#ExploitObserverAlert
CVE-2019-6340
DESCRIPTION: Exploit Observer has 67 entries related to CVE-2019-6340. Some field types do not properly sanitize data from non-form sources in Drupal 8.5.x before 8.5.11 and Drupal 8.6.x before 8.6.10. This can lead to arbitrary PHP code execution in some cases. A site is only affected by this if one of the following conditions is met: The site has the Drupal 8 core RESTful Web Services (rest) module enabled and allows PATCH or POST requests, or the site has another web services module enabled, like JSON:API in Drupal 8, or Services or RESTful Web Services in Drupal 7. (Note: The Drupal 7 Services module itself does not require an update at this time, but you should apply other contributed updates associated with this advisory if Services is in use.)
FIRST-EPSS: 0.974840000
NVD-IS: 5.9
NVD-ES: 2.2
CVE-2019-6340
DESCRIPTION: Exploit Observer has 67 entries related to CVE-2019-6340. Some field types do not properly sanitize data from non-form sources in Drupal 8.5.x before 8.5.11 and Drupal 8.6.x before 8.6.10. This can lead to arbitrary PHP code execution in some cases. A site is only affected by this if one of the following conditions is met: The site has the Drupal 8 core RESTful Web Services (rest) module enabled and allows PATCH or POST requests, or the site has another web services module enabled, like JSON:API in Drupal 8, or Services or RESTful Web Services in Drupal 7. (Note: The Drupal 7 Services module itself does not require an update at this time, but you should apply other contributed updates associated with this advisory if Services is in use.)
FIRST-EPSS: 0.974840000
NVD-IS: 5.9
NVD-ES: 2.2
#ExploitObserverAlert
CVE-2019-11634
DESCRIPTION: Exploit Observer has 4 entries related to CVE-2019-11634. Citrix Workspace App before 1904 for Windows has Incorrect Access Control.
FIRST-EPSS: 0.023530000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2019-11634
DESCRIPTION: Exploit Observer has 4 entries related to CVE-2019-11634. Citrix Workspace App before 1904 for Windows has Incorrect Access Control.
FIRST-EPSS: 0.023530000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2017-8759
DESCRIPTION: Exploit Observer has 118 entries related to CVE-2017-8759. Microsoft .NET Framework 2.0, 3.5, 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2 and 4.7 allow an attacker to execute code remotely via a malicious document or application, aka ".NET Framework Remote Code Execution Vulnerability."
FIRST-EPSS: 0.970420000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2017-8759
DESCRIPTION: Exploit Observer has 118 entries related to CVE-2017-8759. Microsoft .NET Framework 2.0, 3.5, 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2 and 4.7 allow an attacker to execute code remotely via a malicious document or application, aka ".NET Framework Remote Code Execution Vulnerability."
FIRST-EPSS: 0.970420000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2017-8543
DESCRIPTION: Exploit Observer has 9 entries related to CVE-2017-8543. Microsoft Windows XP SP3, Windows XP x64 XP2, Windows Server 2003 SP2, Windows Vista, Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an attacker to take control of the affected system when Windows Search fails to handle objects in memory, aka "Windows Search Remote Code Execution Vulnerability".
FIRST-EPSS: 0.308990000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2017-8543
DESCRIPTION: Exploit Observer has 9 entries related to CVE-2017-8543. Microsoft Windows XP SP3, Windows XP x64 XP2, Windows Server 2003 SP2, Windows Vista, Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an attacker to take control of the affected system when Windows Search fails to handle objects in memory, aka "Windows Search Remote Code Execution Vulnerability".
FIRST-EPSS: 0.308990000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2019-11043
DESCRIPTION: Exploit Observer has 120 entries related to CVE-2019-11043. In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below 7.3.11 in certain configurations of FPM setup it is possible to cause FPM module to write past allocated buffers into the space reserved for FCGI protocol data, thus opening the possibility of remote code execution.
FIRST-EPSS: 0.974690000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2019-11043
DESCRIPTION: Exploit Observer has 120 entries related to CVE-2019-11043. In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below 7.3.11 in certain configurations of FPM setup it is possible to cause FPM module to write past allocated buffers into the space reserved for FCGI protocol data, thus opening the possibility of remote code execution.
FIRST-EPSS: 0.974690000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2017-0210
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2017-0210. An elevation of privilege vulnerability exists when Internet Explorer does not properly enforce cross-domain policies, which could allow an attacker to access information from one domain and inject it into another domain, aka "Internet Explorer Elevation of Privilege Vulnerability."
