#ExploitObserverAlert
CVE-2017-12234
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2017-12234. Multiple vulnerabilities in the implementation of the Common Industrial Protocol (CIP) feature in Cisco IOS 12.4 through 15.6 could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerabilities are due to the improper parsing of crafted CIP packets destined to an affected device. An attacker could exploit these vulnerabilities by sending crafted CIP packets to be processed by an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition. Cisco Bug IDs: CSCvc43709.
FIRST-EPSS: 0.003030000
NVD-IS: 3.6
NVD-ES: 3.9
CVE-2017-12234
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2017-12234. Multiple vulnerabilities in the implementation of the Common Industrial Protocol (CIP) feature in Cisco IOS 12.4 through 15.6 could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerabilities are due to the improper parsing of crafted CIP packets destined to an affected device. An attacker could exploit these vulnerabilities by sending crafted CIP packets to be processed by an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition. Cisco Bug IDs: CSCvc43709.
FIRST-EPSS: 0.003030000
NVD-IS: 3.6
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2010-1871
DESCRIPTION: Exploit Observer has 22 entries related to CVE-2010-1871. JBoss Seam 2 (jboss-seam2), as used in JBoss Enterprise Application Platform 4.3.0 for Red Hat Linux, does not properly sanitize inputs for JBoss Expression Language (EL) expressions, which allows remote attackers to execute arbitrary code via a crafted URL. NOTE: this is only a vulnerability when the Java Security Manager is not properly configured.
FIRST-EPSS: 0.967740000
NVD-IS: 6.4
NVD-ES: 8.6
CVE-2010-1871
DESCRIPTION: Exploit Observer has 22 entries related to CVE-2010-1871. JBoss Seam 2 (jboss-seam2), as used in JBoss Enterprise Application Platform 4.3.0 for Red Hat Linux, does not properly sanitize inputs for JBoss Expression Language (EL) expressions, which allows remote attackers to execute arbitrary code via a crafted URL. NOTE: this is only a vulnerability when the Java Security Manager is not properly configured.
FIRST-EPSS: 0.967740000
NVD-IS: 6.4
NVD-ES: 8.6
#ExploitObserverAlert
CVE-2023-23376
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2023-23376. Windows Common Log File System Driver Elevation of Privilege Vulnerability
FIRST-EPSS: 0.000600000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2023-23376
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2023-23376. Windows Common Log File System Driver Elevation of Privilege Vulnerability
FIRST-EPSS: 0.000600000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2016-3715
DESCRIPTION: Exploit Observer has 21 entries related to CVE-2016-3715. The EPHEMERAL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to delete arbitrary files via a crafted image.
FIRST-EPSS: 0.971270000
NVD-IS: 3.6
NVD-ES: 1.8
CVE-2016-3715
DESCRIPTION: Exploit Observer has 21 entries related to CVE-2016-3715. The EPHEMERAL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to delete arbitrary files via a crafted image.
FIRST-EPSS: 0.971270000
NVD-IS: 3.6
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2017-11357
DESCRIPTION: Exploit Observer has 9 entries related to CVE-2017-11357. Progress Telerik UI for ASP.NET AJAX before R2 2017 SP2 does not properly restrict user input to RadAsyncUpload, which allows remote attackers to perform arbitrary file uploads or execute arbitrary code.
FIRST-EPSS: 0.653970000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2017-11357
DESCRIPTION: Exploit Observer has 9 entries related to CVE-2017-11357. Progress Telerik UI for ASP.NET AJAX before R2 2017 SP2 does not properly restrict user input to RadAsyncUpload, which allows remote attackers to perform arbitrary file uploads or execute arbitrary code.
FIRST-EPSS: 0.653970000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2021-25370
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2021-25370. An incorrect implementation handling file descriptor in dpu driver prior to SMR Mar-2021 Release 1 results in memory corruption leading to kernel panic.
FIRST-EPSS: 0.002000000
NVD-IS: 3.6
NVD-ES: 0.8
CVE-2021-25370
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2021-25370. An incorrect implementation handling file descriptor in dpu driver prior to SMR Mar-2021 Release 1 results in memory corruption leading to kernel panic.
