#ExploitObserverAlert
CVE-2017-12149
DESCRIPTION: Exploit Observer has 97 entries related to CVE-2017-12149. In Jboss Application Server as shipped with Red Hat Enterprise Application Platform 5.2, it was found that the doFilter method in the ReadOnlyAccessFilter of the HTTP Invoker does not restrict classes for which it performs deserialization and thus allowing an attacker to execute arbitrary code via crafted serialized data.
FIRST-EPSS: 0.971900000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2017-12149
DESCRIPTION: Exploit Observer has 97 entries related to CVE-2017-12149. In Jboss Application Server as shipped with Red Hat Enterprise Application Platform 5.2, it was found that the doFilter method in the ReadOnlyAccessFilter of the HTTP Invoker does not restrict classes for which it performs deserialization and thus allowing an attacker to execute arbitrary code via crafted serialized data.
FIRST-EPSS: 0.971900000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2018-15982
DESCRIPTION: Exploit Observer has 43 entries related to CVE-2018-15982. Flash Player versions 31.0.0.153 and earlier, and 31.0.0.108 and earlier have a use after free vulnerability. Successful exploitation could lead to arbitrary code execution.
FIRST-EPSS: 0.974200000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2018-15982
DESCRIPTION: Exploit Observer has 43 entries related to CVE-2018-15982. Flash Player versions 31.0.0.153 and earlier, and 31.0.0.108 and earlier have a use after free vulnerability. Successful exploitation could lead to arbitrary code execution.
FIRST-EPSS: 0.974200000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2023-48024
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-48024. Liblisp through commit 4c65969 was discovered to contain a use-after-free vulnerability in void hash_destroy(hash_table_t *h) at hash.c
FIRST-EPSS: 0.000460000
NVD-IS: 3.6
NVD-ES: 2.8
CVE-2023-48024
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-48024. Liblisp through commit 4c65969 was discovered to contain a use-after-free vulnerability in void hash_destroy(hash_table_t *h) at hash.c
FIRST-EPSS: 0.000460000
NVD-IS: 3.6
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2018-7600
DESCRIPTION: Exploit Observer has 253 entries related to CVE-2018-7600. Drupal before 7.58, 8.x before 8.3.9, 8.4.x before 8.4.6, and 8.5.x before 8.5.1 allows remote attackers to execute arbitrary code because of an issue affecting multiple subsystems with default or common module configurations.
FIRST-EPSS: 0.975600000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2018-7600
DESCRIPTION: Exploit Observer has 253 entries related to CVE-2018-7600. Drupal before 7.58, 8.x before 8.3.9, 8.4.x before 8.4.6, and 8.5.x before 8.5.1 allows remote attackers to execute arbitrary code because of an issue affecting multiple subsystems with default or common module configurations.
FIRST-EPSS: 0.975600000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2022-45587
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2022-45587. Stack overflow vulnerability in function gmalloc in goo/gmem.cc in xpdf 4.04, allows local attackers to cause a denial of service.
FIRST-EPSS: 0.000440000
NVD-IS: 3.6
NVD-ES: 1.8
CVE-2022-45587
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2022-45587. Stack overflow vulnerability in function gmalloc in goo/gmem.cc in xpdf 4.04, allows local attackers to cause a denial of service.
FIRST-EPSS: 0.000440000
NVD-IS: 3.6
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2017-4971
DESCRIPTION: Exploit Observer has 26 entries related to CVE-2017-4971. An issue was discovered in Pivotal Spring Web Flow through 2.4.4. Applications that do not change the value of the MvcViewFactoryCreator useSpringBinding property which is disabled by default (i.e., set to 'false') can be vulnerable to malicious EL expressions in view states that process form submissions but do not have a sub-element to declare explicit data binding property mappings.
FIRST-EPSS: 0.259000000
NVD-IS: 3.6
NVD-ES: 2.2
CVE-2017-4971
DESCRIPTION: Exploit Observer has 26 entries related to CVE-2017-4971. An issue was discovered in Pivotal Spring Web Flow through 2.4.4. Applications that do not change the value of the MvcViewFactoryCreator useSpringBinding property which is disabled by default (i.e., set to 'false') can be vulnerable to malicious EL expressions in view states that process form submissions but do not have a sub-element to declare explicit data binding property mappings.
