#ExploitObserverAlert
CVE-2023-21822
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-21822. Windows Graphics Component Elevation of Privilege Vulnerability
FIRST-EPSS: 0.000490000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2023-21822
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-21822. Windows Graphics Component Elevation of Privilege Vulnerability
FIRST-EPSS: 0.000490000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2023-49103
DESCRIPTION: Exploit Observer has 21 entries related to CVE-2023-49103. An issue was discovered in ownCloud owncloud/graphapi 0.2.x before 0.2.1 and 0.3.x before 0.3.1. The graphapi app relies on a third-party GetPhpInfo.php library that provides a URL. When this URL is accessed, it reveals the configuration details of the PHP environment (phpinfo). This information includes all the environment variables of the webserver. In containerized deployments, these environment variables may include sensitive data such as the ownCloud admin password, mail server credentials, and license key. Simply disabling the graphapi app does not eliminate the vulnerability. Additionally, phpinfo exposes various other potentially sensitive configuration details that could be exploited by an attacker to gather information about the system. Therefore, even if ownCloud is not running in a containerized environment, this vulnerability should still be a cause for concern. Note that Docker containers from before February 2023 are not vulnerable to the credential disclosure.
FIRST-EPSS: 0.163940000
NVD-IS: 3.6
NVD-ES: 3.9
CVE-2023-49103
DESCRIPTION: Exploit Observer has 21 entries related to CVE-2023-49103. An issue was discovered in ownCloud owncloud/graphapi 0.2.x before 0.2.1 and 0.3.x before 0.3.1. The graphapi app relies on a third-party GetPhpInfo.php library that provides a URL. When this URL is accessed, it reveals the configuration details of the PHP environment (phpinfo). This information includes all the environment variables of the webserver. In containerized deployments, these environment variables may include sensitive data such as the ownCloud admin password, mail server credentials, and license key. Simply disabling the graphapi app does not eliminate the vulnerability. Additionally, phpinfo exposes various other potentially sensitive configuration details that could be exploited by an attacker to gather information about the system. Therefore, even if ownCloud is not running in a containerized environment, this vulnerability should still be a cause for concern. Note that Docker containers from before February 2023 are not vulnerable to the credential disclosure.
FIRST-EPSS: 0.163940000
NVD-IS: 3.6
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2017-10271
DESCRIPTION: Exploit Observer has 226 entries related to CVE-2017-10271. Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS Security). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.1.0 and 12.2.1.2.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.0 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).
FIRST-EPSS: 0.974380000
NVD-IS: 3.6
NVD-ES: 3.9
CVE-2017-10271
DESCRIPTION: Exploit Observer has 226 entries related to CVE-2017-10271. Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS Security). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.1.0 and 12.2.1.2.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.0 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).
FIRST-EPSS: 0.974380000
NVD-IS: 3.6
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2017-7525
DESCRIPTION: Exploit Observer has 118 entries related to CVE-2017-7525. A deserialization flaw was discovered in the jackson-databind, versions before 2.6.7.1, 2.7.9.1 and 2.8.9, which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper.
FIRST-EPSS: 0.531310000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2017-7525
DESCRIPTION: Exploit Observer has 118 entries related to CVE-2017-7525. A deserialization flaw was discovered in the jackson-databind, versions before 2.6.7.1, 2.7.9.1 and 2.8.9, which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper.
FIRST-EPSS: 0.531310000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2017-12617
DESCRIPTION: Exploit Observer has 132 entries related to CVE-2017-12617. When running Apache Tomcat versions 9.0.0.M1 to 9.0.0, 8.5.0 to 8.5.22, 8.0.0.RC1 to 8.0.46 and 7.0.0 to 7.0.81 with HTTP PUTs enabled (e.g. via setting the readonly initialisation parameter of the Default servlet to false) it was possible to upload a JSP file to the server via a specially crafted request. This JSP could then be requested and any code it contained would be executed by the server.
FIRST-EPSS: 0.974700000
NVD-IS: 5.9
NVD-ES: 2.2
CVE-2017-12617
DESCRIPTION: Exploit Observer has 132 entries related to CVE-2017-12617. When running Apache Tomcat versions 9.0.0.M1 to 9.0.0, 8.5.0 to 8.5.22, 8.0.0.RC1 to 8.0.46 and 7.0.0 to 7.0.81 with HTTP PUTs enabled (e.g. via setting the readonly initialisation parameter of the Default servlet to false) it was possible to upload a JSP file to the server via a specially crafted request. This JSP could then be requested and any code it contained would be executed by the server.
