#ExploitObserverAlert
CVE-2014-0780
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2014-0780. Directory traversal vulnerability in NTWebServer in InduSoft Web Studio 7.1 before SP2 Patch 4 allows remote attackers to read administrative passwords in APP files, and consequently execute arbitrary code, via unspecified web requests.
FIRST-EPSS: 0.961970000
NVD-IS: 6.4
NVD-ES: 10.0
CVE-2014-0780
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2014-0780. Directory traversal vulnerability in NTWebServer in InduSoft Web Studio 7.1 before SP2 Patch 4 allows remote attackers to read administrative passwords in APP files, and consequently execute arbitrary code, via unspecified web requests.
FIRST-EPSS: 0.961970000
NVD-IS: 6.4
NVD-ES: 10.0
#ExploitObserverAlert
CVE-2021-25298
DESCRIPTION: Exploit Observer has 11 entries related to CVE-2021-25298. Nagios XI version xi-5.7.5 is affected by OS command injection. The vulnerability exists in the file /usr/local/nagiosxi/html/includes/configwizards/cloud-vm/cloud-vm.inc.php due to improper sanitization of authenticated user-controlled input by a single HTTP request, which can lead to OS command injection on the Nagios XI server.
FIRST-EPSS: 0.973650000
NVD-IS: 5.9
NVD-ES: 2.8
CVE-2021-25298
DESCRIPTION: Exploit Observer has 11 entries related to CVE-2021-25298. Nagios XI version xi-5.7.5 is affected by OS command injection. The vulnerability exists in the file /usr/local/nagiosxi/html/includes/configwizards/cloud-vm/cloud-vm.inc.php due to improper sanitization of authenticated user-controlled input by a single HTTP request, which can lead to OS command injection on the Nagios XI server.
FIRST-EPSS: 0.973650000
NVD-IS: 5.9
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2020-14871
DESCRIPTION: Exploit Observer has 20 entries related to CVE-2020-14871. Vulnerability in the Oracle Solaris product of Oracle Systems (component: Pluggable authentication module). Supported versions that are affected are 10 and 11. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Solaris. While the vulnerability is in Oracle Solaris, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle Solaris. Note: This CVE is not exploitable for Solaris 11.1 and later releases, and ZFSSA 8.7 and later releases, thus the CVSS Base Score is 0.0. CVSS 3.1 Base Score 10.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H).
FIRST-EPSS: 0.135330000
NVD-IS: 6.0
NVD-ES: 3.9
CVE-2020-14871
DESCRIPTION: Exploit Observer has 20 entries related to CVE-2020-14871. Vulnerability in the Oracle Solaris product of Oracle Systems (component: Pluggable authentication module). Supported versions that are affected are 10 and 11. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Solaris. While the vulnerability is in Oracle Solaris, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle Solaris. Note: This CVE is not exploitable for Solaris 11.1 and later releases, and ZFSSA 8.7 and later releases, thus the CVSS Base Score is 0.0. CVSS 3.1 Base Score 10.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H).
FIRST-EPSS: 0.135330000
NVD-IS: 6.0
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2020-2509
DESCRIPTION: Exploit Observer has 6 entries related to CVE-2020-2509. A command injection vulnerability has been reported to affect QTS and QuTS hero. If exploited, this vulnerability allows attackers to execute arbitrary commands in a compromised application. We have already fixed this vulnerability in the following versions: QTS 4.5.2.1566 Build 20210202 and later QTS 4.5.1.1495 Build 20201123 and later QTS 4.3.6.1620 Build 20210322 and later QTS 4.3.4.1632 Build 20210324 and later QTS 4.3.3.1624 Build 20210416 and later QTS 4.2.6 Build 20210327 and later QuTS hero h4.5.1.1491 build 20201119 and later
FIRST-EPSS: 0.001460000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2020-2509
DESCRIPTION: Exploit Observer has 6 entries related to CVE-2020-2509. A command injection vulnerability has been reported to affect QTS and QuTS hero. If exploited, this vulnerability allows attackers to execute arbitrary commands in a compromised application. We have already fixed this vulnerability in the following versions: QTS 4.5.2.1566 Build 20210202 and later QTS 4.5.1.1495 Build 20201123 and later QTS 4.3.6.1620 Build 20210322 and later QTS 4.3.4.1632 Build 20210324 and later QTS 4.3.3.1624 Build 20210416 and later QTS 4.2.6 Build 20210327 and later QuTS hero h4.5.1.1491 build 20201119 and later
FIRST-EPSS: 0.001460000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2022-24112
DESCRIPTION: Exploit Observer has 38 entries related to CVE-2022-24112. An attacker can abuse the batch-requests plugin to send requests to bypass the IP restriction of Admin API. A default configuration of Apache APISIX (with default API key) is vulnerable to remote code execution. When the admin key was changed or the port of Admin API was changed to a port different from the data panel, the impact is lower. But there is still a risk to bypass the IP restriction of Apache APISIX's data panel. There is a check in the batch-requests plugin which overrides the client IP with its real remote IP. But due to a bug in the code, this check can be bypassed.