FIRST-EPSS: 0.259000000
NVD-IS: 3.6
NVD-ES: 2.2
#ExploitObserverAlert
CVE-2014-6271
DESCRIPTION: Exploit Observer has 751 entries related to CVE-2014-6271. GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution, aka "ShellShock." NOTE: the original fix for this issue was incorrect; CVE-2014-7169 has been assigned to cover the vulnerability that is still present after the incorrect fix.
FIRST-EPSS: 0.975680000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2014-6271
DESCRIPTION: Exploit Observer has 751 entries related to CVE-2014-6271. GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution, aka "ShellShock." NOTE: the original fix for this issue was incorrect; CVE-2014-7169 has been assigned to cover the vulnerability that is still present after the incorrect fix.
FIRST-EPSS: 0.975680000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2008-4318
DESCRIPTION: Exploit Observer has 11 entries related to CVE-2008-4318. Observer 0.3.2.1 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the query parameter to (1) whois.php or (2) netcmd.php.
FIRST-EPSS: 0.010260000
NVD-IS: 10.0
NVD-ES: 10.0
CVE-2008-4318
DESCRIPTION: Exploit Observer has 11 entries related to CVE-2008-4318. Observer 0.3.2.1 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the query parameter to (1) whois.php or (2) netcmd.php.
FIRST-EPSS: 0.010260000
NVD-IS: 10.0
NVD-ES: 10.0
#ExploitObserverAlert
CVE-2023-21822
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-21822. Windows Graphics Component Elevation of Privilege Vulnerability
FIRST-EPSS: 0.000490000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2023-21822
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-21822. Windows Graphics Component Elevation of Privilege Vulnerability
FIRST-EPSS: 0.000490000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2023-49103
DESCRIPTION: Exploit Observer has 21 entries related to CVE-2023-49103. An issue was discovered in ownCloud owncloud/graphapi 0.2.x before 0.2.1 and 0.3.x before 0.3.1. The graphapi app relies on a third-party GetPhpInfo.php library that provides a URL. When this URL is accessed, it reveals the configuration details of the PHP environment (phpinfo). This information includes all the environment variables of the webserver. In containerized deployments, these environment variables may include sensitive data such as the ownCloud admin password, mail server credentials, and license key. Simply disabling the graphapi app does not eliminate the vulnerability. Additionally, phpinfo exposes various other potentially sensitive configuration details that could be exploited by an attacker to gather information about the system. Therefore, even if ownCloud is not running in a containerized environment, this vulnerability should still be a cause for concern. Note that Docker containers from before February 2023 are not vulnerable to the credential disclosure.
FIRST-EPSS: 0.163940000
NVD-IS: 3.6
NVD-ES: 3.9
CVE-2023-49103
DESCRIPTION: Exploit Observer has 21 entries related to CVE-2023-49103. An issue was discovered in ownCloud owncloud/graphapi 0.2.x before 0.2.1 and 0.3.x before 0.3.1. The graphapi app relies on a third-party GetPhpInfo.php library that provides a URL. When this URL is accessed, it reveals the configuration details of the PHP environment (phpinfo). This information includes all the environment variables of the webserver. In containerized deployments, these environment variables may include sensitive data such as the ownCloud admin password, mail server credentials, and license key. Simply disabling the graphapi app does not eliminate the vulnerability. Additionally, phpinfo exposes various other potentially sensitive configuration details that could be exploited by an attacker to gather information about the system. Therefore, even if ownCloud is not running in a containerized environment, this vulnerability should still be a cause for concern. Note that Docker containers from before February 2023 are not vulnerable to the credential disclosure.
FIRST-EPSS: 0.163940000
NVD-IS: 3.6
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2017-10271
DESCRIPTION: Exploit Observer has 226 entries related to CVE-2017-10271. Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS Security). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.1.0 and 12.2.1.2.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.0 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).
FIRST-EPSS: 0.974380000
NVD-IS: 3.6
NVD-ES: 3.9
CVE-2017-10271
DESCRIPTION: Exploit Observer has 226 entries related to CVE-2017-10271. Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS Security). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.1.0 and 12.2.1.2.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.0 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).
FIRST-EPSS: 0.974380000
NVD-IS: 3.6
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2017-7525
DESCRIPTION: Exploit Observer has 118 entries related to CVE-2017-7525. A deserialization flaw was discovered in the jackson-databind, versions before 2.6.7.1, 2.7.9.1 and 2.8.9, which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper.