FIRST-EPSS: 0.002000000
NVD-IS: 3.6
NVD-ES: 0.8
#ExploitObserverAlert
CVE-2021-3129
DESCRIPTION: Exploit Observer has 104 entries related to CVE-2021-3129. Ignition before 2.5.2, as used in Laravel and other products, allows unauthenticated remote attackers to execute arbitrary code because of insecure usage of file_get_contents() and file_put_contents(). This is exploitable on sites using debug mode with Laravel before 8.4.2.
FIRST-EPSS: 0.974880000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2021-3129
DESCRIPTION: Exploit Observer has 104 entries related to CVE-2021-3129. Ignition before 2.5.2, as used in Laravel and other products, allows unauthenticated remote attackers to execute arbitrary code because of insecure usage of file_get_contents() and file_put_contents(). This is exploitable on sites using debug mode with Laravel before 8.4.2.
FIRST-EPSS: 0.974880000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2021-34523
DESCRIPTION: Exploit Observer has 37 entries related to CVE-2021-34523. Microsoft Exchange Server Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-33768, CVE-2021-34470.
FIRST-EPSS: 0.972790000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2021-34523
DESCRIPTION: Exploit Observer has 37 entries related to CVE-2021-34523. Microsoft Exchange Server Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-33768, CVE-2021-34470.
FIRST-EPSS: 0.972790000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2018-14847
DESCRIPTION: Exploit Observer has 73 entries related to CVE-2018-14847. MikroTik RouterOS through 6.42 allows unauthenticated remote attackers to read arbitrary files and remote authenticated attackers to write arbitrary files due to a directory traversal vulnerability in the WinBox interface.
FIRST-EPSS: 0.974830000
NVD-IS: 5.2
NVD-ES: 3.9
CVE-2018-14847
DESCRIPTION: Exploit Observer has 73 entries related to CVE-2018-14847. MikroTik RouterOS through 6.42 allows unauthenticated remote attackers to read arbitrary files and remote authenticated attackers to write arbitrary files due to a directory traversal vulnerability in the WinBox interface.
FIRST-EPSS: 0.974830000
NVD-IS: 5.2
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2009-2055
DESCRIPTION: Exploit Observer has 4 entries related to CVE-2009-2055. Cisco IOS XR 3.4.0 through 3.8.1 allows remote attackers to cause a denial of service (session reset) via a BGP UPDATE message with an invalid attribute, as demonstrated in the wild on 17 August 2009.
FIRST-EPSS: 0.009550000
NVD-IS: 2.9
NVD-ES: 8.6
CVE-2009-2055
DESCRIPTION: Exploit Observer has 4 entries related to CVE-2009-2055. Cisco IOS XR 3.4.0 through 3.8.1 allows remote attackers to cause a denial of service (session reset) via a BGP UPDATE message with an invalid attribute, as demonstrated in the wild on 17 August 2009.
FIRST-EPSS: 0.009550000
NVD-IS: 2.9
NVD-ES: 8.6
#ExploitObserverAlert
CVE-2019-0859
DESCRIPTION: Exploit Observer has 14 entries related to CVE-2019-0859. An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0685, CVE-2019-0803.
FIRST-EPSS: 0.000420000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2019-0859
DESCRIPTION: Exploit Observer has 14 entries related to CVE-2019-0859. An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0685, CVE-2019-0803.
FIRST-EPSS: 0.000420000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2021-1498
DESCRIPTION: Exploit Observer has 10 entries related to CVE-2021-1498. Multiple vulnerabilities in the web-based management interface of Cisco HyperFlex HX could allow an unauthenticated, remote attacker to perform command injection attacks against an affected device. For more information about these vulnerabilities, see the Details section of this advisory.
FIRST-EPSS: 0.975140000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2021-1498
DESCRIPTION: Exploit Observer has 10 entries related to CVE-2021-1498. Multiple vulnerabilities in the web-based management interface of Cisco HyperFlex HX could allow an unauthenticated, remote attacker to perform command injection attacks against an affected device. For more information about these vulnerabilities, see the Details section of this advisory.