FIRST-EPSS: 0.004740000
NVD-IS: 1.4
NVD-ES: 2.8
CVE-2017-0210
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2017-0210. An elevation of privilege vulnerability exists when Internet Explorer does not properly enforce cross-domain policies, which could allow an attacker to access information from one domain and inject it into another domain, aka "Internet Explorer Elevation of Privilege Vulnerability."
FIRST-EPSS: 0.004740000
NVD-IS: 1.4
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2016-5198
DESCRIPTION: Exploit Observer has 7 entries related to CVE-2016-5198. V8 in Google Chrome prior to 54.0.2840.90 for Linux, and 54.0.2840.85 for Android, and 54.0.2840.87 for Windows and Mac included incorrect optimisation assumptions, which allowed a remote attacker to perform arbitrary read/write operations, leading to code execution, via a crafted HTML page.
FIRST-EPSS: 0.039670000
NVD-IS: 5.9
NVD-ES: 2.8
CVE-2016-5198
DESCRIPTION: Exploit Observer has 7 entries related to CVE-2016-5198. V8 in Google Chrome prior to 54.0.2840.90 for Linux, and 54.0.2840.85 for Android, and 54.0.2840.87 for Windows and Mac included incorrect optimisation assumptions, which allowed a remote attacker to perform arbitrary read/write operations, leading to code execution, via a crafted HTML page.
FIRST-EPSS: 0.039670000
NVD-IS: 5.9
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2023-41992
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2023-41992. The issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.7, macOS Ventura 13.6, iOS 16.7 and iPadOS 16.7. A local attacker may be able to elevate their privileges. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.7.
FIRST-EPSS: 0.000920000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2023-41992
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2023-41992. The issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.7, macOS Ventura 13.6, iOS 16.7 and iPadOS 16.7. A local attacker may be able to elevate their privileges. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.7.
FIRST-EPSS: 0.000920000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2018-0125
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2018-0125. A vulnerability in the web interface of the Cisco RV132W ADSL2 Wireless-N VPN and RV134W VDSL2 Wireless-AC VPN Routers could allow an unauthenticated, remote attacker to execute arbitrary code and gain full control of an affected system, including issuing commands with root privileges. The attacker could also cause an affected system to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to an incomplete input validation on user-controlled input in an HTTP request to the targeted device. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected system. A successful exploit could allow the attacker to execute arbitrary code as the root user and gain full control of the affected system or cause it to reload, resulting in a DoS condition. This vulnerability is fixed in firmware version 1.0.1.11 for the following Cisco products: RV132W ADSL2 Wireless-N VPN Router and RV134W VDSL2 Wireless-AC VPN Router. Cisco Bug IDs: CSCvg92737, CSCvh60170.
FIRST-EPSS: 0.392680000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2018-0125
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2018-0125. A vulnerability in the web interface of the Cisco RV132W ADSL2 Wireless-N VPN and RV134W VDSL2 Wireless-AC VPN Routers could allow an unauthenticated, remote attacker to execute arbitrary code and gain full control of an affected system, including issuing commands with root privileges. The attacker could also cause an affected system to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to an incomplete input validation on user-controlled input in an HTTP request to the targeted device. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected system. A successful exploit could allow the attacker to execute arbitrary code as the root user and gain full control of the affected system or cause it to reload, resulting in a DoS condition. This vulnerability is fixed in firmware version 1.0.1.11 for the following Cisco products: RV132W ADSL2 Wireless-N VPN Router and RV134W VDSL2 Wireless-AC VPN Router. Cisco Bug IDs: CSCvg92737, CSCvh60170.
FIRST-EPSS: 0.392680000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2012-1856
DESCRIPTION: Exploit Observer has 7 entries related to CVE-2012-1856. The TabStrip ActiveX control in the Common Controls in MSCOMCTL.OCX in Microsoft Office 2003 SP3, Office 2003 Web Components SP3, Office 2007 SP2 and SP3, Office 2010 SP1, SQL Server 2000 SP4, SQL Server 2005 SP4, SQL Server 2008 SP2, SP3, R2, R2 SP1, and R2 SP2, Commerce Server 2002 SP4, Commerce Server 2007 SP2, Commerce Server 2009 Gold and R2, Host Integration Server 2004 SP1, Visual FoxPro 8.0 SP1, Visual FoxPro 9.0 SP2, and Visual Basic 6.0 Runtime allows remote attackers to execute arbitrary code via a crafted (1) document or (2) web page that triggers system-state corruption, aka "MSCOMCTL.OCX RCE Vulnerability."