FIRST-EPSS: 0.974700000
NVD-IS: 5.9
NVD-ES: 2.2
#ExploitObserverAlert
CVE-2022-43295
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2022-43295. XPDF v4.04 was discovered to contain a stack overflow via the function FileStream::copy() at xpdf/Stream.cc:795.
FIRST-EPSS: 0.000440000
NVD-IS: 3.6
NVD-ES: 1.8
CVE-2022-43295
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2022-43295. XPDF v4.04 was discovered to contain a stack overflow via the function FileStream::copy() at xpdf/Stream.cc:795.
FIRST-EPSS: 0.000440000
NVD-IS: 3.6
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2015-1427
DESCRIPTION: Exploit Observer has 81 entries related to CVE-2015-1427. The Groovy scripting engine in Elasticsearch before 1.3.8 and 1.4.x before 1.4.3 allows remote attackers to bypass the sandbox protection mechanism and execute arbitrary shell commands via a crafted script.
FIRST-EPSS: 0.867400000
NVD-IS: 6.4
NVD-ES: 10.0
CVE-2015-1427
DESCRIPTION: Exploit Observer has 81 entries related to CVE-2015-1427. The Groovy scripting engine in Elasticsearch before 1.3.8 and 1.4.x before 1.4.3 allows remote attackers to bypass the sandbox protection mechanism and execute arbitrary shell commands via a crafted script.
FIRST-EPSS: 0.867400000
NVD-IS: 6.4
NVD-ES: 10.0
#ExploitObserverAlert
CVE-2017-17562
DESCRIPTION: Exploit Observer has 35 entries related to CVE-2017-17562. Embedthis GoAhead before 3.6.5 allows remote code execution if CGI is enabled and a CGI program is dynamically linked. This is a result of initializing the environment of forked CGI scripts using untrusted HTTP request parameters in the cgiHandler function in cgi.c. When combined with the glibc dynamic linker, this behaviour can be abused for remote code execution using special parameter names such as LD_PRELOAD. An attacker can POST their shared object payload in the body of the request, and reference it using /proc/self/fd/0.
FIRST-EPSS: 0.974550000
NVD-IS: 5.9
NVD-ES: 2.2
CVE-2017-17562
DESCRIPTION: Exploit Observer has 35 entries related to CVE-2017-17562. Embedthis GoAhead before 3.6.5 allows remote code execution if CGI is enabled and a CGI program is dynamically linked. This is a result of initializing the environment of forked CGI scripts using untrusted HTTP request parameters in the cgiHandler function in cgi.c. When combined with the glibc dynamic linker, this behaviour can be abused for remote code execution using special parameter names such as LD_PRELOAD. An attacker can POST their shared object payload in the body of the request, and reference it using /proc/self/fd/0.
FIRST-EPSS: 0.974550000
NVD-IS: 5.9
NVD-ES: 2.2
#ExploitObserverAlert
CVE-2017-5645
DESCRIPTION: Exploit Observer has 121 entries related to CVE-2017-5645. In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive serialized log events from another application, a specially crafted binary payload can be sent that, when deserialized, can execute arbitrary code.
FIRST-EPSS: 0.819480000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2017-5645
DESCRIPTION: Exploit Observer has 121 entries related to CVE-2017-5645. In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive serialized log events from another application, a specially crafted binary payload can be sent that, when deserialized, can execute arbitrary code.
FIRST-EPSS: 0.819480000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2016-6816
DESCRIPTION: Exploit Observer has 45 entries related to CVE-2016-6816. The code in Apache Tomcat 9.0.0.M1 to 9.0.0.M11, 8.5.0 to 8.5.6, 8.0.0.RC1 to 8.0.38, 7.0.0 to 7.0.72, and 6.0.0 to 6.0.47 that parsed the HTTP request line permitted invalid characters. This could be exploited, in conjunction with a proxy that also permitted the invalid characters but with a different interpretation, to inject data into the HTTP response. By manipulating the HTTP response the attacker could poison a web-cache, perform an XSS attack and/or obtain sensitive information from requests other then their own.
FIRST-EPSS: 0.002620000
NVD-IS: 3.7
NVD-ES: 2.8
CVE-2016-6816
DESCRIPTION: Exploit Observer has 45 entries related to CVE-2016-6816. The code in Apache Tomcat 9.0.0.M1 to 9.0.0.M11, 8.5.0 to 8.5.6, 8.0.0.RC1 to 8.0.38, 7.0.0 to 7.0.72, and 6.0.0 to 6.0.47 that parsed the HTTP request line permitted invalid characters. This could be exploited, in conjunction with a proxy that also permitted the invalid characters but with a different interpretation, to inject data into the HTTP response. By manipulating the HTTP response the attacker could poison a web-cache, perform an XSS attack and/or obtain sensitive information from requests other then their own.