FIRST-EPSS: 0.971990000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2022-24112
DESCRIPTION: Exploit Observer has 38 entries related to CVE-2022-24112. An attacker can abuse the batch-requests plugin to send requests to bypass the IP restriction of Admin API. A default configuration of Apache APISIX (with default API key) is vulnerable to remote code execution. When the admin key was changed or the port of Admin API was changed to a port different from the data panel, the impact is lower. But there is still a risk to bypass the IP restriction of Apache APISIX's data panel. There is a check in the batch-requests plugin which overrides the client IP with its real remote IP. But due to a bug in the code, this check can be bypassed.
FIRST-EPSS: 0.971990000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2014-0130
DESCRIPTION: Exploit Observer has 10 entries related to CVE-2014-0130. Directory traversal vulnerability in actionpack/lib/abstract_controller/base.rb in the implicit-render implementation in Ruby on Rails before 3.2.18, 4.0.x before 4.0.5, and 4.1.x before 4.1.1, when certain route globbing configurations are enabled, allows remote attackers to read arbitrary files via a crafted request.
FIRST-EPSS: 0.003280000
NVD-IS: 2.9
NVD-ES: 8.6
CVE-2014-0130
DESCRIPTION: Exploit Observer has 10 entries related to CVE-2014-0130. Directory traversal vulnerability in actionpack/lib/abstract_controller/base.rb in the implicit-render implementation in Ruby on Rails before 3.2.18, 4.0.x before 4.0.5, and 4.1.x before 4.1.1, when certain route globbing configurations are enabled, allows remote attackers to read arbitrary files via a crafted request.
FIRST-EPSS: 0.003280000
NVD-IS: 2.9
NVD-ES: 8.6
#ExploitObserverAlert
CVE-2014-1776
DESCRIPTION: Exploit Observer has 22 entries related to CVE-2014-1776. Use-after-free vulnerability in Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via vectors related to the CMarkup::IsConnectedToPrimaryMarkup function, as exploited in the wild in April 2014. NOTE: this issue originally emphasized VGX.DLL, but Microsoft clarified that "VGX.DLL does not contain the vulnerable code leveraged in this exploit. Disabling VGX.DLL is an exploit-specific workaround that provides an immediate, effective workaround to help block known attacks."
FIRST-EPSS: 0.972430000
NVD-IS: 10.0
NVD-ES: 10.0
CVE-2014-1776
DESCRIPTION: Exploit Observer has 22 entries related to CVE-2014-1776. Use-after-free vulnerability in Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via vectors related to the CMarkup::IsConnectedToPrimaryMarkup function, as exploited in the wild in April 2014. NOTE: this issue originally emphasized VGX.DLL, but Microsoft clarified that "VGX.DLL does not contain the vulnerable code leveraged in this exploit. Disabling VGX.DLL is an exploit-specific workaround that provides an immediate, effective workaround to help block known attacks."
FIRST-EPSS: 0.972430000
NVD-IS: 10.0
NVD-ES: 10.0
#ExploitObserverAlert
CVE-2013-1347
DESCRIPTION: Exploit Observer has 8 entries related to CVE-2013-1347. Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly allocated or (2) is deleted, as exploited in the wild in May 2013.
FIRST-EPSS: 0.973540000
NVD-IS: 10.0
NVD-ES: 8.6
CVE-2013-1347
DESCRIPTION: Exploit Observer has 8 entries related to CVE-2013-1347. Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly allocated or (2) is deleted, as exploited in the wild in May 2013.
FIRST-EPSS: 0.973540000
NVD-IS: 10.0
NVD-ES: 8.6
#ExploitObserverAlert
CVE-2002-1120
DESCRIPTION: Exploit Observer has 5 entries related to CVE-2002-1120. Buffer overflow in Savant Web Server 3.1 and earlier allows remote attackers to execute arbitrary code via a long HTTP GET request.
FIRST-EPSS: 0.204310000
NVD-IS: 6.4
NVD-ES: 10.0
CVE-2002-1120
DESCRIPTION: Exploit Observer has 5 entries related to CVE-2002-1120. Buffer overflow in Savant Web Server 3.1 and earlier allows remote attackers to execute arbitrary code via a long HTTP GET request.