FIRST-EPSS: 0.975140000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2022-36537
DESCRIPTION: Exploit Observer has 28 entries related to CVE-2022-36537. ZK Framework v9.6.1, 9.6.0.1, 9.5.1.3, 9.0.1.2 and 8.6.4.1 allows attackers to access sensitive information via a crafted POST request sent to the component AuUploader.
FIRST-EPSS: 0.928620000
NVD-IS: 3.6
NVD-ES: 3.9
CVE-2022-36537
DESCRIPTION: Exploit Observer has 28 entries related to CVE-2022-36537. ZK Framework v9.6.1, 9.6.0.1, 9.5.1.3, 9.0.1.2 and 8.6.4.1 allows attackers to access sensitive information via a crafted POST request sent to the component AuUploader.
FIRST-EPSS: 0.928620000
NVD-IS: 3.6
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2022-23119
DESCRIPTION: Exploit Observer has 12 entries related to CVE-2022-23119. A directory traversal vulnerability in Trend Micro Deep Security and Cloud One - Workload Security Agent for Linux version 20 and below could allow an attacker to read arbitrary files from the file system. Please note: an attacker must first obtain compromised access to the target Deep Security Manager (DSM) or the target agent must be not yet activated or configured in order to exploit this vulnerability.
FIRST-EPSS: 0.001930000
NVD-IS: 3.6
NVD-ES: 3.9
CVE-2022-23119
DESCRIPTION: Exploit Observer has 12 entries related to CVE-2022-23119. A directory traversal vulnerability in Trend Micro Deep Security and Cloud One - Workload Security Agent for Linux version 20 and below could allow an attacker to read arbitrary files from the file system. Please note: an attacker must first obtain compromised access to the target Deep Security Manager (DSM) or the target agent must be not yet activated or configured in order to exploit this vulnerability.
FIRST-EPSS: 0.001930000
NVD-IS: 3.6
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2018-8373
DESCRIPTION: Exploit Observer has 10 entries related to CVE-2018-8373. A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka "Scripting Engine Memory Corruption Vulnerability." This affects Internet Explorer 9, Internet Explorer 11, Internet Explorer 10. This CVE ID is unique from CVE-2018-8353, CVE-2018-8355, CVE-2018-8359, CVE-2018-8371, CVE-2018-8372, CVE-2018-8385, CVE-2018-8389, CVE-2018-8390.
FIRST-EPSS: 0.967480000
NVD-IS: 5.9
NVD-ES: 1.6
CVE-2018-8373
DESCRIPTION: Exploit Observer has 10 entries related to CVE-2018-8373. A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka "Scripting Engine Memory Corruption Vulnerability." This affects Internet Explorer 9, Internet Explorer 11, Internet Explorer 10. This CVE ID is unique from CVE-2018-8353, CVE-2018-8355, CVE-2018-8359, CVE-2018-8371, CVE-2018-8372, CVE-2018-8385, CVE-2018-8389, CVE-2018-8390.
FIRST-EPSS: 0.967480000
NVD-IS: 5.9
NVD-ES: 1.6
#ExploitObserverAlert
CVE-2020-5722
DESCRIPTION: Exploit Observer has 10 entries related to CVE-2020-5722. The HTTP interface of the Grandstream UCM6200 series is vulnerable to an unauthenticated remote SQL injection via crafted HTTP request. An attacker can use this vulnerability to execute shell commands as root on versions before 1.0.19.20 or inject HTML in password recovery emails in versions before 1.0.20.17.
FIRST-EPSS: 0.974970000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2020-5722
DESCRIPTION: Exploit Observer has 10 entries related to CVE-2020-5722. The HTTP interface of the Grandstream UCM6200 series is vulnerable to an unauthenticated remote SQL injection via crafted HTTP request. An attacker can use this vulnerability to execute shell commands as root on versions before 1.0.19.20 or inject HTML in password recovery emails in versions before 1.0.20.17.
