#ExploitObserverAlert
CVE-2022-21661
DESCRIPTION: Exploit Observer has 40 entries related to CVE-2022-21661. WordPress is a free and open-source content management system written in PHP and paired with a MariaDB database. Due to improper sanitization in WP_Query, there can be cases where SQL injection is possible through plugins or themes that use it in a certain way. This has been patched in WordPress version 5.8.3. Older affected versions are also fixed via security release, that go back till 3.7.37. We strongly recommend that you keep auto-updates enabled. There are no known workarounds for this vulnerability.
FIRST-EPSS: 0.937320000
NVD-IS: 3.6
NVD-ES: 3.9
CVE-2022-21661
DESCRIPTION: Exploit Observer has 40 entries related to CVE-2022-21661. WordPress is a free and open-source content management system written in PHP and paired with a MariaDB database. Due to improper sanitization in WP_Query, there can be cases where SQL injection is possible through plugins or themes that use it in a certain way. This has been patched in WordPress version 5.8.3. Older affected versions are also fixed via security release, that go back till 3.7.37. We strongly recommend that you keep auto-updates enabled. There are no known workarounds for this vulnerability.
FIRST-EPSS: 0.937320000
NVD-IS: 3.6
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2023-20052
DESCRIPTION: Exploit Observer has 8 entries related to CVE-2023-20052. On Feb 15, 2023, the following vulnerability in the ClamAV scanning library was disclosed: A vulnerability in the DMG file parser of ClamAV versions 1.0.0 and earlier, 0.105.1 and earlier, and 0.103.7 and earlier could allow an unauthenticated, remote attacker to access sensitive information on an affected device. This vulnerability is due to enabling XML entity substitution that may result in XML external entity injection. An attacker could exploit this vulnerability by submitting a crafted DMG file to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to leak bytes from any file that may be read by the ClamAV scanning process.
FIRST-EPSS: 0.000620000
NVD-IS: 1.4
NVD-ES: 3.9
CVE-2023-20052
DESCRIPTION: Exploit Observer has 8 entries related to CVE-2023-20052. On Feb 15, 2023, the following vulnerability in the ClamAV scanning library was disclosed: A vulnerability in the DMG file parser of ClamAV versions 1.0.0 and earlier, 0.105.1 and earlier, and 0.103.7 and earlier could allow an unauthenticated, remote attacker to access sensitive information on an affected device. This vulnerability is due to enabling XML entity substitution that may result in XML external entity injection. An attacker could exploit this vulnerability by submitting a crafted DMG file to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to leak bytes from any file that may be read by the ClamAV scanning process.
FIRST-EPSS: 0.000620000
NVD-IS: 1.4
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2022-3236
DESCRIPTION: Exploit Observer has 17 entries related to CVE-2022-3236. A code injection vulnerability in the User Portal and Webadmin allows a remote attacker to execute code in Sophos Firewall version v19.0 MR1 and older.
FIRST-EPSS: 0.106520000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2022-3236
DESCRIPTION: Exploit Observer has 17 entries related to CVE-2022-3236. A code injection vulnerability in the User Portal and Webadmin allows a remote attacker to execute code in Sophos Firewall version v19.0 MR1 and older.
FIRST-EPSS: 0.106520000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2018-6574
DESCRIPTION: Exploit Observer has 123 entries related to CVE-2018-6574. Go before 1.8.7, Go 1.9.x before 1.9.4, and Go 1.10 pre-releases before Go 1.10rc2 allow "go get" remote command execution during source code build, by leveraging the gcc or clang plugin feature, because -fplugin= and -plugin= arguments were not blocked.
FIRST-EPSS: 0.007250000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2018-6574
DESCRIPTION: Exploit Observer has 123 entries related to CVE-2018-6574. Go before 1.8.7, Go 1.9.x before 1.9.4, and Go 1.10 pre-releases before Go 1.10rc2 allow "go get" remote command execution during source code build, by leveraging the gcc or clang plugin feature, because -fplugin= and -plugin= arguments were not blocked.
FIRST-EPSS: 0.007250000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2020-0760
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2020-0760. A remote code execution vulnerability exists when Microsoft Office improperly loads arbitrary type libraries, aka 'Microsoft Office Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0991.
