#ExploitObserverAlert
CVE-2021-0920
DESCRIPTION: Exploit Observer has 12 entries related to CVE-2021-0920. In unix_scm_to_skb of af_unix.c, there is a possible use after free bug due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-196926917References: Upstream kernel
FIRST-EPSS: 0.000640000
NVD-IS: 5.9
NVD-ES: 0.5
CVE-2021-0920
DESCRIPTION: Exploit Observer has 12 entries related to CVE-2021-0920. In unix_scm_to_skb of af_unix.c, there is a possible use after free bug due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-196926917References: Upstream kernel
FIRST-EPSS: 0.000640000
NVD-IS: 5.9
NVD-ES: 0.5
#ExploitObserverAlert
CVE-2021-27562
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2021-27562. In Arm Trusted Firmware M through 1.2, the NS world may trigger a system halt, an overwrite of secure data, or the printing out of secure data when calling secure functions under the NSPE handler mode.
FIRST-EPSS: 0.958430000
NVD-IS: 3.6
NVD-ES: 1.8
CVE-2021-27562
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2021-27562. In Arm Trusted Firmware M through 1.2, the NS world may trigger a system halt, an overwrite of secure data, or the printing out of secure data when calling secure functions under the NSPE handler mode.
FIRST-EPSS: 0.958430000
NVD-IS: 3.6
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2017-12240
DESCRIPTION: Exploit Observer has 5 entries related to CVE-2017-12240. The DHCP relay subsystem of Cisco IOS 12.2 through 15.6 and Cisco IOS XE Software contains a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code and gain full control of an affected system. The attacker could also cause an affected system to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to a buffer overflow condition in the DHCP relay subsystem of the affected software. An attacker could exploit this vulnerability by sending a crafted DHCP Version 4 (DHCPv4) packet to an affected system. A successful exploit could allow the attacker to execute arbitrary code and gain full control of the affected system or cause the affected system to reload, resulting in a DoS condition. Cisco Bug IDs: CSCsm45390, CSCuw77959.
FIRST-EPSS: 0.051780000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2017-12240
DESCRIPTION: Exploit Observer has 5 entries related to CVE-2017-12240. The DHCP relay subsystem of Cisco IOS 12.2 through 15.6 and Cisco IOS XE Software contains a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code and gain full control of an affected system. The attacker could also cause an affected system to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to a buffer overflow condition in the DHCP relay subsystem of the affected software. An attacker could exploit this vulnerability by sending a crafted DHCP Version 4 (DHCPv4) packet to an affected system. A successful exploit could allow the attacker to execute arbitrary code and gain full control of the affected system or cause the affected system to reload, resulting in a DoS condition. Cisco Bug IDs: CSCsm45390, CSCuw77959.
FIRST-EPSS: 0.051780000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2020-8193
DESCRIPTION: Exploit Observer has 41 entries related to CVE-2020-8193. Improper access control in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7 allows unauthenticated access to certain URL endpoints.
FIRST-EPSS: 0.939810000
NVD-IS: 2.5
NVD-ES: 3.9
CVE-2020-8193
DESCRIPTION: Exploit Observer has 41 entries related to CVE-2020-8193. Improper access control in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7 allows unauthenticated access to certain URL endpoints.
FIRST-EPSS: 0.939810000
NVD-IS: 2.5
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2015-7450
DESCRIPTION: Exploit Observer has 55 entries related to CVE-2015-7450. Serialized-object interfaces in certain IBM analytics, business solutions, cognitive, IT infrastructure, and mobile and social products allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the InvokerTransformer class in the Apache Commons Collections library.
FIRST-EPSS: 0.973900000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2015-7450
DESCRIPTION: Exploit Observer has 55 entries related to CVE-2015-7450. Serialized-object interfaces in certain IBM analytics, business solutions, cognitive, IT infrastructure, and mobile and social products allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the InvokerTransformer class in the Apache Commons Collections library.
