#ExploitObserverAlert
CVE-2020-9818
DESCRIPTION: Exploit Observer has 4 entries related to CVE-2020-9818. An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.5 and iPadOS 13.5, iOS 12.4.7, watchOS 6.2.5. Processing a maliciously crafted mail message may lead to unexpected memory modification or application termination.
FIRST-EPSS: 0.016550000
NVD-IS: 5.9
NVD-ES: 2.8
CVE-2020-9818
DESCRIPTION: Exploit Observer has 4 entries related to CVE-2020-9818. An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.5 and iPadOS 13.5, iOS 12.4.7, watchOS 6.2.5. Processing a maliciously crafted mail message may lead to unexpected memory modification or application termination.
FIRST-EPSS: 0.016550000
NVD-IS: 5.9
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2022-35914
DESCRIPTION: Exploit Observer has 38 entries related to CVE-2022-35914. /vendor/htmlawed/htmlawed/htmLawedTest.php in the htmlawed module for GLPI through 10.0.2 allows PHP code injection.
FIRST-EPSS: 0.968630000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2022-35914
DESCRIPTION: Exploit Observer has 38 entries related to CVE-2022-35914. /vendor/htmlawed/htmlawed/htmLawedTest.php in the htmlawed module for GLPI through 10.0.2 allows PHP code injection.
FIRST-EPSS: 0.968630000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2022-0609
DESCRIPTION: Exploit Observer has 10 entries related to CVE-2022-0609. Use after free in Animation in Google Chrome prior to 98.0.4758.102 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
FIRST-EPSS: 0.056810000
NVD-IS: 5.9
NVD-ES: 2.8
CVE-2022-0609
DESCRIPTION: Exploit Observer has 10 entries related to CVE-2022-0609. Use after free in Animation in Google Chrome prior to 98.0.4758.102 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
FIRST-EPSS: 0.056810000
NVD-IS: 5.9
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2021-27102
DESCRIPTION: Exploit Observer has 9 entries related to CVE-2021-27102. Accellion FTA 9_12_411 and earlier is affected by OS command execution via a local web service call. The fixed version is FTA_9_12_416 and later.
FIRST-EPSS: 0.000830000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2021-27102
DESCRIPTION: Exploit Observer has 9 entries related to CVE-2021-27102. Accellion FTA 9_12_411 and earlier is affected by OS command execution via a local web service call. The fixed version is FTA_9_12_416 and later.
FIRST-EPSS: 0.000830000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2020-12271
DESCRIPTION: Exploit Observer has 7 entries related to CVE-2020-12271. A SQL injection issue was found in SFOS 17.0, 17.1, 17.5, and 18.0 before 2020-04-25 on Sophos XG Firewall devices, as exploited in the wild in April 2020. This affected devices configured with either the administration (HTTPS) service or the User Portal exposed on the WAN zone. A successful attack may have caused remote code execution that exfiltrated usernames and hashed passwords for the local device admin(s), portal admins, and user accounts used for remote access (but not external Active Directory or LDAP passwords)
FIRST-EPSS: 0.011730000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2020-12271
DESCRIPTION: Exploit Observer has 7 entries related to CVE-2020-12271. A SQL injection issue was found in SFOS 17.0, 17.1, 17.5, and 18.0 before 2020-04-25 on Sophos XG Firewall devices, as exploited in the wild in April 2020. This affected devices configured with either the administration (HTTPS) service or the User Portal exposed on the WAN zone. A successful attack may have caused remote code execution that exfiltrated usernames and hashed passwords for the local device admin(s), portal admins, and user accounts used for remote access (but not external Active Directory or LDAP passwords)
FIRST-EPSS: 0.011730000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2014-1761
DESCRIPTION: Exploit Observer has 8 entries related to CVE-2014-1761. Microsoft Word 2003 SP3, 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT; Word Viewer; Office Compatibility Pack SP3; Office for Mac 2011; Word Automation Services on SharePoint Server 2010 SP1 and SP2 and 2013; Office Web Apps 2010 SP1 and SP2; and Office Web Apps Server 2013 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted RTF data, as exploited in the wild in March 2014.