FIRST-EPSS: 0.002620000
NVD-IS: 3.7
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2023-46136
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-46136. Werkzeug is a comprehensive WSGI web application library. If an upload of a file that starts with CR or LF and then is followed by megabytes of data without these characters: all of these bytes are appended chunk by chunk into internal bytearray and lookup for boundary is performed on growing buffer. This allows an attacker to cause a denial of service by sending crafted multipart data to an endpoint that will parse it. The amount of CPU time required can block worker processes from handling legitimate requests. This vulnerability has been patched in version 3.0.1.
FIRST-EPSS: 0.000530000
NVD-IS: 3.6
NVD-ES: 3.9
CVE-2023-46136
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-46136. Werkzeug is a comprehensive WSGI web application library. If an upload of a file that starts with CR or LF and then is followed by megabytes of data without these characters: all of these bytes are appended chunk by chunk into internal bytearray and lookup for boundary is performed on growing buffer. This allows an attacker to cause a denial of service by sending crafted multipart data to an endpoint that will parse it. The amount of CPU time required can block worker processes from handling legitimate requests. This vulnerability has been patched in version 3.0.1.
FIRST-EPSS: 0.000530000
NVD-IS: 3.6
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2017-7494
DESCRIPTION: Exploit Observer has 273 entries related to CVE-2017-7494. Samba since version 3.5.0 and before 4.6.4, 4.5.10 and 4.4.14 is vulnerable to remote code execution vulnerability, allowing a malicious client to upload a shared library to a writable share, and then cause the server to load and execute it.
FIRST-EPSS: 0.972640000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2017-7494
DESCRIPTION: Exploit Observer has 273 entries related to CVE-2017-7494. Samba since version 3.5.0 and before 4.6.4, 4.5.10 and 4.4.14 is vulnerable to remote code execution vulnerability, allowing a malicious client to upload a shared library to a writable share, and then cause the server to load and execute it.
FIRST-EPSS: 0.972640000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
GHSA-wmh6-7xp9-5gh8
DESCRIPTION: Exploit Observer has 3 entries related to GHSA-WMH6-7XP9-5GH8.
GHSS: 8.8
GHSA-wmh6-7xp9-5gh8
DESCRIPTION: Exploit Observer has 3 entries related to GHSA-WMH6-7XP9-5GH8.
GHSS: 8.8
#ExploitObserverAlert
CVE-2018-11776
DESCRIPTION: Exploit Observer has 175 entries related to CVE-2018-11776. Apache Struts versions 2.3 to 2.3.34 and 2.5 to 2.5.16 suffer from possible Remote Code Execution when alwaysSelectFullNamespace is true (either by user or a plugin like Convention Plugin) and then: results are used with no namespace and in same time, its upper package have no or wildcard namespace and similar to results, same possibility when using url tag which doesn't have value and action set and in same time, its upper package have no or wildcard namespace.
FIRST-EPSS: 0.975500000
NVD-IS: 5.9
NVD-ES: 2.2
CVE-2018-11776
DESCRIPTION: Exploit Observer has 175 entries related to CVE-2018-11776. Apache Struts versions 2.3 to 2.3.34 and 2.5 to 2.5.16 suffer from possible Remote Code Execution when alwaysSelectFullNamespace is true (either by user or a plugin like Convention Plugin) and then: results are used with no namespace and in same time, its upper package have no or wildcard namespace and similar to results, same possibility when using url tag which doesn't have value and action set and in same time, its upper package have no or wildcard namespace.
FIRST-EPSS: 0.975500000
NVD-IS: 5.9
NVD-ES: 2.2
#ExploitObserverAlert
CVE-2013-1965
DESCRIPTION: Exploit Observer has 20 entries related to CVE-2013-1965. Apache Struts Showcase App 2.0.0 through 2.3.13, as used in Struts 2 before 2.3.14.3, allows remote attackers to execute arbitrary OGNL code via a crafted parameter name that is not properly handled when invoking a redirect.
FIRST-EPSS: 0.008130000
NVD-IS: 10.0
NVD-ES: 8.6
CVE-2013-1965
DESCRIPTION: Exploit Observer has 20 entries related to CVE-2013-1965. Apache Struts Showcase App 2.0.0 through 2.3.13, as used in Struts 2 before 2.3.14.3, allows remote attackers to execute arbitrary OGNL code via a crafted parameter name that is not properly handled when invoking a redirect.
