel OmniPCX Enterprise Communication Server R7.1 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the user parameter during a ping action.
FIRST-EPSS: 0.972640000
NVD-IS: 10.0
NVD-ES: 10.0
CVE-2007-3010
DESCRIPTION: Exploit Observer has 10 entries related to CVE-2007-3010. masterCGI in the Unified Maintenance Tool in Alcatel OmniPCX Enterprise Communication Server R7.1 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the user parameter during a ping action.
FIRST-EPSS: 0.972640000
NVD-IS: 10.0
NVD-ES: 10.0
#ExploitObserverAlert
CVE-2021-1870
DESCRIPTION: Exploit Observer has 6 entries related to CVE-2021-1870. A logic issue was addressed with improved restrictions. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, iOS 14.4 and iPadOS 14.4. A remote attacker may be able to cause arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited..
FIRST-EPSS: 0.008210000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2021-1870
DESCRIPTION: Exploit Observer has 6 entries related to CVE-2021-1870. A logic issue was addressed with improved restrictions. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, iOS 14.4 and iPadOS 14.4. A remote attacker may be able to cause arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited..
FIRST-EPSS: 0.008210000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2018-13379
DESCRIPTION: Exploit Observer has 119 entries related to CVE-2018-13379. An Improper Limitation of a Pathname to a Restricted Directory ("Path Traversal") in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.3 to 5.6.7 and 5.4.6 to 5.4.12 and FortiProxy 2.0.0, 1.2.0 to 1.2.8, 1.1.0 to 1.1.6, 1.0.0 to 1.0.7 under SSL VPN web portal allows an unauthenticated attacker to download system files via special crafted HTTP resource requests.
FIRST-EPSS: 0.972570000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2018-13379
DESCRIPTION: Exploit Observer has 119 entries related to CVE-2018-13379. An Improper Limitation of a Pathname to a Restricted Directory ("Path Traversal") in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.3 to 5.6.7 and 5.4.6 to 5.4.12 and FortiProxy 2.0.0, 1.2.0 to 1.2.8, 1.1.0 to 1.1.6, 1.0.0 to 1.0.7 under SSL VPN web portal allows an unauthenticated attacker to download system files via special crafted HTTP resource requests.
FIRST-EPSS: 0.972570000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2022-22954
DESCRIPTION: Exploit Observer has 103 entries related to CVE-2022-22954. VMware Workspace ONE Access and Identity Manager contain a remote code execution vulnerability due to server-side template injection. A malicious actor with network access can trigger a server-side template injection that may result in remote code execution.
FIRST-EPSS: 0.973610000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2022-22954
DESCRIPTION: Exploit Observer has 103 entries related to CVE-2022-22954. VMware Workspace ONE Access and Identity Manager contain a remote code execution vulnerability due to server-side template injection. A malicious actor with network access can trigger a server-side template injection that may result in remote code execution.
FIRST-EPSS: 0.973610000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2021-28664
DESCRIPTION: Exploit Observer has 8 entries related to CVE-2021-28664. The Arm Mali GPU kernel driver allows privilege escalation or a denial of service (memory corruption) because an unprivileged user can achieve read/write access to read-only pages. This affects Bifrost r0p0 through r29p0 before r30p0, Valhall r19p0 through r29p0 before r30p0, and Midgard r8p0 through r30p0 before r31p0.
FIRST-EPSS: 0.004200000
NVD-IS: 5.9
NVD-ES: 2.8
CVE-2021-28664
DESCRIPTION: Exploit Observer has 8 entries related to CVE-2021-28664. The Arm Mali GPU kernel driver allows privilege escalation or a denial of service (memory corruption) because an unprivileged user can achieve read/write access to read-only pages. This affects Bifrost r0p0 through r29p0 before r30p0, Valhall r19p0 through r29p0 before r30p0, and Midgard r8p0 through r30p0 before r31p0.
FIRST-EPSS: 0.004200000
NVD-IS: 5.9
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2023-4357
DESCRIPTION: Exploit Observer has 9 entries related to CVE-2023-4357. Insufficient validation of untrusted input in XML in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to bypass file access restrictions via a crafted HTML page. (Chromium security severity: Medium)
FIRST-EPSS: 0.001280000
NVD-IS: 5.9
NVD-ES: 2.8
CVE-2023-4357
DESCRIPTION: Exploit Observer has 9 entries related to CVE-2023-4357. Insufficient validation of untrusted input in XML in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to bypass file access restrictions via a crafted HTML page. (Chromium security severity: Medium)
FIRST-EPSS: 0.001280000
NVD-IS: 5.9
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2018-18325
DESCRIPTION: Exploit Observer has 5 entries related to CVE-2018-18325. DNN (aka DotNetNuke) 9.2 through 9.2.2 uses a weak encryption algorithm to protect input parameters. NOTE: this issue exists because of an incomplete fix for CVE-2018-15811.
FIRST-EPSS: 0.043250000
NVD-IS: 3.6
NVD-ES: 3.9
CVE-2018-18325
DESCRIPTION: Exploit Observer has 5 entries related to CVE-2018-18325. DNN (aka DotNetNuke) 9.2 through 9.2.2 uses a weak encryption algorithm to protect input parameters. NOTE: this issue exists because of an incomplete fix for CVE-2018-15811.
FIRST-EPSS: 0.043250000
NVD-IS: 3.6
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2021-22017
DESCRIPTION: Exploit Observer has 6 entries related to CVE-2021-22017. Rhttproxy as used in vCenter Server contains a vulnerability due to improper implementation of URI normalization. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to bypass proxy leading to internal endpoints being accessed.
FIRST-EPSS: 0.134920000
NVD-IS: 1.4
NVD-ES: 3.9
CVE-2021-22017
DESCRIPTION: Exploit Observer has 6 entries related to CVE-2021-22017. Rhttproxy as used in vCenter Server contains a vulnerability due to improper implementation of URI normalization. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to bypass proxy leading to internal endpoints being accessed.
FIRST-EPSS: 0.134920000
NVD-IS: 1.4
NVD-ES: 3.9