FIRST-EPSS: 0.973900000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2022-21971
DESCRIPTION: Exploit Observer has 16 entries related to CVE-2022-21971. Windows Runtime Remote Code Execution Vulnerability
FIRST-EPSS: 0.499470000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2022-21971
DESCRIPTION: Exploit Observer has 16 entries related to CVE-2022-21971. Windows Runtime Remote Code Execution Vulnerability
FIRST-EPSS: 0.499470000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2023-36563
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2023-36563. Microsoft WordPad Information Disclosure Vulnerability
FIRST-EPSS: 0.003320000
NVD-IS: 3.6
NVD-ES: 2.8
CVE-2023-36563
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2023-36563. Microsoft WordPad Information Disclosure Vulnerability
FIRST-EPSS: 0.003320000
NVD-IS: 3.6
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2021-44515
DESCRIPTION: Exploit Observer has 6 entries related to CVE-2021-44515. Zoho ManageEngine Desktop Central is vulnerable to authentication bypass, leading to remote code execution on the server, as exploited in the wild in December 2021. For Enterprise builds 10.1.2127.17 and earlier, upgrade to 10.1.2127.18. For Enterprise builds 10.1.2128.0 through 10.1.2137.2, upgrade to 10.1.2137.3. For MSP builds 10.1.2127.17 and earlier, upgrade to 10.1.2127.18. For MSP builds 10.1.2128.0 through 10.1.2137.2, upgrade to 10.1.2137.3.
FIRST-EPSS: 0.972970000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2021-44515
DESCRIPTION: Exploit Observer has 6 entries related to CVE-2021-44515. Zoho ManageEngine Desktop Central is vulnerable to authentication bypass, leading to remote code execution on the server, as exploited in the wild in December 2021. For Enterprise builds 10.1.2127.17 and earlier, upgrade to 10.1.2127.18. For Enterprise builds 10.1.2128.0 through 10.1.2137.2, upgrade to 10.1.2137.3. For MSP builds 10.1.2127.17 and earlier, upgrade to 10.1.2127.18. For MSP builds 10.1.2128.0 through 10.1.2137.2, upgrade to 10.1.2137.3.
FIRST-EPSS: 0.972970000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2018-0159
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2018-0159. A vulnerability in the implementation of Internet Key Exchange Version 1 (IKEv1) functionality in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to improper validation of specific IKEv1 packets. An attacker could exploit this vulnerability by sending crafted IKEv1 packets to an affected device during an IKE negotiation. A successful exploit could allow the attacker to cause an affected device to reload, resulting in a DoS condition. Cisco Bug IDs: CSCuj73916.
FIRST-EPSS: 0.003030000
NVD-IS: 3.6
NVD-ES: 3.9
CVE-2018-0159
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2018-0159. A vulnerability in the implementation of Internet Key Exchange Version 1 (IKEv1) functionality in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to improper validation of specific IKEv1 packets. An attacker could exploit this vulnerability by sending crafted IKEv1 packets to an affected device during an IKE negotiation. A successful exploit could allow the attacker to cause an affected device to reload, resulting in a DoS condition. Cisco Bug IDs: CSCuj73916.
FIRST-EPSS: 0.003030000
NVD-IS: 3.6
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2018-0802
DESCRIPTION: Exploit Observer has 81 entries related to CVE-2018-0802. Equation Editor in Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allow a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Office Memory Corruption Vulnerability". This CVE is unique from CVE-2018-0797 and CVE-2018-0812.
FIRST-EPSS: 0.972110000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2018-0802
DESCRIPTION: Exploit Observer has 81 entries related to CVE-2018-0802. Equation Editor in Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allow a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Office Memory Corruption Vulnerability". This CVE is unique from CVE-2018-0797 and CVE-2018-0812.
FIRST-EPSS: 0.972110000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2019-0808
DESCRIPTION: Exploit Observer has 25 entries related to CVE-2019-0808. An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0797.
FIRST-EPSS: 0.000510000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2019-0808
DESCRIPTION: Exploit Observer has 25 entries related to CVE-2019-0808. An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0797.
FIRST-EPSS: 0.000510000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2017-5030
DESCRIPTION: Exploit Observer has 10 entries related to CVE-2017-5030. Incorrect handling of complex species in V8 in Google Chrome prior to 57.0.2987.98 for Linux, Windows, and Mac and 57.0.2987.108 for Android allowed a remote attacker to execute arbitrary code via a crafted HTML page.