FIRST-EPSS: 0.204310000
NVD-IS: 6.4
NVD-ES: 10.0
#ExploitObserverAlert
CVE-2008-3431
DESCRIPTION: Exploit Observer has 11 entries related to CVE-2008-3431. The VBoxDrvNtDeviceControl function in VBoxDrv.sys in Sun xVM VirtualBox before 1.6.4 uses the METHOD_NEITHER communication method for IOCTLs and does not properly validate a buffer associated with the Irp object, which allows local users to gain privileges by opening the \\.\VBoxDrv device and calling DeviceIoControl to send a crafted kernel address.
FIRST-EPSS: 0.000430000
NVD-IS: 10.0
NVD-ES: 3.9
CVE-2008-3431
DESCRIPTION: Exploit Observer has 11 entries related to CVE-2008-3431. The VBoxDrvNtDeviceControl function in VBoxDrv.sys in Sun xVM VirtualBox before 1.6.4 uses the METHOD_NEITHER communication method for IOCTLs and does not properly validate a buffer associated with the Irp object, which allows local users to gain privileges by opening the \\.\VBoxDrv device and calling DeviceIoControl to send a crafted kernel address.
FIRST-EPSS: 0.000430000
NVD-IS: 10.0
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2020-8467
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2020-8467. A migration tool component of Trend Micro Apex One (2019) and OfficeScan XG contains a vulnerability which could allow remote attackers to execute arbitrary code on affected installations (RCE). An attempted attack requires user authentication.
FIRST-EPSS: 0.019710000
NVD-IS: 5.9
NVD-ES: 2.8
CVE-2020-8467
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2020-8467. A migration tool component of Trend Micro Apex One (2019) and OfficeScan XG contains a vulnerability which could allow remote attackers to execute arbitrary code on affected installations (RCE). An attempted attack requires user authentication.
FIRST-EPSS: 0.019710000
NVD-IS: 5.9
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2009-0557
DESCRIPTION: Exploit Observer has 7 entries related to CVE-2009-0557. Excel in Microsoft Office 2000 SP3, Office XP SP3, Office 2003 SP3, and Office 2004 and 2008 for Mac; Excel in 2007 Microsoft Office System SP1 and SP2; Open XML File Format Converter for Mac; Microsoft Office Excel Viewer 2003 SP3; Microsoft Office Excel Viewer; and Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2 allow remote attackers to execute arbitrary code via a crafted Excel file with a malformed record object, aka "Object Record Corruption Vulnerability."
FIRST-EPSS: 0.970310000
NVD-IS: 10.0
NVD-ES: 8.6
CVE-2009-0557
DESCRIPTION: Exploit Observer has 7 entries related to CVE-2009-0557. Excel in Microsoft Office 2000 SP3, Office XP SP3, Office 2003 SP3, and Office 2004 and 2008 for Mac; Excel in 2007 Microsoft Office System SP1 and SP2; Open XML File Format Converter for Mac; Microsoft Office Excel Viewer 2003 SP3; Microsoft Office Excel Viewer; and Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2 allow remote attackers to execute arbitrary code via a crafted Excel file with a malformed record object, aka "Object Record Corruption Vulnerability."
FIRST-EPSS: 0.970310000
NVD-IS: 10.0
NVD-ES: 8.6
#ExploitObserverAlert
CVE-2016-0984
DESCRIPTION: Exploit Observer has 10 entries related to CVE-2016-0984. Use-after-free vulnerability in Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK
CVE-2016-0984
DESCRIPTION: Exploit Observer has 10 entries related to CVE-2016-0984. Use-after-free vulnerability in Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK
#ExploitObserverAlert
CVE-2011-2462
DESCRIPTION: Exploit Observer has 15 entries related to CVE-2011-2462. Unspecified vulnerability in the U3D component in Adobe Reader and Acrobat 10.1.1 and earlier on Windows and Mac OS X, and Adobe Reader 9.x through 9.4.6 on UNIX, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unknown vectors, as exploited in the wild in December 2011.
FIRST-EPSS: 0.971880000
NVD-IS: 10.0
NVD-ES: 10.0
CVE-2011-2462
DESCRIPTION: Exploit Observer has 15 entries related to CVE-2011-2462. Unspecified vulnerability in the U3D component in Adobe Reader and Acrobat 10.1.1 and earlier on Windows and Mac OS X, and Adobe Reader 9.x through 9.4.6 on UNIX, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unknown vectors, as exploited in the wild in December 2011.
FIRST-EPSS: 0.971880000
NVD-IS: 10.0
NVD-ES: 10.0
#ExploitObserverAlert
CVE-2015-2424
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2015-2424. Microsoft PowerPoint 2007 SP3, Word 2007 SP3, PowerPoint 2010 SP2, Word 2010 SP2, PowerPoint 2013 SP1, Word 2013 SP1, and PowerPoint 2013 RT SP1 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."
FIRST-EPSS: 0.610670000
NVD-IS: 10.0
NVD-ES: 8.6
CVE-2015-2424
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2015-2424. Microsoft PowerPoint 2007 SP3, Word 2007 SP3, PowerPoint 2010 SP2, Word 2010 SP2, PowerPoint 2013 SP1, Word 2013 SP1, and PowerPoint 2013 RT SP1 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."
