#ExploitObserverAlert
CVE-2022-41073
DESCRIPTION: Exploit Observer has 8 entries related to CVE-2022-41073. Windows Print Spooler Elevation of Privilege Vulnerability
FIRST-EPSS: 0.003100000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2022-41073
DESCRIPTION: Exploit Observer has 8 entries related to CVE-2022-41073. Windows Print Spooler Elevation of Privilege Vulnerability
FIRST-EPSS: 0.003100000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2012-0767
DESCRIPTION: Exploit Observer has 8 entries related to CVE-2012-0767. Cross-site scripting (XSS) vulnerability in Adobe Flash Player before 10.3.183.15 and 11.x before 11.1.102.62 on Windows, Mac OS X, Linux, and Solaris; before 11.1.111.6 on Android 2.x and 3.x; and before 11.1.115.6 on Android 4.x allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka "Universal XSS (UXSS)," as exploited in the wild in February 2012.
FIRST-EPSS: 0.002780000
NVD-IS: 2.9
NVD-ES: 8.6
CVE-2012-0767
DESCRIPTION: Exploit Observer has 8 entries related to CVE-2012-0767. Cross-site scripting (XSS) vulnerability in Adobe Flash Player before 10.3.183.15 and 11.x before 11.1.102.62 on Windows, Mac OS X, Linux, and Solaris; before 11.1.111.6 on Android 2.x and 3.x; and before 11.1.115.6 on Android 4.x allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka "Universal XSS (UXSS)," as exploited in the wild in February 2012.
FIRST-EPSS: 0.002780000
NVD-IS: 2.9
NVD-ES: 8.6
#ExploitObserverAlert
CVE-2021-26857
DESCRIPTION: Exploit Observer has 42 entries related to CVE-2021-26857. Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-26412, CVE-2021-26854, CVE-2021-26855, CVE-2021-26858, CVE-2021-27065, CVE-2021-27078.
FIRST-EPSS: 0.663690000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2021-26857
DESCRIPTION: Exploit Observer has 42 entries related to CVE-2021-26857. Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-26412, CVE-2021-26854, CVE-2021-26855, CVE-2021-26858, CVE-2021-27065, CVE-2021-27078.
FIRST-EPSS: 0.663690000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2020-13671
DESCRIPTION: Exploit Observer has 5 entries related to CVE-2020-13671. Drupal core does not properly sanitize certain filenames on uploaded files, which can lead to files being interpreted as the incorrect extension and served as the wrong MIME type or executed as PHP for certain hosting configurations. This issue affects: Drupal Drupal Core 9.0 versions prior to 9.0.8, 8.9 versions prior to 8.9.9, 8.8 versions prior to 8.8.11, and 7 versions prior to 7.74.
FIRST-EPSS: 0.012430000
NVD-IS: 5.9
NVD-ES: 2.8
CVE-2020-13671
DESCRIPTION: Exploit Observer has 5 entries related to CVE-2020-13671. Drupal core does not properly sanitize certain filenames on uploaded files, which can lead to files being interpreted as the incorrect extension and served as the wrong MIME type or executed as PHP for certain hosting configurations. This issue affects: Drupal Drupal Core 9.0 versions prior to 9.0.8, 8.9 versions prior to 8.9.9, 8.8 versions prior to 8.8.11, and 7 versions prior to 7.74.
FIRST-EPSS: 0.012430000
NVD-IS: 5.9
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2011-1823
DESCRIPTION: Exploit Observer has 10 entries related to CVE-2011-1823. The vold volume manager daemon on Android 3.0 and 2.x before 2.3.4 trusts messages that are received from a PF_NETLINK socket, which allows local users to execute arbitrary code and gain root privileges via a negative index that bypasses a maximum-only signed integer check in the DirectVolume::handlePartitionAdded method, which triggers memory corruption, as demonstrated by Gingerbreak.
FIRST-EPSS: 0.000730000
NVD-IS: 10.0
NVD-ES: 3.9
CVE-2011-1823
DESCRIPTION: Exploit Observer has 10 entries related to CVE-2011-1823. The vold volume manager daemon on Android 3.0 and 2.x before 2.3.4 trusts messages that are received from a PF_NETLINK socket, which allows local users to execute arbitrary code and gain root privileges via a negative index that bypasses a maximum-only signed integer check in the DirectVolume::handlePartitionAdded method, which triggers memory corruption, as demonstrated by Gingerbreak.