FIRST-EPSS: 0.740420000
NVD-IS: 10.0
NVD-ES: 8.6
CVE-2014-1761
DESCRIPTION: Exploit Observer has 8 entries related to CVE-2014-1761. Microsoft Word 2003 SP3, 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT; Word Viewer; Office Compatibility Pack SP3; Office for Mac 2011; Word Automation Services on SharePoint Server 2010 SP1 and SP2 and 2013; Office Web Apps 2010 SP1 and SP2; and Office Web Apps Server 2013 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted RTF data, as exploited in the wild in March 2014.
FIRST-EPSS: 0.740420000
NVD-IS: 10.0
NVD-ES: 8.6
#ExploitObserverAlert
CVE-2021-22205
DESCRIPTION: Exploit Observer has 106 entries related to CVE-2021-22205. An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.9. GitLab was not properly validating image files that were passed to a file parser which resulted in a remote command execution.
FIRST-EPSS: 0.972900000
NVD-IS: 6.0
NVD-ES: 3.9
CVE-2021-22205
DESCRIPTION: Exploit Observer has 106 entries related to CVE-2021-22205. An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.9. GitLab was not properly validating image files that were passed to a file parser which resulted in a remote command execution.
FIRST-EPSS: 0.972900000
NVD-IS: 6.0
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2021-22900
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2021-22900. A vulnerability allowed multiple unrestricted uploads in Pulse Connect Secure before 9.1R11.4 that could lead to an authenticated administrator to perform a file write via a maliciously crafted archive upload in the administrator web interface.
FIRST-EPSS: 0.005140000
NVD-IS: 5.9
NVD-ES: 1.2
CVE-2021-22900
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2021-22900. A vulnerability allowed multiple unrestricted uploads in Pulse Connect Secure before 9.1R11.4 that could lead to an authenticated administrator to perform a file write via a maliciously crafted archive upload in the administrator web interface.
FIRST-EPSS: 0.005140000
NVD-IS: 5.9
NVD-ES: 1.2
#ExploitObserverAlert
CVE-2023-20198
DESCRIPTION: Exploit Observer has 170 entries related to CVE-2023-20198. Cisco is providing an update for the ongoing investigation into observed exploitation of the web UI feature in Cisco IOS XE Software. We are updating the list of fixed releases and adding the Software Checker. Our investigation has determined that the actors exploited two previously unknown issues. The attacker first exploited CVE-2023-20198 to gain initial access and issued a privilege 15 command to create a local user and password combination. This allowed the user to log in with normal user access. The attacker then exploited another component of the web UI feature, leveraging the new local user to elevate privilege to root and write the implant to the file system. Cisco has assigned CVE-2023-20273 to this issue. CVE-2023-20198 has been assigned a CVSS Score of 10.0. CVE-2023-20273 has been assigned a CVSS Score of 7.2. Both of these CVEs are being tracked by CSCwh87343.
FIRST-EPSS: 0.890740000
NVD-IS: 6.0
NVD-ES: 3.9
CVE-2023-20198
DESCRIPTION: Exploit Observer has 170 entries related to CVE-2023-20198. Cisco is providing an update for the ongoing investigation into observed exploitation of the web UI feature in Cisco IOS XE Software. We are updating the list of fixed releases and adding the Software Checker. Our investigation has determined that the actors exploited two previously unknown issues. The attacker first exploited CVE-2023-20198 to gain initial access and issued a privilege 15 command to create a local user and password combination. This allowed the user to log in with normal user access. The attacker then exploited another component of the web UI feature, leveraging the new local user to elevate privilege to root and write the implant to the file system. Cisco has assigned CVE-2023-20273 to this issue. CVE-2023-20198 has been assigned a CVSS Score of 10.0. CVE-2023-20273 has been assigned a CVSS Score of 7.2. Both of these CVEs are being tracked by CSCwh87343.
FIRST-EPSS: 0.890740000
NVD-IS: 6.0
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2019-1388
DESCRIPTION: Exploit Observer has 78 entries related to CVE-2019-1388. An elevation of privilege vulnerability exists in the Windows Certificate Dialog when it does not properly enforce user privileges, aka 'Windows Certificate Dialog Elevation of Privilege Vulnerability'.