FIRST-EPSS: 0.531310000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2017-7525
DESCRIPTION: Exploit Observer has 118 entries related to CVE-2017-7525. A deserialization flaw was discovered in the jackson-databind, versions before 2.6.7.1, 2.7.9.1 and 2.8.9, which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper.
FIRST-EPSS: 0.531310000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2017-12617
DESCRIPTION: Exploit Observer has 132 entries related to CVE-2017-12617. When running Apache Tomcat versions 9.0.0.M1 to 9.0.0, 8.5.0 to 8.5.22, 8.0.0.RC1 to 8.0.46 and 7.0.0 to 7.0.81 with HTTP PUTs enabled (e.g. via setting the readonly initialisation parameter of the Default servlet to false) it was possible to upload a JSP file to the server via a specially crafted request. This JSP could then be requested and any code it contained would be executed by the server.
FIRST-EPSS: 0.974700000
NVD-IS: 5.9
NVD-ES: 2.2
CVE-2017-12617
DESCRIPTION: Exploit Observer has 132 entries related to CVE-2017-12617. When running Apache Tomcat versions 9.0.0.M1 to 9.0.0, 8.5.0 to 8.5.22, 8.0.0.RC1 to 8.0.46 and 7.0.0 to 7.0.81 with HTTP PUTs enabled (e.g. via setting the readonly initialisation parameter of the Default servlet to false) it was possible to upload a JSP file to the server via a specially crafted request. This JSP could then be requested and any code it contained would be executed by the server.
FIRST-EPSS: 0.974700000
NVD-IS: 5.9
NVD-ES: 2.2
#ExploitObserverAlert
CVE-2022-43295
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2022-43295. XPDF v4.04 was discovered to contain a stack overflow via the function FileStream::copy() at xpdf/Stream.cc:795.
FIRST-EPSS: 0.000440000
NVD-IS: 3.6
NVD-ES: 1.8
CVE-2022-43295
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2022-43295. XPDF v4.04 was discovered to contain a stack overflow via the function FileStream::copy() at xpdf/Stream.cc:795.
FIRST-EPSS: 0.000440000
NVD-IS: 3.6
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2015-1427
DESCRIPTION: Exploit Observer has 81 entries related to CVE-2015-1427. The Groovy scripting engine in Elasticsearch before 1.3.8 and 1.4.x before 1.4.3 allows remote attackers to bypass the sandbox protection mechanism and execute arbitrary shell commands via a crafted script.
FIRST-EPSS: 0.867400000
NVD-IS: 6.4
NVD-ES: 10.0
CVE-2015-1427
DESCRIPTION: Exploit Observer has 81 entries related to CVE-2015-1427. The Groovy scripting engine in Elasticsearch before 1.3.8 and 1.4.x before 1.4.3 allows remote attackers to bypass the sandbox protection mechanism and execute arbitrary shell commands via a crafted script.
FIRST-EPSS: 0.867400000
NVD-IS: 6.4
NVD-ES: 10.0
#ExploitObserverAlert
CVE-2017-17562
DESCRIPTION: Exploit Observer has 35 entries related to CVE-2017-17562. Embedthis GoAhead before 3.6.5 allows remote code execution if CGI is enabled and a CGI program is dynamically linked. This is a result of initializing the environment of forked CGI scripts using untrusted HTTP request parameters in the cgiHandler function in cgi.c. When combined with the glibc dynamic linker, this behaviour can be abused for remote code execution using special parameter names such as LD_PRELOAD. An attacker can POST their shared object payload in the body of the request, and reference it using /proc/self/fd/0.
FIRST-EPSS: 0.974550000
NVD-IS: 5.9
NVD-ES: 2.2
CVE-2017-17562
DESCRIPTION: Exploit Observer has 35 entries related to CVE-2017-17562. Embedthis GoAhead before 3.6.5 allows remote code execution if CGI is enabled and a CGI program is dynamically linked. This is a result of initializing the environment of forked CGI scripts using untrusted HTTP request parameters in the cgiHandler function in cgi.c. When combined with the glibc dynamic linker, this behaviour can be abused for remote code execution using special parameter names such as LD_PRELOAD. An attacker can POST their shared object payload in the body of the request, and reference it using /proc/self/fd/0.
