#ExploitObserverAlert
CVE-2018-13379
DESCRIPTION: Exploit Observer has 119 entries related to CVE-2018-13379. An Improper Limitation of a Pathname to a Restricted Directory ("Path Traversal") in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.3 to 5.6.7 and 5.4.6 to 5.4.12 and FortiProxy 2.0.0, 1.2.0 to 1.2.8, 1.1.0 to 1.1.6, 1.0.0 to 1.0.7 under SSL VPN web portal allows an unauthenticated attacker to download system files via special crafted HTTP resource requests.
FIRST-EPSS: 0.972570000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2018-13379
DESCRIPTION: Exploit Observer has 119 entries related to CVE-2018-13379. An Improper Limitation of a Pathname to a Restricted Directory ("Path Traversal") in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.3 to 5.6.7 and 5.4.6 to 5.4.12 and FortiProxy 2.0.0, 1.2.0 to 1.2.8, 1.1.0 to 1.1.6, 1.0.0 to 1.0.7 under SSL VPN web portal allows an unauthenticated attacker to download system files via special crafted HTTP resource requests.
FIRST-EPSS: 0.972570000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2022-22954
DESCRIPTION: Exploit Observer has 103 entries related to CVE-2022-22954. VMware Workspace ONE Access and Identity Manager contain a remote code execution vulnerability due to server-side template injection. A malicious actor with network access can trigger a server-side template injection that may result in remote code execution.
FIRST-EPSS: 0.973610000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2022-22954
DESCRIPTION: Exploit Observer has 103 entries related to CVE-2022-22954. VMware Workspace ONE Access and Identity Manager contain a remote code execution vulnerability due to server-side template injection. A malicious actor with network access can trigger a server-side template injection that may result in remote code execution.
FIRST-EPSS: 0.973610000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2021-28664
DESCRIPTION: Exploit Observer has 8 entries related to CVE-2021-28664. The Arm Mali GPU kernel driver allows privilege escalation or a denial of service (memory corruption) because an unprivileged user can achieve read/write access to read-only pages. This affects Bifrost r0p0 through r29p0 before r30p0, Valhall r19p0 through r29p0 before r30p0, and Midgard r8p0 through r30p0 before r31p0.
FIRST-EPSS: 0.004200000
NVD-IS: 5.9
NVD-ES: 2.8
CVE-2021-28664
DESCRIPTION: Exploit Observer has 8 entries related to CVE-2021-28664. The Arm Mali GPU kernel driver allows privilege escalation or a denial of service (memory corruption) because an unprivileged user can achieve read/write access to read-only pages. This affects Bifrost r0p0 through r29p0 before r30p0, Valhall r19p0 through r29p0 before r30p0, and Midgard r8p0 through r30p0 before r31p0.
FIRST-EPSS: 0.004200000
NVD-IS: 5.9
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2023-4357
DESCRIPTION: Exploit Observer has 9 entries related to CVE-2023-4357. Insufficient validation of untrusted input in XML in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to bypass file access restrictions via a crafted HTML page. (Chromium security severity: Medium)
FIRST-EPSS: 0.001280000
NVD-IS: 5.9
NVD-ES: 2.8
CVE-2023-4357
DESCRIPTION: Exploit Observer has 9 entries related to CVE-2023-4357. Insufficient validation of untrusted input in XML in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to bypass file access restrictions via a crafted HTML page. (Chromium security severity: Medium)
FIRST-EPSS: 0.001280000
NVD-IS: 5.9
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2018-18325
DESCRIPTION: Exploit Observer has 5 entries related to CVE-2018-18325. DNN (aka DotNetNuke) 9.2 through 9.2.2 uses a weak encryption algorithm to protect input parameters. NOTE: this issue exists because of an incomplete fix for CVE-2018-15811.
FIRST-EPSS: 0.043250000
NVD-IS: 3.6
NVD-ES: 3.9
CVE-2018-18325
DESCRIPTION: Exploit Observer has 5 entries related to CVE-2018-18325. DNN (aka DotNetNuke) 9.2 through 9.2.2 uses a weak encryption algorithm to protect input parameters. NOTE: this issue exists because of an incomplete fix for CVE-2018-15811.
FIRST-EPSS: 0.043250000
NVD-IS: 3.6
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2021-22017
DESCRIPTION: Exploit Observer has 6 entries related to CVE-2021-22017. Rhttproxy as used in vCenter Server contains a vulnerability due to improper implementation of URI normalization. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to bypass proxy leading to internal endpoints being accessed.
FIRST-EPSS: 0.134920000
NVD-IS: 1.4
NVD-ES: 3.9
CVE-2021-22017
DESCRIPTION: Exploit Observer has 6 entries related to CVE-2021-22017. Rhttproxy as used in vCenter Server contains a vulnerability due to improper implementation of URI normalization. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to bypass proxy leading to internal endpoints being accessed.