FIRST-EPSS: 0.937960000
NVD-IS: 10.0
NVD-ES: 8.6
CVE-2012-1856
DESCRIPTION: Exploit Observer has 7 entries related to CVE-2012-1856. The TabStrip ActiveX control in the Common Controls in MSCOMCTL.OCX in Microsoft Office 2003 SP3, Office 2003 Web Components SP3, Office 2007 SP2 and SP3, Office 2010 SP1, SQL Server 2000 SP4, SQL Server 2005 SP4, SQL Server 2008 SP2, SP3, R2, R2 SP1, and R2 SP2, Commerce Server 2002 SP4, Commerce Server 2007 SP2, Commerce Server 2009 Gold and R2, Host Integration Server 2004 SP1, Visual FoxPro 8.0 SP1, Visual FoxPro 9.0 SP2, and Visual Basic 6.0 Runtime allows remote attackers to execute arbitrary code via a crafted (1) document or (2) web page that triggers system-state corruption, aka "MSCOMCTL.OCX RCE Vulnerability."
FIRST-EPSS: 0.937960000
NVD-IS: 10.0
NVD-ES: 8.6
#ExploitObserverAlert
CVE-2013-1675
DESCRIPTION: Exploit Observer has 13 entries related to CVE-2013-1675. Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 do not properly initialize data structures for the nsDOMSVGZoomEvent::mPreviousScale and nsDOMSVGZoomEvent::mNewScale functions, which allows remote attackers to obtain sensitive information from process memory via a crafted web site.
FIRST-EPSS: 0.004110000
NVD-IS: 2.9
NVD-ES: 8.6
CVE-2013-1675
DESCRIPTION: Exploit Observer has 13 entries related to CVE-2013-1675. Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 do not properly initialize data structures for the nsDOMSVGZoomEvent::mPreviousScale and nsDOMSVGZoomEvent::mNewScale functions, which allows remote attackers to obtain sensitive information from process memory via a crafted web site.
FIRST-EPSS: 0.004110000
NVD-IS: 2.9
NVD-ES: 8.6
#ExploitObserverAlert
CVE-2013-7331
DESCRIPTION: Exploit Observer has 8 entries related to CVE-2013-7331. The Microsoft.XMLDOM ActiveX control in Microsoft Windows 8.1 and earlier allows remote attackers to determine the existence of local pathnames, UNC share pathnames, intranet hostnames, and intranet IP addresses by examining error codes, as demonstrated by a res:// URL, and exploited in the wild in February 2014.
FIRST-EPSS: 0.558250000
NVD-IS: 2.9
NVD-ES: 8.6
CVE-2013-7331
DESCRIPTION: Exploit Observer has 8 entries related to CVE-2013-7331. The Microsoft.XMLDOM ActiveX control in Microsoft Windows 8.1 and earlier allows remote attackers to determine the existence of local pathnames, UNC share pathnames, intranet hostnames, and intranet IP addresses by examining error codes, as demonstrated by a res:// URL, and exploited in the wild in February 2014.
FIRST-EPSS: 0.558250000
NVD-IS: 2.9
NVD-ES: 8.6
#ExploitObserverAlert
CVE-2021-37973
DESCRIPTION: Exploit Observer has 8 entries related to CVE-2021-37973. Use after free in Portals in Google Chrome prior to 94.0.4606.61 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
FIRST-EPSS: 0.005550000
NVD-IS: 6.0
NVD-ES: 2.8
CVE-2021-37973
DESCRIPTION: Exploit Observer has 8 entries related to CVE-2021-37973. Use after free in Portals in Google Chrome prior to 94.0.4606.61 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
FIRST-EPSS: 0.005550000
NVD-IS: 6.0
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2013-3896
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2013-3896. Microsoft Silverlight 5 before 5.1.20913.0 does not properly validate pointers during access to Silverlight elements, which allows remote attackers to obtain sensitive information via a crafted Silverlight application, aka "Silverlight Vulnerability."