FIRST-EPSS: 0.489510000
NVD-IS: 5.9
NVD-ES: 2.8
CVE-2017-5030
DESCRIPTION: Exploit Observer has 10 entries related to CVE-2017-5030. Incorrect handling of complex species in V8 in Google Chrome prior to 57.0.2987.98 for Linux, Windows, and Mac and 57.0.2987.108 for Android allowed a remote attacker to execute arbitrary code via a crafted HTML page.
FIRST-EPSS: 0.489510000
NVD-IS: 5.9
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2017-0101
DESCRIPTION: Exploit Observer has 9 entries related to CVE-2017-0101. The kernel-mode drivers in Transaction Manager in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2; Windows 7 SP1; Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allow local users to gain privileges via a crafted application, aka "Windows Elevation of Privilege Vulnerability."
FIRST-EPSS: 0.001480000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2017-0101
DESCRIPTION: Exploit Observer has 9 entries related to CVE-2017-0101. The kernel-mode drivers in Transaction Manager in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2; Windows 7 SP1; Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allow local users to gain privileges via a crafted application, aka "Windows Elevation of Privilege Vulnerability."
FIRST-EPSS: 0.001480000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2018-15982
DESCRIPTION: Exploit Observer has 45 entries related to CVE-2018-15982. Flash Player versions 31.0.0.153 and earlier, and 31.0.0.108 and earlier have a use after free vulnerability. Successful exploitation could lead to arbitrary code execution.
FIRST-EPSS: 0.974200000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2018-15982
DESCRIPTION: Exploit Observer has 45 entries related to CVE-2018-15982. Flash Player versions 31.0.0.153 and earlier, and 31.0.0.108 and earlier have a use after free vulnerability. Successful exploitation could lead to arbitrary code execution.
FIRST-EPSS: 0.974200000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2012-0507
DESCRIPTION: Exploit Observer has 25 entries related to CVE-2012-0507. Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, and 5.0 Update 33 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Concurrency. NOTE: the previous information was obtained from the February 2012 Oracle CPU. Oracle has not commented on claims from a downstream vendor and third party researchers that this issue occurs because the AtomicReferenceArray class implementation does not ensure that the array is of the Object[] type, which allows attackers to cause a denial of service (JVM crash) or bypass Java sandbox restrictions. NOTE: this issue was originally mapped to CVE-2011-3571, but that identifier was already assigned to a different issue.
FIRST-EPSS: 0.973360000
NVD-IS: 10.0
NVD-ES: 10.0
CVE-2012-0507
DESCRIPTION: Exploit Observer has 25 entries related to CVE-2012-0507. Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, and 5.0 Update 33 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Concurrency. NOTE: the previous information was obtained from the February 2012 Oracle CPU. Oracle has not commented on claims from a downstream vendor and third party researchers that this issue occurs because the AtomicReferenceArray class implementation does not ensure that the array is of the Object[] type, which allows attackers to cause a denial of service (JVM crash) or bypass Java sandbox restrictions. NOTE: this issue was originally mapped to CVE-2011-3571, but that identifier was already assigned to a different issue.
FIRST-EPSS: 0.973360000
NVD-IS: 10.0
NVD-ES: 10.0
#ExploitObserverAlert
CVE-2018-8405
DESCRIPTION: Exploit Observer has 4 entries related to CVE-2018-8405. An elevation of privilege vulnerability exists when the DirectX Graphics Kernel (DXGKRNL) driver improperly handles objects in memory, aka "DirectX Graphics Kernel Elevation of Privilege Vulnerability." This affects Windows Server 2012 R2, Windows RT 8.1, Windows Server 2016, Windows 8.1, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-8400, CVE-2018-8401, CVE-2018-8406.
FIRST-EPSS: 0.000710000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2018-8405
DESCRIPTION: Exploit Observer has 4 entries related to CVE-2018-8405. An elevation of privilege vulnerability exists when the DirectX Graphics Kernel (DXGKRNL) driver improperly handles objects in memory, aka "DirectX Graphics Kernel Elevation of Privilege Vulnerability." This affects Windows Server 2012 R2, Windows RT 8.1, Windows Server 2016, Windows 8.1, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-8400, CVE-2018-8401, CVE-2018-8406.