FIRST-EPSS: 0.000730000
NVD-IS: 10.0
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2022-1388
DESCRIPTION: Exploit Observer has 212 entries related to CVE-2022-1388. On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x versions prior to 14.1.4.6, 13.1.x versions prior to 13.1.5, and all 12.1.x and 11.6.x versions, undisclosed requests may bypass iControl REST authentication. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated
FIRST-EPSS: 0.973550000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2022-1388
DESCRIPTION: Exploit Observer has 212 entries related to CVE-2022-1388. On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x versions prior to 14.1.4.6, 13.1.x versions prior to 13.1.5, and all 12.1.x and 11.6.x versions, undisclosed requests may bypass iControl REST authentication. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated
FIRST-EPSS: 0.973550000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2022-22960
DESCRIPTION: Exploit Observer has 12 entries related to CVE-2022-22960. VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a privilege escalation vulnerability due to improper permissions in support scripts. A malicious actor with local access can escalate privileges to 'root'.
FIRST-EPSS: 0.000780000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2022-22960
DESCRIPTION: Exploit Observer has 12 entries related to CVE-2022-22960. VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a privilege escalation vulnerability due to improper permissions in support scripts. A malicious actor with local access can escalate privileges to 'root'.
FIRST-EPSS: 0.000780000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2019-6340
DESCRIPTION: Exploit Observer has 67 entries related to CVE-2019-6340. Some field types do not properly sanitize data from non-form sources in Drupal 8.5.x before 8.5.11 and Drupal 8.6.x before 8.6.10. This can lead to arbitrary PHP code execution in some cases. A site is only affected by this if one of the following conditions is met: The site has the Drupal 8 core RESTful Web Services (rest) module enabled and allows PATCH or POST requests, or the site has another web services module enabled, like JSON:API in Drupal 8, or Services or RESTful Web Services in Drupal 7. (Note: The Drupal 7 Services module itself does not require an update at this time, but you should apply other contributed updates associated with this advisory if Services is in use.)
FIRST-EPSS: 0.974840000
NVD-IS: 5.9
NVD-ES: 2.2
CVE-2019-6340
DESCRIPTION: Exploit Observer has 67 entries related to CVE-2019-6340. Some field types do not properly sanitize data from non-form sources in Drupal 8.5.x before 8.5.11 and Drupal 8.6.x before 8.6.10. This can lead to arbitrary PHP code execution in some cases. A site is only affected by this if one of the following conditions is met: The site has the Drupal 8 core RESTful Web Services (rest) module enabled and allows PATCH or POST requests, or the site has another web services module enabled, like JSON:API in Drupal 8, or Services or RESTful Web Services in Drupal 7. (Note: The Drupal 7 Services module itself does not require an update at this time, but you should apply other contributed updates associated with this advisory if Services is in use.)
FIRST-EPSS: 0.974840000
NVD-IS: 5.9
NVD-ES: 2.2
#ExploitObserverAlert
CVE-2019-11634
DESCRIPTION: Exploit Observer has 4 entries related to CVE-2019-11634. Citrix Workspace App before 1904 for Windows has Incorrect Access Control.
FIRST-EPSS: 0.023530000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2019-11634
DESCRIPTION: Exploit Observer has 4 entries related to CVE-2019-11634. Citrix Workspace App before 1904 for Windows has Incorrect Access Control.
FIRST-EPSS: 0.023530000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2017-8759
DESCRIPTION: Exploit Observer has 118 entries related to CVE-2017-8759. Microsoft .NET Framework 2.0, 3.5, 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2 and 4.7 allow an attacker to execute code remotely via a malicious document or application, aka ".NET Framework Remote Code Execution Vulnerability."
FIRST-EPSS: 0.970420000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2017-8759
DESCRIPTION: Exploit Observer has 118 entries related to CVE-2017-8759. Microsoft .NET Framework 2.0, 3.5, 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2 and 4.7 allow an attacker to execute code remotely via a malicious document or application, aka ".NET Framework Remote Code Execution Vulnerability."
FIRST-EPSS: 0.970420000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2017-8543
DESCRIPTION: Exploit Observer has 9 entries related to CVE-2017-8543. Microsoft Windows XP SP3, Windows XP x64 XP2, Windows Server 2003 SP2, Windows Vista, Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an attacker to take control of the affected system when Windows Search fails to handle objects in memory, aka "Windows Search Remote Code Execution Vulnerability".
FIRST-EPSS: 0.308990000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2017-8543
DESCRIPTION: Exploit Observer has 9 entries related to CVE-2017-8543. Microsoft Windows XP SP3, Windows XP x64 XP2, Windows Server 2003 SP2, Windows Vista, Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an attacker to take control of the affected system when Windows Search fails to handle objects in memory, aka "Windows Search Remote Code Execution Vulnerability".
FIRST-EPSS: 0.308990000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2019-11043
DESCRIPTION: Exploit Observer has 120 entries related to CVE-2019-11043. In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below 7.3.11 in certain configurations of FPM setup it is possible to cause FPM module to write past allocated buffers into the space reserved for FCGI protocol data, thus opening the possibility of remote code execution.