FIRST-EPSS: 0.161250000
NVD-IS: 2.9
NVD-ES: 8.6
CVE-2013-3896
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2013-3896. Microsoft Silverlight 5 before 5.1.20913.0 does not properly validate pointers during access to Silverlight elements, which allows remote attackers to obtain sensitive information via a crafted Silverlight application, aka "Silverlight Vulnerability."
FIRST-EPSS: 0.161250000
NVD-IS: 2.9
NVD-ES: 8.6
#ExploitObserverAlert
CVE-2023-33246
DESCRIPTION: Exploit Observer has 40 entries related to CVE-2023-33246. For RocketMQ versions 5.1.0 and below, under certain conditions, there is a risk of remote command execution. Several components of RocketMQ, including NameServer, Broker, and Controller, are leaked on the extranet and lack permission verification, an attacker can exploit this vulnerability by using the update configuration function to execute commands as the system users that RocketMQ is running as. Additionally, an attacker can achieve the same effect by forging the RocketMQ protocol content. To prevent these attacks, users are recommended to upgrade to version 5.1.1 or above for using RocketMQ 5.x or 4.9.6 or above for using RocketMQ 4.x .
FIRST-EPSS: 0.971220000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2023-33246
DESCRIPTION: Exploit Observer has 40 entries related to CVE-2023-33246. For RocketMQ versions 5.1.0 and below, under certain conditions, there is a risk of remote command execution. Several components of RocketMQ, including NameServer, Broker, and Controller, are leaked on the extranet and lack permission verification, an attacker can exploit this vulnerability by using the update configuration function to execute commands as the system users that RocketMQ is running as. Additionally, an attacker can achieve the same effect by forging the RocketMQ protocol content. To prevent these attacks, users are recommended to upgrade to version 5.1.1 or above for using RocketMQ 5.x or 4.9.6 or above for using RocketMQ 4.x .
FIRST-EPSS: 0.971220000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2020-4430
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2020-4430. IBM Data Risk Manager 2.0.1, 2.0.2, 2.0.3, and 2.0.4 could allow a remote authenticated attacker to traverse directories on the system. An attacker could send a specially-crafted URL request to download arbitrary files from the system. IBM X-Force ID: 180535.
FIRST-EPSS: 0.958020000
NVD-IS: 1.4
NVD-ES: 2.8
CVE-2020-4430
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2020-4430. IBM Data Risk Manager 2.0.1, 2.0.2, 2.0.3, and 2.0.4 could allow a remote authenticated attacker to traverse directories on the system. An attacker could send a specially-crafted URL request to download arbitrary files from the system. IBM X-Force ID: 180535.
FIRST-EPSS: 0.958020000
NVD-IS: 1.4
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2010-0232
DESCRIPTION: Exploit Observer has 26 entries related to CVE-2010-0232. The kernel in Microsoft Windows NT 3.1 through Windows 7, including Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, and Windows Server 2008 Gold and SP2, when access to 16-bit applications is enabled on a 32-bit x86 platform, does not properly validate certain BIOS calls, which allows local users to gain privileges by crafting a VDM_TIB data structure in the Thread Environment Block (TEB), and then calling the NtVdmControl function to start the Windows Virtual DOS Machine (aka NTVDM) subsystem, leading to improperly handled exceptions involving the
CVE-2010-0232
DESCRIPTION: Exploit Observer has 26 entries related to CVE-2010-0232. The kernel in Microsoft Windows NT 3.1 through Windows 7, including Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, and Windows Server 2008 Gold and SP2, when access to 16-bit applications is enabled on a 32-bit x86 platform, does not properly validate certain BIOS calls, which allows local users to gain privileges by crafting a VDM_TIB data structure in the Thread Environment Block (TEB), and then calling the NtVdmControl function to start the Windows Virtual DOS Machine (aka NTVDM) subsystem, leading to improperly handled exceptions involving the
#ExploitObserverAlert
CVE-2017-6744
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2017-6744. The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE Software contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload. An attacker could exploit these vulnerabilities by sending a crafted SNMP packet to an affected system via IPv4 or IPv6. Only traffic directed to an affected system can be used to exploit these vulnerabilities. The vulnerabilities are due to a buffer overflow condition in the SNMP subsystem of the affected software. The vulnerabilities affect all versions of SNMP - Versions 1, 2c, and 3. To exploit these vulnerabilities via SNMP Version 2c or earlier, the attacker must know the SNMP read-only community string for the affected system. To exploit these vulnerabilities via SNMP Version 3, the attacker must have user credentials for the affected system. A successful exploit could allow the attacker to execute arbitrary code and obtain full control of the affected system or cause the affected system to reload. Customers are advised to apply the workaround as contained in the Workarounds section below. Fixed software information is available via the Cisco IOS Software Checker. All devices that have enabled SNMP and have not explicitly excluded the affected MIBs or OIDs should be considered vulnerable. There are workarounds that address these vulnerabilities.