FIRST-EPSS: 0.000710000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2008-0655
DESCRIPTION: Exploit Observer has 21 entries related to CVE-2008-0655. Multiple unspecified vulnerabilities in Adobe Reader and Acrobat before 8.1.2 have unknown impact and attack vectors.
FIRST-EPSS: 0.953040000
NVD-IS: 10.0
NVD-ES: 8.6
CVE-2008-0655
DESCRIPTION: Exploit Observer has 21 entries related to CVE-2008-0655. Multiple unspecified vulnerabilities in Adobe Reader and Acrobat before 8.1.2 have unknown impact and attack vectors.
FIRST-EPSS: 0.953040000
NVD-IS: 10.0
NVD-ES: 8.6
#ExploitObserverAlert
CVE-2019-13272
DESCRIPTION: Exploit Observer has 116 entries related to CVE-2019-13272. In the Linux kernel before 5.1.17, ptrace_link in kernel/ptrace.c mishandles the recording of the credentials of a process that wants to create a ptrace relationship, which allows local users to obtain root access by leveraging certain scenarios with a parent-child process relationship, where a parent drops privileges and calls execve (potentially allowing control by an attacker). One contributing factor is an object lifetime issue (which can also cause a panic). Another contributing factor is incorrect marking of a ptrace relationship as privileged, which is exploitable through (for example) Polkit's pkexec helper with PTRACE_TRACEME. NOTE: SELinux deny_ptrace might be a usable workaround in some environments.
FIRST-EPSS: 0.000520000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2019-13272
DESCRIPTION: Exploit Observer has 116 entries related to CVE-2019-13272. In the Linux kernel before 5.1.17, ptrace_link in kernel/ptrace.c mishandles the recording of the credentials of a process that wants to create a ptrace relationship, which allows local users to obtain root access by leveraging certain scenarios with a parent-child process relationship, where a parent drops privileges and calls execve (potentially allowing control by an attacker). One contributing factor is an object lifetime issue (which can also cause a panic). Another contributing factor is incorrect marking of a ptrace relationship as privileged, which is exploitable through (for example) Polkit's pkexec helper with PTRACE_TRACEME. NOTE: SELinux deny_ptrace might be a usable workaround in some environments.
FIRST-EPSS: 0.000520000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2018-17480
DESCRIPTION: Exploit Observer has 6 entries related to CVE-2018-17480. Execution of user supplied Javascript during array deserialization leading to an out of bounds write in V8 in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.
FIRST-EPSS: 0.069130000
NVD-IS: 5.9
NVD-ES: 2.8
CVE-2018-17480
DESCRIPTION: Exploit Observer has 6 entries related to CVE-2018-17480. Execution of user supplied Javascript during array deserialization leading to an out of bounds write in V8 in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.
FIRST-EPSS: 0.069130000
NVD-IS: 5.9
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2020-1472
DESCRIPTION: Exploit Observer has 414 entries related to CVE-2020-1472. An elevation of privilege vulnerability exists when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol (MS-NRPC), aka 'Netlogon Elevation of Privilege Vulnerability'.
FIRST-EPSS: 0.974580000
NVD-IS: 6.0
NVD-ES: 3.9
CVE-2020-1472
DESCRIPTION: Exploit Observer has 414 entries related to CVE-2020-1472. An elevation of privilege vulnerability exists when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol (MS-NRPC), aka 'Netlogon Elevation of Privilege Vulnerability'.
FIRST-EPSS: 0.974580000
NVD-IS: 6.0
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2017-0213
DESCRIPTION: Exploit Observer has 111 entries related to CVE-2017-0213. Windows COM Aggregate Marshaler in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an elevation privilege vulnerability when an attacker runs a specially crafted application, aka "Windows COM Elevation of Privilege Vulnerability". This CVE ID is unique from CVE-2017-0214.
FIRST-EPSS: 0.009540000
NVD-IS: 3.6
NVD-ES: 1.0
CVE-2017-0213
DESCRIPTION: Exploit Observer has 111 entries related to CVE-2017-0213. Windows COM Aggregate Marshaler in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an elevation privilege vulnerability when an attacker runs a specially crafted application, aka "Windows COM Elevation of Privilege Vulnerability". This CVE ID is unique from CVE-2017-0214.
FIRST-EPSS: 0.009540000
NVD-IS: 3.6
NVD-ES: 1.0