FIRST-EPSS: 0.008130000
NVD-IS: 10.0
NVD-ES: 8.6
#ExploitObserverAlert
CVE-2013-2186
DESCRIPTION: Exploit Observer has 43 entries related to CVE-2013-2186. The DiskFileItem class in Apache Commons FileUpload, as used in Red Hat JBoss BRMS 5.3.1; JBoss Portal 4.3 CP07, 5.2.2, and 6.0.0; and Red Hat JBoss Web Server 1.0.2 allows remote attackers to write to arbitrary files via a NULL byte in a file name in a serialized instance.
FIRST-EPSS: 0.026810000
NVD-IS: 6.4
NVD-ES: 10.0
CVE-2013-2186
DESCRIPTION: Exploit Observer has 43 entries related to CVE-2013-2186. The DiskFileItem class in Apache Commons FileUpload, as used in Red Hat JBoss BRMS 5.3.1; JBoss Portal 4.3 CP07, 5.2.2, and 6.0.0; and Red Hat JBoss Web Server 1.0.2 allows remote attackers to write to arbitrary files via a NULL byte in a file name in a serialized instance.
FIRST-EPSS: 0.026810000
NVD-IS: 6.4
NVD-ES: 10.0
#ExploitObserverAlert
CVE-2017-9805
DESCRIPTION: Exploit Observer has 148 entries related to CVE-2017-9805. The REST Plugin in Apache Struts 2.1.1 through 2.3.x before 2.3.34 and 2.5.x before 2.5.13 uses an XStreamHandler with an instance of XStream for deserialization without any type filtering, which can lead to Remote Code Execution when deserializing XML payloads.
FIRST-EPSS: 0.975450000
NVD-IS: 5.9
NVD-ES: 2.2
CVE-2017-9805
DESCRIPTION: Exploit Observer has 148 entries related to CVE-2017-9805. The REST Plugin in Apache Struts 2.1.1 through 2.3.x before 2.3.34 and 2.5.x before 2.5.13 uses an XStreamHandler with an instance of XStream for deserialization without any type filtering, which can lead to Remote Code Execution when deserializing XML payloads.
FIRST-EPSS: 0.975450000
NVD-IS: 5.9
NVD-ES: 2.2
#ExploitObserverAlert
CVE-2022-45586
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2022-45586. Stack overflow vulnerability in function Dict::find in xpdf/Dict.cc in xpdf 4.04, allows local attackers to cause a denial of service.
FIRST-EPSS: 0.000440000
NVD-IS: 3.6
NVD-ES: 1.8
CVE-2022-45586
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2022-45586. Stack overflow vulnerability in function Dict::find in xpdf/Dict.cc in xpdf 4.04, allows local attackers to cause a denial of service.
FIRST-EPSS: 0.000440000
NVD-IS: 3.6
NVD-ES: 1.8
#ExploitObserverAlert
GHSA-9xrg-mh99-h5f7
DESCRIPTION: Exploit Observer has 3 entries related to GHSA-9XRG-MH99-H5F7.
GHSS: 9.8
GHSA-9xrg-mh99-h5f7
DESCRIPTION: Exploit Observer has 3 entries related to GHSA-9XRG-MH99-H5F7.
GHSS: 9.8
#ExploitObserverAlert
CVE-2013-0431
DESCRIPTION: Exploit Observer has 26 entries related to CVE-2013-0431. Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, and OpenJDK 7, allows user-assisted remote attackers to bypass the Java security sandbox via unspecified vectors related to JMX, aka "Issue 52," a different vulnerability than CVE-2013-1490.
FIRST-EPSS: 0.974880000
NVD-IS: 2.9
NVD-ES: 10.0
CVE-2013-0431
DESCRIPTION: Exploit Observer has 26 entries related to CVE-2013-0431. Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, and OpenJDK 7, allows user-assisted remote attackers to bypass the Java security sandbox via unspecified vectors related to JMX, aka "Issue 52," a different vulnerability than CVE-2013-1490.
FIRST-EPSS: 0.974880000
NVD-IS: 2.9
NVD-ES: 10.0
#ExploitObserverAlert
CVE-2014-4210
DESCRIPTION: Exploit Observer has 81 entries related to CVE-2014-4210. Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.0.2.0 and 10.3.6.0 allows remote attackers to affect confidentiality via vectors related to WLS - Web Services.
FIRST-EPSS: 0.969550000
NVD-IS: 2.9
NVD-ES: 10.0
CVE-2014-4210
DESCRIPTION: Exploit Observer has 81 entries related to CVE-2014-4210. Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.0.2.0 and 10.3.6.0 allows remote attackers to affect confidentiality via vectors related to WLS - Web Services.
FIRST-EPSS: 0.969550000
NVD-IS: 2.9
NVD-ES: 10.0