FIRST-EPSS: 0.974690000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2019-11043
DESCRIPTION: Exploit Observer has 120 entries related to CVE-2019-11043. In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below 7.3.11 in certain configurations of FPM setup it is possible to cause FPM module to write past allocated buffers into the space reserved for FCGI protocol data, thus opening the possibility of remote code execution.
FIRST-EPSS: 0.974690000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2017-0210
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2017-0210. An elevation of privilege vulnerability exists when Internet Explorer does not properly enforce cross-domain policies, which could allow an attacker to access information from one domain and inject it into another domain, aka "Internet Explorer Elevation of Privilege Vulnerability."
FIRST-EPSS: 0.004740000
NVD-IS: 1.4
NVD-ES: 2.8
CVE-2017-0210
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2017-0210. An elevation of privilege vulnerability exists when Internet Explorer does not properly enforce cross-domain policies, which could allow an attacker to access information from one domain and inject it into another domain, aka "Internet Explorer Elevation of Privilege Vulnerability."
FIRST-EPSS: 0.004740000
NVD-IS: 1.4
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2016-5198
DESCRIPTION: Exploit Observer has 7 entries related to CVE-2016-5198. V8 in Google Chrome prior to 54.0.2840.90 for Linux, and 54.0.2840.85 for Android, and 54.0.2840.87 for Windows and Mac included incorrect optimisation assumptions, which allowed a remote attacker to perform arbitrary read/write operations, leading to code execution, via a crafted HTML page.
FIRST-EPSS: 0.039670000
NVD-IS: 5.9
NVD-ES: 2.8
CVE-2016-5198
DESCRIPTION: Exploit Observer has 7 entries related to CVE-2016-5198. V8 in Google Chrome prior to 54.0.2840.90 for Linux, and 54.0.2840.85 for Android, and 54.0.2840.87 for Windows and Mac included incorrect optimisation assumptions, which allowed a remote attacker to perform arbitrary read/write operations, leading to code execution, via a crafted HTML page.
FIRST-EPSS: 0.039670000
NVD-IS: 5.9
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2023-41992
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2023-41992. The issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.7, macOS Ventura 13.6, iOS 16.7 and iPadOS 16.7. A local attacker may be able to elevate their privileges. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.7.
FIRST-EPSS: 0.000920000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2023-41992
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2023-41992. The issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.7, macOS Ventura 13.6, iOS 16.7 and iPadOS 16.7. A local attacker may be able to elevate their privileges. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.7.
FIRST-EPSS: 0.000920000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2018-0125
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2018-0125. A vulnerability in the web interface of the Cisco RV132W ADSL2 Wireless-N VPN and RV134W VDSL2 Wireless-AC VPN Routers could allow an unauthenticated, remote attacker to execute arbitrary code and gain full control of an affected system, including issuing commands with root privileges. The attacker could also cause an affected system to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to an incomplete input validation on user-controlled input in an HTTP request to the targeted device. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected system. A successful exploit could allow the attacker to execute arbitrary code as the root user and gain full control of the affected system or cause it to reload, resulting in a DoS condition. This vulnerability is fixed in firmware version 1.0.1.11 for the following Cisco products: RV132W ADSL2 Wireless-N VPN Router and RV134W VDSL2 Wireless-AC VPN Router. Cisco Bug IDs: CSCvg92737, CSCvh60170.
FIRST-EPSS: 0.392680000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2018-0125
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2018-0125. A vulnerability in the web interface of the Cisco RV132W ADSL2 Wireless-N VPN and RV134W VDSL2 Wireless-AC VPN Routers could allow an unauthenticated, remote attacker to execute arbitrary code and gain full control of an affected system, including issuing commands with root privileges. The attacker could also cause an affected system to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to an incomplete input validation on user-controlled input in an HTTP request to the targeted device. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected system. A successful exploit could allow the attacker to execute arbitrary code as the root user and gain full control of the affected system or cause it to reload, resulting in a DoS condition. This vulnerability is fixed in firmware version 1.0.1.11 for the following Cisco products: RV132W ADSL2 Wireless-N VPN Router and RV134W VDSL2 Wireless-AC VPN Router. Cisco Bug IDs: CSCvg92737, CSCvh60170.
FIRST-EPSS: 0.392680000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2012-1856
DESCRIPTION: Exploit Observer has 7 entries related to CVE-2012-1856. The TabStrip ActiveX control in the Common Controls in MSCOMCTL.OCX in Microsoft Office 2003 SP3, Office 2003 Web Components SP3, Office 2007 SP2 and SP3, Office 2010 SP1, SQL Server 2000 SP4, SQL Server 2005 SP4, SQL Server 2008 SP2, SP3, R2, R2 SP1, and R2 SP2, Commerce Server 2002 SP4, Commerce Server 2007 SP2, Commerce Server 2009 Gold and R2, Host Integration Server 2004 SP1, Visual FoxPro 8.0 SP1, Visual FoxPro 9.0 SP2, and Visual Basic 6.0 Runtime allows remote attackers to execute arbitrary code via a crafted (1) document or (2) web page that triggers system-state corruption, aka "MSCOMCTL.OCX RCE Vulnerability."