FIRST-EPSS: 0.974550000
NVD-IS: 5.9
NVD-ES: 2.2
#ExploitObserverAlert
CVE-2017-5645
DESCRIPTION: Exploit Observer has 121 entries related to CVE-2017-5645. In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive serialized log events from another application, a specially crafted binary payload can be sent that, when deserialized, can execute arbitrary code.
FIRST-EPSS: 0.819480000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2017-5645
DESCRIPTION: Exploit Observer has 121 entries related to CVE-2017-5645. In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive serialized log events from another application, a specially crafted binary payload can be sent that, when deserialized, can execute arbitrary code.
FIRST-EPSS: 0.819480000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2016-6816
DESCRIPTION: Exploit Observer has 45 entries related to CVE-2016-6816. The code in Apache Tomcat 9.0.0.M1 to 9.0.0.M11, 8.5.0 to 8.5.6, 8.0.0.RC1 to 8.0.38, 7.0.0 to 7.0.72, and 6.0.0 to 6.0.47 that parsed the HTTP request line permitted invalid characters. This could be exploited, in conjunction with a proxy that also permitted the invalid characters but with a different interpretation, to inject data into the HTTP response. By manipulating the HTTP response the attacker could poison a web-cache, perform an XSS attack and/or obtain sensitive information from requests other then their own.
FIRST-EPSS: 0.002620000
NVD-IS: 3.7
NVD-ES: 2.8
CVE-2016-6816
DESCRIPTION: Exploit Observer has 45 entries related to CVE-2016-6816. The code in Apache Tomcat 9.0.0.M1 to 9.0.0.M11, 8.5.0 to 8.5.6, 8.0.0.RC1 to 8.0.38, 7.0.0 to 7.0.72, and 6.0.0 to 6.0.47 that parsed the HTTP request line permitted invalid characters. This could be exploited, in conjunction with a proxy that also permitted the invalid characters but with a different interpretation, to inject data into the HTTP response. By manipulating the HTTP response the attacker could poison a web-cache, perform an XSS attack and/or obtain sensitive information from requests other then their own.
FIRST-EPSS: 0.002620000
NVD-IS: 3.7
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2023-46136
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-46136. Werkzeug is a comprehensive WSGI web application library. If an upload of a file that starts with CR or LF and then is followed by megabytes of data without these characters: all of these bytes are appended chunk by chunk into internal bytearray and lookup for boundary is performed on growing buffer. This allows an attacker to cause a denial of service by sending crafted multipart data to an endpoint that will parse it. The amount of CPU time required can block worker processes from handling legitimate requests. This vulnerability has been patched in version 3.0.1.
FIRST-EPSS: 0.000530000
NVD-IS: 3.6
NVD-ES: 3.9
CVE-2023-46136
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-46136. Werkzeug is a comprehensive WSGI web application library. If an upload of a file that starts with CR or LF and then is followed by megabytes of data without these characters: all of these bytes are appended chunk by chunk into internal bytearray and lookup for boundary is performed on growing buffer. This allows an attacker to cause a denial of service by sending crafted multipart data to an endpoint that will parse it. The amount of CPU time required can block worker processes from handling legitimate requests. This vulnerability has been patched in version 3.0.1.
FIRST-EPSS: 0.000530000
NVD-IS: 3.6
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2017-7494
DESCRIPTION: Exploit Observer has 273 entries related to CVE-2017-7494. Samba since version 3.5.0 and before 4.6.4, 4.5.10 and 4.4.14 is vulnerable to remote code execution vulnerability, allowing a malicious client to upload a shared library to a writable share, and then cause the server to load and execute it.
FIRST-EPSS: 0.972640000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2017-7494
DESCRIPTION: Exploit Observer has 273 entries related to CVE-2017-7494. Samba since version 3.5.0 and before 4.6.4, 4.5.10 and 4.4.14 is vulnerable to remote code execution vulnerability, allowing a malicious client to upload a shared library to a writable share, and then cause the server to load and execute it.
FIRST-EPSS: 0.972640000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
GHSA-wmh6-7xp9-5gh8
DESCRIPTION: Exploit Observer has 3 entries related to GHSA-WMH6-7XP9-5GH8.
GHSS: 8.8
GHSA-wmh6-7xp9-5gh8
DESCRIPTION: Exploit Observer has 3 entries related to GHSA-WMH6-7XP9-5GH8.
GHSS: 8.8