#ExploitObserverAlert
CVE-2023-2861
DESCRIPTION: Exploit Observer has 9 entries related to CVE-2023-2861.
FIRST-EPSS: 0.000430000
CVE-2023-2861
DESCRIPTION: Exploit Observer has 9 entries related to CVE-2023-2861.
FIRST-EPSS: 0.000430000
#ExploitObserverAlert
CVE-2023-48123
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-48123.
CVE-2023-48123
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-48123.
#ExploitObserverAlert
CVE-1999-0517
DESCRIPTION: Exploit Observer has 1 entries related to CVE-1999-0517. An SNMP community name is the default (e.g. public), null, or missing.
FIRST-EPSS: 0.454480000
NVD-IS: 6.4
NVD-ES: 10.0
CVE-1999-0517
DESCRIPTION: Exploit Observer has 1 entries related to CVE-1999-0517. An SNMP community name is the default (e.g. public), null, or missing.
FIRST-EPSS: 0.454480000
NVD-IS: 6.4
NVD-ES: 10.0
#ExploitObserverAlert
CVE-1999-0508
DESCRIPTION: Exploit Observer has 2 entries related to CVE-1999-0508. An account on a router, firewall, or other network device has a default, null, blank, or missing password.
FIRST-EPSS: 0.007170000
NVD-IS: 6.4
NVD-ES: 3.9
CVE-1999-0508
DESCRIPTION: Exploit Observer has 2 entries related to CVE-1999-0508. An account on a router, firewall, or other network device has a default, null, blank, or missing password.
FIRST-EPSS: 0.007170000
NVD-IS: 6.4
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2023-39539
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-39539.
CVE-2023-39539
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-39539.
#ExploitObserverAlert
CVE-2017-8529
DESCRIPTION: Exploit Observer has 8 entries related to CVE-2017-8529. Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, and Windows Server 2012 and R2 allow an attacker to detect specific files on the user's computer when affected Microsoft scripting engines do not properly handle objects in memory, aka "Microsoft Browser Information Disclosure Vulnerability".
FIRST-EPSS: 0.002190000
NVD-IS: 3.6
NVD-ES: 2.8
CVE-2017-8529
DESCRIPTION: Exploit Observer has 8 entries related to CVE-2017-8529. Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, and Windows Server 2012 and R2 allow an attacker to detect specific files on the user's computer when affected Microsoft scripting engines do not properly handle objects in memory, aka "Microsoft Browser Information Disclosure Vulnerability".
FIRST-EPSS: 0.002190000
NVD-IS: 3.6
NVD-ES: 2.8
#ExploitObserverAlert
CVE-1999-0516
DESCRIPTION: Exploit Observer has 1 entries related to CVE-1999-0516. An SNMP community name is guessable.
FIRST-EPSS: 0.015000000
NVD-IS: 6.4
NVD-ES: 10.0
CVE-1999-0516
DESCRIPTION: Exploit Observer has 1 entries related to CVE-1999-0516. An SNMP community name is guessable.
FIRST-EPSS: 0.015000000
NVD-IS: 6.4
NVD-ES: 10.0
#ExploitObserverAlert
CVE-2022-0492
DESCRIPTION: Exploit Observer has 56 entries related to CVE-2022-0492. A vulnerability was found in the Linux kernel’s cgroup_release_agent_write in the kernel/cgroup/cgroup-v1.c function. This flaw, under certain circumstances, allows the use of the cgroups v1 release_agent feature to escalate privileges and bypass the namespace isolation unexpectedly.
FIRST-EPSS: 0.000450000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2022-0492
DESCRIPTION: Exploit Observer has 56 entries related to CVE-2022-0492. A vulnerability was found in the Linux kernel’s cgroup_release_agent_write in the kernel/cgroup/cgroup-v1.c function. This flaw, under certain circumstances, allows the use of the cgroups v1 release_agent feature to escalate privileges and bypass the namespace isolation unexpectedly.
FIRST-EPSS: 0.000450000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2023-26136
DESCRIPTION: Exploit Observer has 5 entries related to CVE-2023-26136. Versions of the package tough-cookie before 4.1.3 are vulnerable to Prototype Pollution due to improper handling of Cookies when using CookieJar in rejectPublicSuffixes=false mode. This issue arises from the manner in which the objects are initialized.