FIRST-EPSS: 0.134920000
NVD-IS: 1.4
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2010-0188
DESCRIPTION: Exploit Observer has 14 entries related to CVE-2010-0188. Unspecified vulnerability in Adobe Reader and Acrobat 8.x before 8.2.1 and 9.x before 9.3.1 allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unknown vectors.
FIRST-EPSS: 0.974690000
NVD-IS: 10.0
NVD-ES: 8.6
CVE-2010-0188
DESCRIPTION: Exploit Observer has 14 entries related to CVE-2010-0188. Unspecified vulnerability in Adobe Reader and Acrobat 8.x before 8.2.1 and 9.x before 9.3.1 allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unknown vectors.
FIRST-EPSS: 0.974690000
NVD-IS: 10.0
NVD-ES: 8.6
#ExploitObserverAlert
CVE-2015-1770
DESCRIPTION: Exploit Observer has 4 entries related to CVE-2015-1770. Microsoft Office 2013 SP1 and 2013 RT SP1 allows remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Uninitialized Memory Use Vulnerability."
FIRST-EPSS: 0.343820000
NVD-IS: 10.0
NVD-ES: 8.6
CVE-2015-1770
DESCRIPTION: Exploit Observer has 4 entries related to CVE-2015-1770. Microsoft Office 2013 SP1 and 2013 RT SP1 allows remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Uninitialized Memory Use Vulnerability."
FIRST-EPSS: 0.343820000
NVD-IS: 10.0
NVD-ES: 8.6
#ExploitObserverAlert
CVE-2014-0780
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2014-0780. Directory traversal vulnerability in NTWebServer in InduSoft Web Studio 7.1 before SP2 Patch 4 allows remote attackers to read administrative passwords in APP files, and consequently execute arbitrary code, via unspecified web requests.
FIRST-EPSS: 0.961970000
NVD-IS: 6.4
NVD-ES: 10.0
CVE-2014-0780
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2014-0780. Directory traversal vulnerability in NTWebServer in InduSoft Web Studio 7.1 before SP2 Patch 4 allows remote attackers to read administrative passwords in APP files, and consequently execute arbitrary code, via unspecified web requests.
FIRST-EPSS: 0.961970000
NVD-IS: 6.4
NVD-ES: 10.0
#ExploitObserverAlert
CVE-2021-25298
DESCRIPTION: Exploit Observer has 11 entries related to CVE-2021-25298. Nagios XI version xi-5.7.5 is affected by OS command injection. The vulnerability exists in the file /usr/local/nagiosxi/html/includes/configwizards/cloud-vm/cloud-vm.inc.php due to improper sanitization of authenticated user-controlled input by a single HTTP request, which can lead to OS command injection on the Nagios XI server.
FIRST-EPSS: 0.973650000
NVD-IS: 5.9
NVD-ES: 2.8
CVE-2021-25298
DESCRIPTION: Exploit Observer has 11 entries related to CVE-2021-25298. Nagios XI version xi-5.7.5 is affected by OS command injection. The vulnerability exists in the file /usr/local/nagiosxi/html/includes/configwizards/cloud-vm/cloud-vm.inc.php due to improper sanitization of authenticated user-controlled input by a single HTTP request, which can lead to OS command injection on the Nagios XI server.
FIRST-EPSS: 0.973650000
NVD-IS: 5.9
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2020-14871
DESCRIPTION: Exploit Observer has 20 entries related to CVE-2020-14871. Vulnerability in the Oracle Solaris product of Oracle Systems (component: Pluggable authentication module). Supported versions that are affected are 10 and 11. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Solaris. While the vulnerability is in Oracle Solaris, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle Solaris. Note: This CVE is not exploitable for Solaris 11.1 and later releases, and ZFSSA 8.7 and later releases, thus the CVSS Base Score is 0.0. CVSS 3.1 Base Score 10.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H).
FIRST-EPSS: 0.135330000
NVD-IS: 6.0
NVD-ES: 3.9
CVE-2020-14871
DESCRIPTION: Exploit Observer has 20 entries related to CVE-2020-14871. Vulnerability in the Oracle Solaris product of Oracle Systems (component: Pluggable authentication module). Supported versions that are affected are 10 and 11. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Solaris. While the vulnerability is in Oracle Solaris, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle Solaris. Note: This CVE is not exploitable for Solaris 11.1 and later releases, and ZFSSA 8.7 and later releases, thus the CVSS Base Score is 0.0. CVSS 3.1 Base Score 10.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H).