FIRST-EPSS: 0.037990000
NVD-IS: 5.9
NVD-ES: 2.8
CVE-2020-0760
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2020-0760. A remote code execution vulnerability exists when Microsoft Office improperly loads arbitrary type libraries, aka 'Microsoft Office Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0991.
FIRST-EPSS: 0.037990000
NVD-IS: 5.9
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2023-46604
DESCRIPTION: Exploit Observer has 102 entries related to CVE-2023-46604. The Java OpenWire protocol marshaller is vulnerable to Remote Code Execution. This vulnerability may allow a remote attacker with network access to either a Java-based OpenWire broker or client to run arbitrary shell commands by manipulating serialized class types in the OpenWire protocol to cause either the client or the broker (respectively) to instantiate any class on the classpath. Users are recommended to upgrade both brokers and clients to version 5.15.16, 5.16.7, 5.17.6, or 5.18.3 which fixes this issue.
FIRST-EPSS: 0.968050000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2023-46604
DESCRIPTION: Exploit Observer has 102 entries related to CVE-2023-46604. The Java OpenWire protocol marshaller is vulnerable to Remote Code Execution. This vulnerability may allow a remote attacker with network access to either a Java-based OpenWire broker or client to run arbitrary shell commands by manipulating serialized class types in the OpenWire protocol to cause either the client or the broker (respectively) to instantiate any class on the classpath. Users are recommended to upgrade both brokers and clients to version 5.15.16, 5.16.7, 5.17.6, or 5.18.3 which fixes this issue.
FIRST-EPSS: 0.968050000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2023-0669
DESCRIPTION: Exploit Observer has 28 entries related to CVE-2023-0669. Fortra (formerly, HelpSystems) GoAnywhere MFT suffers from a pre-authentication command injection vulnerability in the License Response Servlet due to deserializing an arbitrary attacker-controlled object. This issue was patched in version 7.1.2.
FIRST-EPSS: 0.966690000
NVD-IS: 5.9
NVD-ES: 1.2
CVE-2023-0669
DESCRIPTION: Exploit Observer has 28 entries related to CVE-2023-0669. Fortra (formerly, HelpSystems) GoAnywhere MFT suffers from a pre-authentication command injection vulnerability in the License Response Servlet due to deserializing an arbitrary attacker-controlled object. This issue was patched in version 7.1.2.
FIRST-EPSS: 0.966690000
NVD-IS: 5.9
NVD-ES: 1.2
#ExploitObserverAlert
CVE-2023-26035
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-26035. ZoneMinder is a free, open source Closed-circuit television software application for Linux which supports IP, USB and Analog cameras. Versions prior to 1.36.33 and 1.37.33 are vulnerable to Unauthenticated Remote Code Execution via Missing Authorization. There are no permissions check on the snapshot action, which expects an id to fetch an existing monitor but can be passed an object to create a new one instead. TriggerOn ends up calling shell_exec using the supplied Id. This issue is fixed in This issue is fixed in versions 1.36.33 and 1.37.33.
FIRST-EPSS: 0.104040000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2023-26035
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-26035. ZoneMinder is a free, open source Closed-circuit television software application for Linux which supports IP, USB and Analog cameras. Versions prior to 1.36.33 and 1.37.33 are vulnerable to Unauthenticated Remote Code Execution via Missing Authorization. There are no permissions check on the snapshot action, which expects an id to fetch an existing monitor but can be passed an object to create a new one instead. TriggerOn ends up calling shell_exec using the supplied Id. This issue is fixed in This issue is fixed in versions 1.36.33 and 1.37.33.
FIRST-EPSS: 0.104040000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2021-39910
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2021-39910. An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.6 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2. GitLab was vulnerable to HTML Injection through the Swagger UI feature.
FIRST-EPSS: 0.000890000
NVD-IS: 1.4
NVD-ES: 2.8
CVE-2021-39910
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2021-39910. An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.6 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2. GitLab was vulnerable to HTML Injection through the Swagger UI feature.