FIRST-EPSS: 0.171910000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2019-1388
DESCRIPTION: Exploit Observer has 78 entries related to CVE-2019-1388. An elevation of privilege vulnerability exists in the Windows Certificate Dialog when it does not properly enforce user privileges, aka 'Windows Certificate Dialog Elevation of Privilege Vulnerability'.
FIRST-EPSS: 0.171910000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2023-33625
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2023-33625. D-Link DIR-600 Hardware Version B5, Firmware Version 2.18 was discovered to contain a command injection vulnerability via the ST parameter in the lxmldbc_system() function.
FIRST-EPSS: 0.000850000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2023-33625
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2023-33625. D-Link DIR-600 Hardware Version B5, Firmware Version 2.18 was discovered to contain a command injection vulnerability via the ST parameter in the lxmldbc_system() function.
FIRST-EPSS: 0.000850000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2023-41835
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-41835.
CVE-2023-41835
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-41835.
#ExploitObserverAlert
CVE-2020-15893
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2020-15893. An issue was discovered on D-Link DIR-816L devices 2.x before 1.10b04Beta02. Universal Plug and Play (UPnP) is enabled by default on port 1900. An attacker can perform command injection by injecting a payload into the Search Target (ST) field of the SSDP M-SEARCH discover packet.
FIRST-EPSS: 0.005650000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2020-15893
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2020-15893. An issue was discovered on D-Link DIR-816L devices 2.x before 1.10b04Beta02. Universal Plug and Play (UPnP) is enabled by default on port 1900. An attacker can perform command injection by injecting a payload into the Search Target (ST) field of the SSDP M-SEARCH discover packet.
FIRST-EPSS: 0.005650000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2021-44790
DESCRIPTION: Exploit Observer has 39 entries related to CVE-2021-44790. A carefully crafted request body can cause a buffer overflow in the mod_lua multipart parser (r:parsebody() called from Lua scripts). The Apache httpd team is not aware of an exploit for the vulnerabilty though it might be possible to craft one. This issue affects Apache HTTP Server 2.4.51 and earlier.
FIRST-EPSS: 0.060470000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2021-44790
DESCRIPTION: Exploit Observer has 39 entries related to CVE-2021-44790. A carefully crafted request body can cause a buffer overflow in the mod_lua multipart parser (r:parsebody() called from Lua scripts). The Apache httpd team is not aware of an exploit for the vulnerabilty though it might be possible to craft one. This issue affects Apache HTTP Server 2.4.51 and earlier.
FIRST-EPSS: 0.060470000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
GHSA-j6jv-pgmx-6fp3
DESCRIPTION: Exploit Observer has 1 entries related to GHSA-J6JV-PGMX-6FP3.
GHSS: 9.8
GHSA-j6jv-pgmx-6fp3
DESCRIPTION: Exploit Observer has 1 entries related to GHSA-J6JV-PGMX-6FP3.
GHSS: 9.8
#ExploitObserverAlert
CVE-2019-20215
DESCRIPTION: Exploit Observer has 17 entries related to CVE-2019-20215. D-Link DIR-859 1.05 and 1.06B01 Beta01 devices allow remote attackers to execute arbitrary OS commands via a urn: to the M-SEARCH method in ssdpcgi() in /htdocs/cgibin, because HTTP_ST is mishandled. The value of the urn: service/device is checked with the strstr function, which allows an attacker to concatenate arbitrary commands separated by shell metacharacters.
FIRST-EPSS: 0.945950000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2019-20215
DESCRIPTION: Exploit Observer has 17 entries related to CVE-2019-20215. D-Link DIR-859 1.05 and 1.06B01 Beta01 devices allow remote attackers to execute arbitrary OS commands via a urn: to the M-SEARCH method in ssdpcgi() in /htdocs/cgibin, because HTTP_ST is mishandled. The value of the urn: service/device is checked with the strstr function, which allows an attacker to concatenate arbitrary commands separated by shell metacharacters.