FIRST-EPSS: 0.937960000
NVD-IS: 10.0
NVD-ES: 8.6
CVE-2012-1856
DESCRIPTION: Exploit Observer has 7 entries related to CVE-2012-1856. The TabStrip ActiveX control in the Common Controls in MSCOMCTL.OCX in Microsoft Office 2003 SP3, Office 2003 Web Components SP3, Office 2007 SP2 and SP3, Office 2010 SP1, SQL Server 2000 SP4, SQL Server 2005 SP4, SQL Server 2008 SP2, SP3, R2, R2 SP1, and R2 SP2, Commerce Server 2002 SP4, Commerce Server 2007 SP2, Commerce Server 2009 Gold and R2, Host Integration Server 2004 SP1, Visual FoxPro 8.0 SP1, Visual FoxPro 9.0 SP2, and Visual Basic 6.0 Runtime allows remote attackers to execute arbitrary code via a crafted (1) document or (2) web page that triggers system-state corruption, aka "MSCOMCTL.OCX RCE Vulnerability."
FIRST-EPSS: 0.937960000
NVD-IS: 10.0
NVD-ES: 8.6
#ExploitObserverAlert
CVE-2013-1675
DESCRIPTION: Exploit Observer has 13 entries related to CVE-2013-1675. Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 do not properly initialize data structures for the nsDOMSVGZoomEvent::mPreviousScale and nsDOMSVGZoomEvent::mNewScale functions, which allows remote attackers to obtain sensitive information from process memory via a crafted web site.
FIRST-EPSS: 0.004110000
NVD-IS: 2.9
NVD-ES: 8.6
CVE-2013-1675
DESCRIPTION: Exploit Observer has 13 entries related to CVE-2013-1675. Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 do not properly initialize data structures for the nsDOMSVGZoomEvent::mPreviousScale and nsDOMSVGZoomEvent::mNewScale functions, which allows remote attackers to obtain sensitive information from process memory via a crafted web site.
FIRST-EPSS: 0.004110000
NVD-IS: 2.9
NVD-ES: 8.6
#ExploitObserverAlert
CVE-2013-7331
DESCRIPTION: Exploit Observer has 8 entries related to CVE-2013-7331. The Microsoft.XMLDOM ActiveX control in Microsoft Windows 8.1 and earlier allows remote attackers to determine the existence of local pathnames, UNC share pathnames, intranet hostnames, and intranet IP addresses by examining error codes, as demonstrated by a res:// URL, and exploited in the wild in February 2014.
FIRST-EPSS: 0.558250000
NVD-IS: 2.9
NVD-ES: 8.6
CVE-2013-7331
DESCRIPTION: Exploit Observer has 8 entries related to CVE-2013-7331. The Microsoft.XMLDOM ActiveX control in Microsoft Windows 8.1 and earlier allows remote attackers to determine the existence of local pathnames, UNC share pathnames, intranet hostnames, and intranet IP addresses by examining error codes, as demonstrated by a res:// URL, and exploited in the wild in February 2014.
FIRST-EPSS: 0.558250000
NVD-IS: 2.9
NVD-ES: 8.6
#ExploitObserverAlert
CVE-2021-37973
DESCRIPTION: Exploit Observer has 8 entries related to CVE-2021-37973. Use after free in Portals in Google Chrome prior to 94.0.4606.61 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
FIRST-EPSS: 0.005550000
NVD-IS: 6.0
NVD-ES: 2.8
CVE-2021-37973
DESCRIPTION: Exploit Observer has 8 entries related to CVE-2021-37973. Use after free in Portals in Google Chrome prior to 94.0.4606.61 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
FIRST-EPSS: 0.005550000
NVD-IS: 6.0
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2013-3896
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2013-3896. Microsoft Silverlight 5 before 5.1.20913.0 does not properly validate pointers during access to Silverlight elements, which allows remote attackers to obtain sensitive information via a crafted Silverlight application, aka "Silverlight Vulnerability."
FIRST-EPSS: 0.161250000
NVD-IS: 2.9
NVD-ES: 8.6
CVE-2013-3896
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2013-3896. Microsoft Silverlight 5 before 5.1.20913.0 does not properly validate pointers during access to Silverlight elements, which allows remote attackers to obtain sensitive information via a crafted Silverlight application, aka "Silverlight Vulnerability."
FIRST-EPSS: 0.161250000
NVD-IS: 2.9
NVD-ES: 8.6