FIRST-EPSS: 0.135330000
NVD-IS: 6.0
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2020-2509
DESCRIPTION: Exploit Observer has 6 entries related to CVE-2020-2509. A command injection vulnerability has been reported to affect QTS and QuTS hero. If exploited, this vulnerability allows attackers to execute arbitrary commands in a compromised application. We have already fixed this vulnerability in the following versions: QTS 4.5.2.1566 Build 20210202 and later QTS 4.5.1.1495 Build 20201123 and later QTS 4.3.6.1620 Build 20210322 and later QTS 4.3.4.1632 Build 20210324 and later QTS 4.3.3.1624 Build 20210416 and later QTS 4.2.6 Build 20210327 and later QuTS hero h4.5.1.1491 build 20201119 and later
FIRST-EPSS: 0.001460000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2020-2509
DESCRIPTION: Exploit Observer has 6 entries related to CVE-2020-2509. A command injection vulnerability has been reported to affect QTS and QuTS hero. If exploited, this vulnerability allows attackers to execute arbitrary commands in a compromised application. We have already fixed this vulnerability in the following versions: QTS 4.5.2.1566 Build 20210202 and later QTS 4.5.1.1495 Build 20201123 and later QTS 4.3.6.1620 Build 20210322 and later QTS 4.3.4.1632 Build 20210324 and later QTS 4.3.3.1624 Build 20210416 and later QTS 4.2.6 Build 20210327 and later QuTS hero h4.5.1.1491 build 20201119 and later
FIRST-EPSS: 0.001460000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2022-24112
DESCRIPTION: Exploit Observer has 38 entries related to CVE-2022-24112. An attacker can abuse the batch-requests plugin to send requests to bypass the IP restriction of Admin API. A default configuration of Apache APISIX (with default API key) is vulnerable to remote code execution. When the admin key was changed or the port of Admin API was changed to a port different from the data panel, the impact is lower. But there is still a risk to bypass the IP restriction of Apache APISIX's data panel. There is a check in the batch-requests plugin which overrides the client IP with its real remote IP. But due to a bug in the code, this check can be bypassed.
FIRST-EPSS: 0.971990000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2022-24112
DESCRIPTION: Exploit Observer has 38 entries related to CVE-2022-24112. An attacker can abuse the batch-requests plugin to send requests to bypass the IP restriction of Admin API. A default configuration of Apache APISIX (with default API key) is vulnerable to remote code execution. When the admin key was changed or the port of Admin API was changed to a port different from the data panel, the impact is lower. But there is still a risk to bypass the IP restriction of Apache APISIX's data panel. There is a check in the batch-requests plugin which overrides the client IP with its real remote IP. But due to a bug in the code, this check can be bypassed.
FIRST-EPSS: 0.971990000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2014-0130
DESCRIPTION: Exploit Observer has 10 entries related to CVE-2014-0130. Directory traversal vulnerability in actionpack/lib/abstract_controller/base.rb in the implicit-render implementation in Ruby on Rails before 3.2.18, 4.0.x before 4.0.5, and 4.1.x before 4.1.1, when certain route globbing configurations are enabled, allows remote attackers to read arbitrary files via a crafted request.
FIRST-EPSS: 0.003280000
NVD-IS: 2.9
NVD-ES: 8.6
CVE-2014-0130
DESCRIPTION: Exploit Observer has 10 entries related to CVE-2014-0130. Directory traversal vulnerability in actionpack/lib/abstract_controller/base.rb in the implicit-render implementation in Ruby on Rails before 3.2.18, 4.0.x before 4.0.5, and 4.1.x before 4.1.1, when certain route globbing configurations are enabled, allows remote attackers to read arbitrary files via a crafted request.
FIRST-EPSS: 0.003280000
NVD-IS: 2.9
NVD-ES: 8.6
#ExploitObserverAlert
CVE-2014-1776
DESCRIPTION: Exploit Observer has 22 entries related to CVE-2014-1776. Use-after-free vulnerability in Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via vectors related to the CMarkup::IsConnectedToPrimaryMarkup function, as exploited in the wild in April 2014. NOTE: this issue originally emphasized VGX.DLL, but Microsoft clarified that "VGX.DLL does not contain the vulnerable code leveraged in this exploit. Disabling VGX.DLL is an exploit-specific workaround that provides an immediate, effective workaround to help block known attacks."
FIRST-EPSS: 0.972430000
NVD-IS: 10.0
NVD-ES: 10.0
CVE-2014-1776
DESCRIPTION: Exploit Observer has 22 entries related to CVE-2014-1776. Use-after-free vulnerability in Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via vectors related to the CMarkup::IsConnectedToPrimaryMarkup function, as exploited in the wild in April 2014. NOTE: this issue originally emphasized VGX.DLL, but Microsoft clarified that "VGX.DLL does not contain the vulnerable code leveraged in this exploit. Disabling VGX.DLL is an exploit-specific workaround that provides an immediate, effective workaround to help block known attacks."