FIRST-EPSS: 0.945950000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2023-48025
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-48025. Liblisp through commit 4c65969 was discovered to contain a out-of-bounds-read vulnerability in unsigned get_length(lisp_cell_t * x) at eval.c
FIRST-EPSS: 0.000840000
NVD-IS: 5.2
NVD-ES: 2.8
CVE-2023-48025
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-48025. Liblisp through commit 4c65969 was discovered to contain a out-of-bounds-read vulnerability in unsigned get_length(lisp_cell_t * x) at eval.c
FIRST-EPSS: 0.000840000
NVD-IS: 5.2
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2014-3120
DESCRIPTION: Exploit Observer has 79 entries related to CVE-2014-3120. The default configuration in Elasticsearch before 1.2 enables dynamic scripting, which allows remote attackers to execute arbitrary MVEL expressions and Java code via the source parameter to _search. NOTE: this only violates the vendor's intended security policy if the user does not run Elasticsearch in its own independent virtual machine.
FIRST-EPSS: 0.530130000
NVD-IS: 6.4
NVD-ES: 8.6
CVE-2014-3120
DESCRIPTION: Exploit Observer has 79 entries related to CVE-2014-3120. The default configuration in Elasticsearch before 1.2 enables dynamic scripting, which allows remote attackers to execute arbitrary MVEL expressions and Java code via the source parameter to _search. NOTE: this only violates the vendor's intended security policy if the user does not run Elasticsearch in its own independent virtual machine.
FIRST-EPSS: 0.530130000
NVD-IS: 6.4
NVD-ES: 8.6
#ExploitObserverAlert
CVE-2023-49105
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-49105. An issue was discovered in ownCloud owncloud/core before 10.13.1. An attacker can access, modify, or delete any file without authentication if the username of a victim is known, and the victim has no signing-key configured. This occurs because pre-signed URLs can be accepted even when no signing-key is configured for the owner of the files. The earliest affected version is 10.6.0.
FIRST-EPSS: 0.000910000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2023-49105
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-49105. An issue was discovered in ownCloud owncloud/core before 10.13.1. An attacker can access, modify, or delete any file without authentication if the username of a victim is known, and the victim has no signing-key configured. This occurs because pre-signed URLs can be accepted even when no signing-key is configured for the owner of the files. The earliest affected version is 10.6.0.
FIRST-EPSS: 0.000910000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2016-3087
DESCRIPTION: Exploit Observer has 29 entries related to CVE-2016-3087. Apache Struts 2.3.19 to 2.3.20.2, 2.3.21 to 2.3.24.1, and 2.3.25 to 2.3.28, when Dynamic Method Invocation is enabled, allow remote attackers to execute arbitrary code via vectors related to an ! (exclamation mark) operator to the REST Plugin.
FIRST-EPSS: 0.439040000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2016-3087
DESCRIPTION: Exploit Observer has 29 entries related to CVE-2016-3087. Apache Struts 2.3.19 to 2.3.20.2, 2.3.21 to 2.3.24.1, and 2.3.25 to 2.3.28, when Dynamic Method Invocation is enabled, allow remote attackers to execute arbitrary code via vectors related to an ! (exclamation mark) operator to the REST Plugin.
FIRST-EPSS: 0.439040000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2018-1270
DESCRIPTION: Exploit Observer has 60 entries related to CVE-2018-1270. Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.15 and older unsupported versions, allow applications to expose STOMP over WebSocket endpoints with a simple, in-memory STOMP broker through the spring-messaging module. A malicious user (or attacker) can craft a message to the broker that can lead to a remote code execution attack.
FIRST-EPSS: 0.859620000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2018-1270
DESCRIPTION: Exploit Observer has 60 entries related to CVE-2018-1270. Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.15 and older unsupported versions, allow applications to expose STOMP over WebSocket endpoints with a simple, in-memory STOMP broker through the spring-messaging module. A malicious user (or attacker) can craft a message to the broker that can lead to a remote code execution attack.
FIRST-EPSS: 0.859620000
NVD-IS: 5.9
NVD-ES: 3.9