FIRST-EPSS: 0.974970000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2022-41073
DESCRIPTION: Exploit Observer has 8 entries related to CVE-2022-41073. Windows Print Spooler Elevation of Privilege Vulnerability
FIRST-EPSS: 0.003100000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2022-41073
DESCRIPTION: Exploit Observer has 8 entries related to CVE-2022-41073. Windows Print Spooler Elevation of Privilege Vulnerability
FIRST-EPSS: 0.003100000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2012-0767
DESCRIPTION: Exploit Observer has 8 entries related to CVE-2012-0767. Cross-site scripting (XSS) vulnerability in Adobe Flash Player before 10.3.183.15 and 11.x before 11.1.102.62 on Windows, Mac OS X, Linux, and Solaris; before 11.1.111.6 on Android 2.x and 3.x; and before 11.1.115.6 on Android 4.x allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka "Universal XSS (UXSS)," as exploited in the wild in February 2012.
FIRST-EPSS: 0.002780000
NVD-IS: 2.9
NVD-ES: 8.6
CVE-2012-0767
DESCRIPTION: Exploit Observer has 8 entries related to CVE-2012-0767. Cross-site scripting (XSS) vulnerability in Adobe Flash Player before 10.3.183.15 and 11.x before 11.1.102.62 on Windows, Mac OS X, Linux, and Solaris; before 11.1.111.6 on Android 2.x and 3.x; and before 11.1.115.6 on Android 4.x allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka "Universal XSS (UXSS)," as exploited in the wild in February 2012.
FIRST-EPSS: 0.002780000
NVD-IS: 2.9
NVD-ES: 8.6
#ExploitObserverAlert
CVE-2021-26857
DESCRIPTION: Exploit Observer has 42 entries related to CVE-2021-26857. Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-26412, CVE-2021-26854, CVE-2021-26855, CVE-2021-26858, CVE-2021-27065, CVE-2021-27078.
FIRST-EPSS: 0.663690000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2021-26857
DESCRIPTION: Exploit Observer has 42 entries related to CVE-2021-26857. Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-26412, CVE-2021-26854, CVE-2021-26855, CVE-2021-26858, CVE-2021-27065, CVE-2021-27078.
FIRST-EPSS: 0.663690000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2020-13671
DESCRIPTION: Exploit Observer has 5 entries related to CVE-2020-13671. Drupal core does not properly sanitize certain filenames on uploaded files, which can lead to files being interpreted as the incorrect extension and served as the wrong MIME type or executed as PHP for certain hosting configurations. This issue affects: Drupal Drupal Core 9.0 versions prior to 9.0.8, 8.9 versions prior to 8.9.9, 8.8 versions prior to 8.8.11, and 7 versions prior to 7.74.
FIRST-EPSS: 0.012430000
NVD-IS: 5.9
NVD-ES: 2.8
CVE-2020-13671
DESCRIPTION: Exploit Observer has 5 entries related to CVE-2020-13671. Drupal core does not properly sanitize certain filenames on uploaded files, which can lead to files being interpreted as the incorrect extension and served as the wrong MIME type or executed as PHP for certain hosting configurations. This issue affects: Drupal Drupal Core 9.0 versions prior to 9.0.8, 8.9 versions prior to 8.9.9, 8.8 versions prior to 8.8.11, and 7 versions prior to 7.74.
FIRST-EPSS: 0.012430000
NVD-IS: 5.9
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2011-1823
DESCRIPTION: Exploit Observer has 10 entries related to CVE-2011-1823. The vold volume manager daemon on Android 3.0 and 2.x before 2.3.4 trusts messages that are received from a PF_NETLINK socket, which allows local users to execute arbitrary code and gain root privileges via a negative index that bypasses a maximum-only signed integer check in the DirectVolume::handlePartitionAdded method, which triggers memory corruption, as demonstrated by Gingerbreak.
FIRST-EPSS: 0.000730000
NVD-IS: 10.0
NVD-ES: 3.9
CVE-2011-1823
DESCRIPTION: Exploit Observer has 10 entries related to CVE-2011-1823. The vold volume manager daemon on Android 3.0 and 2.x before 2.3.4 trusts messages that are received from a PF_NETLINK socket, which allows local users to execute arbitrary code and gain root privileges via a negative index that bypasses a maximum-only signed integer check in the DirectVolume::handlePartitionAdded method, which triggers memory corruption, as demonstrated by Gingerbreak.
FIRST-EPSS: 0.000730000
NVD-IS: 10.0
NVD-ES: 3.9