FIRST-EPSS: 0.001730000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2023-26136
DESCRIPTION: Exploit Observer has 5 entries related to CVE-2023-26136. Versions of the package tough-cookie before 4.1.3 are vulnerable to Prototype Pollution due to improper handling of Cookies when using CookieJar in rejectPublicSuffixes=false mode. This issue arises from the manner in which the objects are initialized.
FIRST-EPSS: 0.001730000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
GHSA-phhr-cqm7-gjv6
DESCRIPTION: Exploit Observer has 1 entries related to GHSA-PHHR-CQM7-GJV6.
GHSS: 8.8
GHSA-phhr-cqm7-gjv6
DESCRIPTION: Exploit Observer has 1 entries related to GHSA-PHHR-CQM7-GJV6.
GHSS: 8.8
#ExploitObserverAlert
CVE-2022-1026
DESCRIPTION: Exploit Observer has 6 entries related to CVE-2022-1026. Kyocera multifunction printers running vulnerable versions of Net View unintentionally expose sensitive user information, including usernames and passwords, through an insufficiently protected address book export function.
FIRST-EPSS: 0.010110000
NVD-IS: 4.0
NVD-ES: 3.9
CVE-2022-1026
DESCRIPTION: Exploit Observer has 6 entries related to CVE-2022-1026. Kyocera multifunction printers running vulnerable versions of Net View unintentionally expose sensitive user information, including usernames and passwords, through an insufficiently protected address book export function.
FIRST-EPSS: 0.010110000
NVD-IS: 4.0
NVD-ES: 3.9
#ExploitObserverAlert
GHSA-w4pv-p6xf-qc53
DESCRIPTION: Exploit Observer has 119 entries related to GHSA-W4PV-P6XF-QC53.
GHSS: 9.8
GHSA-w4pv-p6xf-qc53
DESCRIPTION: Exploit Observer has 119 entries related to GHSA-W4PV-P6XF-QC53.
GHSS: 9.8
#ExploitObserverAlert
CVE-2017-1000028
DESCRIPTION: Exploit Observer has 10 entries related to CVE-2017-1000028. Oracle, GlassFish Server Open Source Edition 4.1 is vulnerable to both authenticated and unauthenticated Directory Traversal vulnerability, that can be exploited by issuing a specially crafted HTTP GET request.
FIRST-EPSS: 0.975160000
NVD-IS: 3.6
NVD-ES: 3.9
CVE-2017-1000028
DESCRIPTION: Exploit Observer has 10 entries related to CVE-2017-1000028. Oracle, GlassFish Server Open Source Edition 4.1 is vulnerable to both authenticated and unauthenticated Directory Traversal vulnerability, that can be exploited by issuing a specially crafted HTTP GET request.
FIRST-EPSS: 0.975160000
NVD-IS: 3.6
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2023-28432
DESCRIPTION: Exploit Observer has 42 entries related to CVE-2023-28432. Minio is a Multi-Cloud Object Storage framework. In a cluster deployment starting with RELEASE.2019-12-17T23-16-33Z and prior to RELEASE.2023-03-20T20-16-18Z, MinIO returns all environment variables, including `MINIO_SECRET_KEY` and `MINIO_ROOT_PASSWORD`, resulting in information disclosure. All users of distributed deployment are impacted. All users are advised to upgrade to RELEASE.2023-03-20T20-16-18Z.
FIRST-EPSS: 0.156100000
NVD-IS: 3.6
NVD-ES: 3.9
CVE-2023-28432
DESCRIPTION: Exploit Observer has 42 entries related to CVE-2023-28432. Minio is a Multi-Cloud Object Storage framework. In a cluster deployment starting with RELEASE.2019-12-17T23-16-33Z and prior to RELEASE.2023-03-20T20-16-18Z, MinIO returns all environment variables, including `MINIO_SECRET_KEY` and `MINIO_ROOT_PASSWORD`, resulting in information disclosure. All users of distributed deployment are impacted. All users are advised to upgrade to RELEASE.2023-03-20T20-16-18Z.
FIRST-EPSS: 0.156100000
NVD-IS: 3.6
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2023-28017
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-28017.
CVE-2023-28017
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-28017.
#ExploitObserverAlert
CVE-2023-24078
DESCRIPTION: Exploit Observer has 7 entries related to CVE-2023-24078. Real Time Logic FuguHub v8.1 and earlier was discovered to contain a remote code execution (RCE) vulnerability via the component /FuguHub/cmsdocs/.
FIRST-EPSS: 0.003400000
NVD-IS: 5.9
NVD-ES: 2.8
CVE-2023-24078
DESCRIPTION: Exploit Observer has 7 entries related to CVE-2023-24078. Real Time Logic FuguHub v8.1 and earlier was discovered to contain a remote code execution (RCE) vulnerability via the component /FuguHub/cmsdocs/.
FIRST-EPSS: 0.003400000
NVD-IS: 5.9
NVD-ES: 2.8
#ExploitObserverAlert
GHSA-rqpg-32gg-fvxh
DESCRIPTION: Exploit Observer has 2 entries related to GHSA-RQPG-32GG-FVXH.
GHSS: 7.3
GHSA-rqpg-32gg-fvxh
DESCRIPTION: Exploit Observer has 2 entries related to GHSA-RQPG-32GG-FVXH.
GHSS: 7.3
#ExploitObserverAlert
CVE-2022-45362
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2022-45362.
CVE-2022-45362
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2022-45362.
#ExploitObserverAlert
CVE-2010-0738
DESCRIPTION: Exploit Observer has 30 entries related to CVE-2010-0738. The JMX-Console web application in JBossAs in Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.2 before 4.2.0.CP09 and 4.3 before 4.3.0.CP08 performs access control only for the GET and POST methods, which allows remote attackers to send requests to this application's GET handler by using a different method.
FIRST-EPSS: 0.974330000
NVD-IS: 2.9
NVD-ES: 10.0
CVE-2010-0738
DESCRIPTION: Exploit Observer has 30 entries related to CVE-2010-0738. The JMX-Console web application in JBossAs in Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.2 before 4.2.0.CP09 and 4.3 before 4.3.0.CP08 performs access control only for the GET and POST methods, which allows remote attackers to send requests to this application's GET handler by using a different method.
FIRST-EPSS: 0.974330000
NVD-IS: 2.9
NVD-ES: 10.0
#ExploitObserverAlert
CVE-2022-26133
DESCRIPTION: Exploit Observer has 17 entries related to CVE-2022-26133. SharedSecretClusterAuthenticator in Atlassian Bitbucket Data Center versions 5.14.0 and later before 7.6.14, 7.7.0 and later prior to 7.17.6, 7.18.0 and later prior to 7.18.4, 7.19.0 and later prior to 7.19.4, and 7.20.0 allow a remote, unauthenticated attacker to execute arbitrary code via Java deserialization.
FIRST-EPSS: 0.009980000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2022-26133
DESCRIPTION: Exploit Observer has 17 entries related to CVE-2022-26133. SharedSecretClusterAuthenticator in Atlassian Bitbucket Data Center versions 5.14.0 and later before 7.6.14, 7.7.0 and later prior to 7.17.6, 7.18.0 and later prior to 7.18.4, 7.19.0 and later prior to 7.19.4, and 7.20.0 allow a remote, unauthenticated attacker to execute arbitrary code via Java deserialization.
FIRST-EPSS: 0.009980000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2022-41678
DESCRIPTION: Exploit Observer has 4 entries related to CVE-2022-41678. Once an user is authenticated on Jolokia, he can potentially trigger arbitrary code execution. In details, in ActiveMQ configurations, jetty allows org.jolokia.http.AgentServlet to handler request to /api/jolokia org.jolokia.http.HttpRequestHandler
CVE-2022-41678
DESCRIPTION: Exploit Observer has 4 entries related to CVE-2022-41678. Once an user is authenticated on Jolokia, he can potentially trigger arbitrary code execution. In details, in ActiveMQ configurations, jetty allows org.jolokia.http.AgentServlet to handler request to /api/jolokia org.jolokia.http.HttpRequestHandler