FIRST-EPSS: 0.610670000
NVD-IS: 10.0
NVD-ES: 8.6
#ExploitObserverAlert
CVE-2014-0546
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2014-0546. Adobe Reader and Acrobat 10.x before 10.1.11 and 11.x before 11.0.08 on Windows allow attackers to bypass a sandbox protection mechanism, and consequently execute native code in a privileged context, via unspecified vectors.
FIRST-EPSS: 0.012630000
NVD-IS: 10.0
NVD-ES: 10.0
CVE-2014-0546
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2014-0546. Adobe Reader and Acrobat 10.x before 10.1.11 and 11.x before 11.0.08 on Windows allow attackers to bypass a sandbox protection mechanism, and consequently execute native code in a privileged context, via unspecified vectors.
FIRST-EPSS: 0.012630000
NVD-IS: 10.0
NVD-ES: 10.0
#ExploitObserverAlert
CVE-2017-12234
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2017-12234. Multiple vulnerabilities in the implementation of the Common Industrial Protocol (CIP) feature in Cisco IOS 12.4 through 15.6 could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerabilities are due to the improper parsing of crafted CIP packets destined to an affected device. An attacker could exploit these vulnerabilities by sending crafted CIP packets to be processed by an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition. Cisco Bug IDs: CSCvc43709.
FIRST-EPSS: 0.003030000
NVD-IS: 3.6
NVD-ES: 3.9
CVE-2017-12234
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2017-12234. Multiple vulnerabilities in the implementation of the Common Industrial Protocol (CIP) feature in Cisco IOS 12.4 through 15.6 could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerabilities are due to the improper parsing of crafted CIP packets destined to an affected device. An attacker could exploit these vulnerabilities by sending crafted CIP packets to be processed by an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition. Cisco Bug IDs: CSCvc43709.
FIRST-EPSS: 0.003030000
NVD-IS: 3.6
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2010-1871
DESCRIPTION: Exploit Observer has 22 entries related to CVE-2010-1871. JBoss Seam 2 (jboss-seam2), as used in JBoss Enterprise Application Platform 4.3.0 for Red Hat Linux, does not properly sanitize inputs for JBoss Expression Language (EL) expressions, which allows remote attackers to execute arbitrary code via a crafted URL. NOTE: this is only a vulnerability when the Java Security Manager is not properly configured.
FIRST-EPSS: 0.967740000
NVD-IS: 6.4
NVD-ES: 8.6
CVE-2010-1871
DESCRIPTION: Exploit Observer has 22 entries related to CVE-2010-1871. JBoss Seam 2 (jboss-seam2), as used in JBoss Enterprise Application Platform 4.3.0 for Red Hat Linux, does not properly sanitize inputs for JBoss Expression Language (EL) expressions, which allows remote attackers to execute arbitrary code via a crafted URL. NOTE: this is only a vulnerability when the Java Security Manager is not properly configured.
FIRST-EPSS: 0.967740000
NVD-IS: 6.4
NVD-ES: 8.6
#ExploitObserverAlert
CVE-2023-23376
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2023-23376. Windows Common Log File System Driver Elevation of Privilege Vulnerability
FIRST-EPSS: 0.000600000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2023-23376
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2023-23376. Windows Common Log File System Driver Elevation of Privilege Vulnerability
FIRST-EPSS: 0.000600000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2016-3715
DESCRIPTION: Exploit Observer has 21 entries related to CVE-2016-3715. The EPHEMERAL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to delete arbitrary files via a crafted image.
FIRST-EPSS: 0.971270000
NVD-IS: 3.6
NVD-ES: 1.8
CVE-2016-3715
DESCRIPTION: Exploit Observer has 21 entries related to CVE-2016-3715. The EPHEMERAL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to delete arbitrary files via a crafted image.
FIRST-EPSS: 0.971270000
NVD-IS: 3.6
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2017-11357
DESCRIPTION: Exploit Observer has 9 entries related to CVE-2017-11357. Progress Telerik UI for ASP.NET AJAX before R2 2017 SP2 does not properly restrict user input to RadAsyncUpload, which allows remote attackers to perform arbitrary file uploads or execute arbitrary code.
FIRST-EPSS: 0.653970000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2017-11357
DESCRIPTION: Exploit Observer has 9 entries related to CVE-2017-11357. Progress Telerik UI for ASP.NET AJAX before R2 2017 SP2 does not properly restrict user input to RadAsyncUpload, which allows remote attackers to perform arbitrary file uploads or execute arbitrary code.
FIRST-EPSS: 0.653970000
NVD-IS: 5.9
NVD-ES: 3.9