FIRST-EPSS: 0.972430000
NVD-IS: 10.0
NVD-ES: 10.0
#ExploitObserverAlert
CVE-2013-1347
DESCRIPTION: Exploit Observer has 8 entries related to CVE-2013-1347. Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly allocated or (2) is deleted, as exploited in the wild in May 2013.
FIRST-EPSS: 0.973540000
NVD-IS: 10.0
NVD-ES: 8.6
CVE-2013-1347
DESCRIPTION: Exploit Observer has 8 entries related to CVE-2013-1347. Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly allocated or (2) is deleted, as exploited in the wild in May 2013.
FIRST-EPSS: 0.973540000
NVD-IS: 10.0
NVD-ES: 8.6
#ExploitObserverAlert
CVE-2002-1120
DESCRIPTION: Exploit Observer has 5 entries related to CVE-2002-1120. Buffer overflow in Savant Web Server 3.1 and earlier allows remote attackers to execute arbitrary code via a long HTTP GET request.
FIRST-EPSS: 0.204310000
NVD-IS: 6.4
NVD-ES: 10.0
CVE-2002-1120
DESCRIPTION: Exploit Observer has 5 entries related to CVE-2002-1120. Buffer overflow in Savant Web Server 3.1 and earlier allows remote attackers to execute arbitrary code via a long HTTP GET request.
FIRST-EPSS: 0.204310000
NVD-IS: 6.4
NVD-ES: 10.0
#ExploitObserverAlert
CVE-2008-3431
DESCRIPTION: Exploit Observer has 11 entries related to CVE-2008-3431. The VBoxDrvNtDeviceControl function in VBoxDrv.sys in Sun xVM VirtualBox before 1.6.4 uses the METHOD_NEITHER communication method for IOCTLs and does not properly validate a buffer associated with the Irp object, which allows local users to gain privileges by opening the \\.\VBoxDrv device and calling DeviceIoControl to send a crafted kernel address.
FIRST-EPSS: 0.000430000
NVD-IS: 10.0
NVD-ES: 3.9
CVE-2008-3431
DESCRIPTION: Exploit Observer has 11 entries related to CVE-2008-3431. The VBoxDrvNtDeviceControl function in VBoxDrv.sys in Sun xVM VirtualBox before 1.6.4 uses the METHOD_NEITHER communication method for IOCTLs and does not properly validate a buffer associated with the Irp object, which allows local users to gain privileges by opening the \\.\VBoxDrv device and calling DeviceIoControl to send a crafted kernel address.
FIRST-EPSS: 0.000430000
NVD-IS: 10.0
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2020-8467
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2020-8467. A migration tool component of Trend Micro Apex One (2019) and OfficeScan XG contains a vulnerability which could allow remote attackers to execute arbitrary code on affected installations (RCE). An attempted attack requires user authentication.
FIRST-EPSS: 0.019710000
NVD-IS: 5.9
NVD-ES: 2.8
CVE-2020-8467
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2020-8467. A migration tool component of Trend Micro Apex One (2019) and OfficeScan XG contains a vulnerability which could allow remote attackers to execute arbitrary code on affected installations (RCE). An attempted attack requires user authentication.
FIRST-EPSS: 0.019710000
NVD-IS: 5.9
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2009-0557
DESCRIPTION: Exploit Observer has 7 entries related to CVE-2009-0557. Excel in Microsoft Office 2000 SP3, Office XP SP3, Office 2003 SP3, and Office 2004 and 2008 for Mac; Excel in 2007 Microsoft Office System SP1 and SP2; Open XML File Format Converter for Mac; Microsoft Office Excel Viewer 2003 SP3; Microsoft Office Excel Viewer; and Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2 allow remote attackers to execute arbitrary code via a crafted Excel file with a malformed record object, aka "Object Record Corruption Vulnerability."
FIRST-EPSS: 0.970310000
NVD-IS: 10.0
NVD-ES: 8.6
CVE-2009-0557
DESCRIPTION: Exploit Observer has 7 entries related to CVE-2009-0557. Excel in Microsoft Office 2000 SP3, Office XP SP3, Office 2003 SP3, and Office 2004 and 2008 for Mac; Excel in 2007 Microsoft Office System SP1 and SP2; Open XML File Format Converter for Mac; Microsoft Office Excel Viewer 2003 SP3; Microsoft Office Excel Viewer; and Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2 allow remote attackers to execute arbitrary code via a crafted Excel file with a malformed record object, aka "Object Record Corruption Vulnerability."
FIRST-EPSS: 0.970310000
NVD-IS: 10.0
NVD-ES: 8.6
#ExploitObserverAlert
CVE-2016-0984
DESCRIPTION: Exploit Observer has 10 entries related to CVE-2016-0984. Use-after-free vulnerability in Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK
CVE-2016-0984
DESCRIPTION: Exploit Observer has 10 entries related to CVE-2016-0984. Use-after-free vulnerability in Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK