#ExploitObserverAlert
CVE-2018-1212
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2018-1212. The web-based diagnostics console in Dell EMC iDRAC6 (Monolithic versions prior to 2.91 and Modular all versions) contains a command injection vulnerability. A remote authenticated malicious iDRAC user with access to the diagnostics console could potentially exploit this vulnerability to execute arbitrary commands as root on the affected iDRAC system.
FIRST-EPSS: 0.001100000
NVD-IS: 5.9
NVD-ES: 2.8
CVE-2018-1212
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2018-1212. The web-based diagnostics console in Dell EMC iDRAC6 (Monolithic versions prior to 2.91 and Modular all versions) contains a command injection vulnerability. A remote authenticated malicious iDRAC user with access to the diagnostics console could potentially exploit this vulnerability to execute arbitrary commands as root on the affected iDRAC system.
FIRST-EPSS: 0.001100000
NVD-IS: 5.9
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2019-1003000
DESCRIPTION: Exploit Observer has 36 entries related to CVE-2019-1003000. A sandbox bypass vulnerability exists in Script Security Plugin 1.49 and earlier in src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/GroovySandbox.java that allows attackers with the ability to provide sandboxed scripts to execute arbitrary code on the Jenkins master JVM.
FIRST-EPSS: 0.836470000
NVD-IS: 5.9
NVD-ES: 2.8
CVE-2019-1003000
DESCRIPTION: Exploit Observer has 36 entries related to CVE-2019-1003000. A sandbox bypass vulnerability exists in Script Security Plugin 1.49 and earlier in src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/GroovySandbox.java that allows attackers with the ability to provide sandboxed scripts to execute arbitrary code on the Jenkins master JVM.
FIRST-EPSS: 0.836470000
NVD-IS: 5.9
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2015-1328
DESCRIPTION: Exploit Observer has 92 entries related to CVE-2015-1328. The overlayfs implementation in the linux (aka Linux kernel) package before 3.19.0-21.21 in Ubuntu through 15.04 does not properly check permissions for file creation in the upper filesystem directory, which allows local users to obtain root access by leveraging a configuration in which overlayfs is permitted in an arbitrary mount namespace.
FIRST-EPSS: 0.000620000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2015-1328
DESCRIPTION: Exploit Observer has 92 entries related to CVE-2015-1328. The overlayfs implementation in the linux (aka Linux kernel) package before 3.19.0-21.21 in Ubuntu through 15.04 does not properly check permissions for file creation in the upper filesystem directory, which allows local users to obtain root access by leveraging a configuration in which overlayfs is permitted in an arbitrary mount namespace.
FIRST-EPSS: 0.000620000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2023-27905
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-27905. Jenkins update-center2 3.13 and 3.14 renders the required Jenkins core version on plugin download index pages without sanitization, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to provide a plugin for hosting.
FIRST-EPSS: 0.000910000
NVD-IS: 6.0
NVD-ES: 2.8
CVE-2023-27905
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-27905. Jenkins update-center2 3.13 and 3.14 renders the required Jenkins core version on plugin download index pages without sanitization, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to provide a plugin for hosting.
FIRST-EPSS: 0.000910000
NVD-IS: 6.0
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2016-5065
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2016-5065. Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 allow Embedded_Ace_Set_Task.cgi command injection.
FIRST-EPSS: 0.012010000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2016-5065
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2016-5065. Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 allow Embedded_Ace_Set_Task.cgi command injection.
FIRST-EPSS: 0.012010000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2015-6033
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2015-6033. Qolsys IQ Panel (aka QOL) before 1.5.1 does not verify the digital signatures of software updates, which allows man-in-the-middle attackers to bypass intended access restrictions via a modified update.
FIRST-EPSS: 0.001110000
NVD-IS: 10.0
NVD-ES: 8.6
CVE-2015-6033
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2015-6033. Qolsys IQ Panel (aka QOL) before 1.5.1 does not verify the digital signatures of software updates, which allows man-in-the-middle attackers to bypass intended access restrictions via a modified update.
FIRST-EPSS: 0.001110000
NVD-IS: 10.0
NVD-ES: 8.6
#ExploitObserverAlert
CVE-2016-1291
DESCRIPTION: Exploit Observer has 12 entries related to CVE-2016-1291. Cisco Prime Infrastructure 1.2.0 through 2.2(2) and Cisco Evolved Programmable Network Manager (EPNM) 1.2 allow remote attackers to execute arbitrary code via crafted deserialized data in an HTTP POST request, aka Bug ID CSCuw03192.
FIRST-EPSS: 0.162760000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2016-1291
DESCRIPTION: Exploit Observer has 12 entries related to CVE-2016-1291. Cisco Prime Infrastructure 1.2.0 through 2.2(2) and Cisco Evolved Programmable Network Manager (EPNM) 1.2 allow remote attackers to execute arbitrary code via crafted deserialized data in an HTTP POST request, aka Bug ID CSCuw03192.
FIRST-EPSS: 0.162760000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2015-8103
DESCRIPTION: Exploit Observer has 66 entries related to CVE-2015-8103. The Jenkins CLI subsystem in Jenkins before 1.638 and LTS before 1.625.2 allows remote attackers to execute arbitrary code via a crafted serialized Java object, related to a problematic webapps/ROOT/WEB-INF/lib/commons-collections-*.jar file and the "Groovy variant in 'ysoserial'".
FIRST-EPSS: 0.393800000
NVD-IS: 6.4
NVD-ES: 10.0
CVE-2015-8103
DESCRIPTION: Exploit Observer has 66 entries related to CVE-2015-8103. The Jenkins CLI subsystem in Jenkins before 1.638 and LTS before 1.625.2 allows remote attackers to execute arbitrary code via a crafted serialized Java object, related to a problematic webapps/ROOT/WEB-INF/lib/commons-collections-*.jar file and the "Groovy variant in 'ysoserial'".
FIRST-EPSS: 0.393800000
NVD-IS: 6.4
NVD-ES: 10.0
#ExploitObserverAlert
CVE-2016-4464
DESCRIPTION: Exploit Observer has 11 entries related to CVE-2016-4464. The application plugins in Apache CXF Fediz 1.2.x before 1.2.3 and 1.3.x before 1.3.1 do not match SAML AudienceRestriction values against configured audience URIs, which might allow remote attackers to have bypass intended restrictions and have unspecified other impact via a crafted SAML token with a trusted signature.
FIRST-EPSS: 0.020320000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2016-4464
DESCRIPTION: Exploit Observer has 11 entries related to CVE-2016-4464. The application plugins in Apache CXF Fediz 1.2.x before 1.2.3 and 1.3.x before 1.3.1 do not match SAML AudienceRestriction values against configured audience URIs, which might allow remote attackers to have bypass intended restrictions and have unspecified other impact via a crafted SAML token with a trusted signature.
FIRST-EPSS: 0.020320000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2007-2447
DESCRIPTION: Exploit Observer has 118 entries related to CVE-2007-2447. The MS-RPC functionality in smbd in Samba 3.0.0 through 3.0.25rc3 allows remote attackers to execute arbitrary commands via shell metacharacters involving the (1) SamrChangePassword function, when the "username map script" smb.conf option is enabled, and allows remote authenticated users to execute commands via shell metacharacters involving other MS-RPC functions in the (2) remote printer and (3) file share management.
FIRST-EPSS: 0.612690000
NVD-IS: 6.4
NVD-ES: 6.8
CVE-2007-2447
DESCRIPTION: Exploit Observer has 118 entries related to CVE-2007-2447. The MS-RPC functionality in smbd in Samba 3.0.0 through 3.0.25rc3 allows remote attackers to execute arbitrary commands via shell metacharacters involving the (1) SamrChangePassword function, when the "username map script" smb.conf option is enabled, and allows remote authenticated users to execute commands via shell metacharacters involving other MS-RPC functions in the (2) remote printer and (3) file share management.
FIRST-EPSS: 0.612690000
NVD-IS: 6.4
NVD-ES: 6.8
#ExploitObserverAlert
CVE-2022-2554
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2022-2554. The Enable Media Replace WordPress plugin before 4.0.0 does not ensure that renamed files are moved to the Upload folder, which could allow high privilege users such as admin to move them outside to the web root directory via a path traversal attack for example
FIRST-EPSS: 0.000580000
NVD-IS: 3.6
NVD-ES: 1.2
CVE-2022-2554
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2022-2554. The Enable Media Replace WordPress plugin before 4.0.0 does not ensure that renamed files are moved to the Upload folder, which could allow high privilege users such as admin to move them outside to the web root directory via a path traversal attack for example
FIRST-EPSS: 0.000580000
NVD-IS: 3.6
NVD-ES: 1.2
#ExploitObserverAlert
CVE-2015-6032
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2015-6032. Qolsys IQ Panel (aka QOL) before 1.5.1 has hardcoded cryptographic keys, which allows remote attackers to create digital signatures for code by leveraging knowledge of a key from a different installation.
FIRST-EPSS: 0.004480000
NVD-IS: 10.0
NVD-ES: 8.6
CVE-2015-6032
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2015-6032. Qolsys IQ Panel (aka QOL) before 1.5.1 has hardcoded cryptographic keys, which allows remote attackers to create digital signatures for code by leveraging knowledge of a key from a different installation.
FIRST-EPSS: 0.004480000
NVD-IS: 10.0
NVD-ES: 8.6
#ExploitObserverAlert
CVE-2015-7501
DESCRIPTION: Exploit Observer has 98 entries related to CVE-2015-7501. Red Hat JBoss A-MQ 6.x; BPM Suite (BPMS) 6.x; BRMS 6.x and 5.x; Data Grid (JDG) 6.x; Data Virtualization (JDV) 6.x and 5.x; Enterprise Application Platform 6.x, 5.x, and 4.3.x; Fuse 6.x; Fuse Service Works (FSW) 6.x; Operations Network (JBoss ON) 3.x; Portal 6.x; SOA Platform (SOA-P) 5.x; Web Server (JWS) 3.x; Red Hat OpenShift/xPAAS 3.x; and Red Hat Subscription Asset Manager 1.3 allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) library.
FIRST-EPSS: 0.010230000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2015-7501
DESCRIPTION: Exploit Observer has 98 entries related to CVE-2015-7501. Red Hat JBoss A-MQ 6.x; BPM Suite (BPMS) 6.x; BRMS 6.x and 5.x; Data Grid (JDG) 6.x; Data Virtualization (JDV) 6.x and 5.x; Enterprise Application Platform 6.x, 5.x, and 4.3.x; Fuse 6.x; Fuse Service Works (FSW) 6.x; Operations Network (JBoss ON) 3.x; Portal 6.x; SOA Platform (SOA-P) 5.x; Web Server (JWS) 3.x; Red Hat OpenShift/xPAAS 3.x; and Red Hat Subscription Asset Manager 1.3 allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) library.
FIRST-EPSS: 0.010230000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2022-2260
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2022-2260. The GiveWP WordPress plugin before 2.21.3 does not have CSRF in place when exporting data, and does not validate the exporting parameters such as dates, which could allow attackers to make a logged in admin DoS the web server via a CSRF attack as the plugin will try to retrieve data from the database many times which leads to overwhelm the target's CPU.
FIRST-EPSS: 0.000530000
NVD-IS: 3.6
NVD-ES: 2.8
CVE-2022-2260
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2022-2260. The GiveWP WordPress plugin before 2.21.3 does not have CSRF in place when exporting data, and does not validate the exporting parameters such as dates, which could allow attackers to make a logged in admin DoS the web server via a CSRF attack as the plugin will try to retrieve data from the database many times which leads to overwhelm the target's CPU.
FIRST-EPSS: 0.000530000
NVD-IS: 3.6
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2015-5622
DESCRIPTION: Exploit Observer has 54 entries related to CVE-2015-5622. Cross-site scripting (XSS) vulnerability in WordPress before 4.2.3 allows remote authenticated users to inject arbitrary web script or HTML by leveraging the Author or Contributor role to place a crafted shortcode inside an HTML element, related to wp-includes/kses.php and wp-includes/shortcodes.php.
FIRST-EPSS: 0.004230000
NVD-IS: 2.9
NVD-ES: 6.8
CVE-2015-5622
DESCRIPTION: Exploit Observer has 54 entries related to CVE-2015-5622. Cross-site scripting (XSS) vulnerability in WordPress before 4.2.3 allows remote authenticated users to inject arbitrary web script or HTML by leveraging the Author or Contributor role to place a crafted shortcode inside an HTML element, related to wp-includes/kses.php and wp-includes/shortcodes.php.
FIRST-EPSS: 0.004230000
NVD-IS: 2.9
NVD-ES: 6.8
#ExploitObserverAlert
CVE-2023-4911
DESCRIPTION: Exploit Observer has 237 entries related to CVE-2023-4911. A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBC_TUNABLES environment variables when launching binaries with SUID permission to execute code with elevated privileges.
FIRST-EPSS: 0.018070000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2023-4911
DESCRIPTION: Exploit Observer has 237 entries related to CVE-2023-4911. A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBC_TUNABLES environment variables when launching binaries with SUID permission to execute code with elevated privileges.
FIRST-EPSS: 0.018070000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2018-14847
DESCRIPTION: Exploit Observer has 73 entries related to CVE-2018-14847. MikroTik RouterOS through 6.42 allows unauthenticated remote attackers to read arbitrary files and remote authenticated attackers to write arbitrary files due to a directory traversal vulnerability in the WinBox interface.
FIRST-EPSS: 0.974830000
NVD-IS: 5.2
NVD-ES: 3.9
CVE-2018-14847
DESCRIPTION: Exploit Observer has 73 entries related to CVE-2018-14847. MikroTik RouterOS through 6.42 allows unauthenticated remote attackers to read arbitrary files and remote authenticated attackers to write arbitrary files due to a directory traversal vulnerability in the WinBox interface.
FIRST-EPSS: 0.974830000
NVD-IS: 5.2
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2019-1003029
DESCRIPTION: Exploit Observer has 20 entries related to CVE-2019-1003029. A sandbox bypass vulnerability exists in Jenkins Script Security Plugin 1.53 and earlier in src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/GroovySandbox.java, src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/SecureGroovyScript.java that allows attackers with Overall/Read permission to execute arbitrary code on the Jenkins master JVM.
FIRST-EPSS: 0.011400000
NVD-IS: 6.0
NVD-ES: 3.1
CVE-2019-1003029
DESCRIPTION: Exploit Observer has 20 entries related to CVE-2019-1003029. A sandbox bypass vulnerability exists in Jenkins Script Security Plugin 1.53 and earlier in src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/GroovySandbox.java, src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/SecureGroovyScript.java that allows attackers with Overall/Read permission to execute arbitrary code on the Jenkins master JVM.
FIRST-EPSS: 0.011400000
NVD-IS: 6.0
NVD-ES: 3.1
#ExploitObserverAlert
CVE-2023-38646
DESCRIPTION: Exploit Observer has 78 entries related to CVE-2023-38646. Metabase open source before 0.46.6.1 and Metabase Enterprise before 1.46.6.1 allow attackers to execute arbitrary commands on the server, at the server's privilege level. Authentication is not required for exploitation. The other fixed versions are 0.45.4.1, 1.45.4.1, 0.44.7.1, 1.44.7.1, 0.43.7.2, and 1.43.7.2.
FIRST-EPSS: 0.604450000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2023-38646
DESCRIPTION: Exploit Observer has 78 entries related to CVE-2023-38646. Metabase open source before 0.46.6.1 and Metabase Enterprise before 1.46.6.1 allow attackers to execute arbitrary commands on the server, at the server's privilege level. Authentication is not required for exploitation. The other fixed versions are 0.45.4.1, 1.45.4.1, 0.44.7.1, 1.44.7.1, 0.43.7.2, and 1.43.7.2.
FIRST-EPSS: 0.604450000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2018-1000861
DESCRIPTION: Exploit Observer has 66 entries related to CVE-2018-1000861. A code execution vulnerability exists in the Stapler web framework used by Jenkins 2.153 and earlier, LTS 2.138.3 and earlier in stapler/core/src/main/java/org/kohsuke/stapler/MetaClass.java that allows attackers to invoke some methods on Java objects by accessing crafted URLs that were not intended to be invoked this way.
FIRST-EPSS: 0.971120000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2018-1000861
DESCRIPTION: Exploit Observer has 66 entries related to CVE-2018-1000861. A code execution vulnerability exists in the Stapler web framework used by Jenkins 2.153 and earlier, LTS 2.138.3 and earlier in stapler/core/src/main/java/org/kohsuke/stapler/MetaClass.java that allows attackers to invoke some methods on Java objects by accessing crafted URLs that were not intended to be invoked this way.
FIRST-EPSS: 0.971120000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2016-5069
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2016-5069. Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 use guessable session tokens, which are in the URL.
FIRST-EPSS: 0.006590000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2016-5069
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2016-5069. Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 use guessable session tokens, which are in the URL.
FIRST-EPSS: 0.006590000
NVD-IS: 5.9
NVD-ES: 3.9