FIRST-EPSS: 0.006270000
NVD-IS: 5.9
NVD-ES: 2.8
CVE-2017-6744
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2017-6744. The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE Software contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload. An attacker could exploit these vulnerabilities by sending a crafted SNMP packet to an affected system via IPv4 or IPv6. Only traffic directed to an affected system can be used to exploit these vulnerabilities. The vulnerabilities are due to a buffer overflow condition in the SNMP subsystem of the affected software. The vulnerabilities affect all versions of SNMP - Versions 1, 2c, and 3. To exploit these vulnerabilities via SNMP Version 2c or earlier, the attacker must know the SNMP read-only community string for the affected system. To exploit these vulnerabilities via SNMP Version 3, the attacker must have user credentials for the affected system. A successful exploit could allow the attacker to execute arbitrary code and obtain full control of the affected system or cause the affected system to reload. Customers are advised to apply the workaround as contained in the Workarounds section below. Fixed software information is available via the Cisco IOS Software Checker. All devices that have enabled SNMP and have not explicitly excluded the affected MIBs or OIDs should be considered vulnerable. There are workarounds that address these vulnerabilities.
FIRST-EPSS: 0.006270000
NVD-IS: 5.9
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2018-0180
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2018-0180. Multiple vulnerabilities in the Login Enhancements (Login Block) feature of Cisco IOS Software could allow an unauthenticated, remote attacker to trigger a reload of an affected system, resulting in a denial of service (DoS) condition. These vulnerabilities affect Cisco devices that are running Cisco IOS Software Release 15.4(2)T, 15.4(3)M, or 15.4(2)CG and later. Cisco Bug IDs: CSCuy32360, CSCuz60599.
FIRST-EPSS: 0.001610000
NVD-IS: 3.6
NVD-ES: 2.2
CVE-2018-0180
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2018-0180. Multiple vulnerabilities in the Login Enhancements (Login Block) feature of Cisco IOS Software could allow an unauthenticated, remote attacker to trigger a reload of an affected system, resulting in a denial of service (DoS) condition. These vulnerabilities affect Cisco devices that are running Cisco IOS Software Release 15.4(2)T, 15.4(3)M, or 15.4(2)CG and later. Cisco Bug IDs: CSCuy32360, CSCuz60599.
FIRST-EPSS: 0.001610000
NVD-IS: 3.6
NVD-ES: 2.2
#ExploitObserverAlert
CVE-2020-0674
DESCRIPTION: Exploit Observer has 35 entries related to CVE-2020-0674. A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0673, CVE-2020-0710, CVE-2020-0711, CVE-2020-0712, CVE-2020-0713, CVE-2020-0767.
FIRST-EPSS: 0.974230000
NVD-IS: 5.9
NVD-ES: 1.6
CVE-2020-0674
DESCRIPTION: Exploit Observer has 35 entries related to CVE-2020-0674. A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0673, CVE-2020-0710, CVE-2020-0711, CVE-2020-0712, CVE-2020-0713, CVE-2020-0767.
FIRST-EPSS: 0.974230000
NVD-IS: 5.9
NVD-ES: 1.6
#ExploitObserverAlert
CVE-2013-2551
DESCRIPTION: Exploit Observer has 6 entries related to CVE-2013-2551. Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, as demonstrated by VUPEN during a Pwn2Own competition at CanSecWest 2013, aka "Internet Explorer Use After Free Vulnerability," a different vulnerability than CVE-2013-1308 and CVE-2013-1309.
FIRST-EPSS: 0.972200000
NVD-IS: 10.0
NVD-ES: 8.6
CVE-2013-2551
DESCRIPTION: Exploit Observer has 6 entries related to CVE-2013-2551. Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, as demonstrated by VUPEN during a Pwn2Own competition at CanSecWest 2013, aka "Internet Explorer Use After Free Vulnerability," a different vulnerability than CVE-2013-1308 and CVE-2013-1309.
FIRST-EPSS: 0.972200000
NVD-IS: 10.0
NVD-ES: 8.6