FIRST-EPSS: 0.000890000
NVD-IS: 1.4
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2020-9380
DESCRIPTION: Exploit Observer has 8 entries related to CVE-2020-9380. IPTV Smarters WEB TV PLAYER through 2020-02-22 allows attackers to execute OS commands by uploading a script.
FIRST-EPSS: 0.004190000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2020-9380
DESCRIPTION: Exploit Observer has 8 entries related to CVE-2020-9380. IPTV Smarters WEB TV PLAYER through 2020-02-22 allows attackers to execute OS commands by uploading a script.
FIRST-EPSS: 0.004190000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2021-38297
DESCRIPTION: Exploit Observer has 13 entries related to CVE-2021-38297. Go before 1.16.9 and 1.17.x before 1.17.2 has a Buffer Overflow via large arguments in a function invocation from a WASM module, when GOARCH=wasm GOOS=js is used.
FIRST-EPSS: 0.004300000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2021-38297
DESCRIPTION: Exploit Observer has 13 entries related to CVE-2021-38297. Go before 1.16.9 and 1.17.x before 1.17.2 has a Buffer Overflow via large arguments in a function invocation from a WASM module, when GOARCH=wasm GOOS=js is used.
FIRST-EPSS: 0.004300000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2020-8694
DESCRIPTION: Exploit Observer has 6 entries related to CVE-2020-8694. Insufficient access control in the Linux kernel driver for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
FIRST-EPSS: 0.000450000
NVD-IS: 3.6
NVD-ES: 1.8
CVE-2020-8694
DESCRIPTION: Exploit Observer has 6 entries related to CVE-2020-8694. Insufficient access control in the Linux kernel driver for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
FIRST-EPSS: 0.000450000
NVD-IS: 3.6
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2019-8339
DESCRIPTION: Exploit Observer has 6 entries related to CVE-2019-8339. An issue was discovered in Falco through 0.14.0. A missing indicator for insufficient resources allows local users to bypass the detection engine.
FIRST-EPSS: 0.000420000
NVD-IS: 3.6
NVD-ES: 1.8
CVE-2019-8339
DESCRIPTION: Exploit Observer has 6 entries related to CVE-2019-8339. An issue was discovered in Falco through 0.14.0. A missing indicator for insufficient resources allows local users to bypass the detection engine.
FIRST-EPSS: 0.000420000
NVD-IS: 3.6
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2021-42321
DESCRIPTION: Exploit Observer has 36 entries related to CVE-2021-42321. Microsoft Exchange Server Remote Code Execution Vulnerability
FIRST-EPSS: 0.913120000
NVD-IS: 5.9
NVD-ES: 2.8
CVE-2021-42321
DESCRIPTION: Exploit Observer has 36 entries related to CVE-2021-42321. Microsoft Exchange Server Remote Code Execution Vulnerability
FIRST-EPSS: 0.913120000
NVD-IS: 5.9
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2020-1934
DESCRIPTION: Exploit Observer has 37 entries related to CVE-2020-1934. In Apache HTTP Server 2.4.0 to 2.4.41, mod_proxy_ftp may use uninitialized memory when proxying to a malicious FTP server.
FIRST-EPSS: 0.001320000
NVD-IS: 1.4
NVD-ES: 3.9
CVE-2020-1934
DESCRIPTION: Exploit Observer has 37 entries related to CVE-2020-1934. In Apache HTTP Server 2.4.0 to 2.4.41, mod_proxy_ftp may use uninitialized memory when proxying to a malicious FTP server.
FIRST-EPSS: 0.001320000
NVD-IS: 1.4
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2020-2555
DESCRIPTION: Exploit Observer has 113 entries related to CVE-2020-2555. Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware (component: Caching,CacheStore,Invocation). Supported versions that are affected are 3.7.1.0, 12.1.3.0.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 to compromise Oracle Coherence. Successful attacks of this vulnerability can result in takeover of Oracle Coherence. CVSS 3.0 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).
FIRST-EPSS: 0.965730000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2020-2555
DESCRIPTION: Exploit Observer has 113 entries related to CVE-2020-2555. Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware (component: Caching,CacheStore,Invocation). Supported versions that are affected are 3.7.1.0, 12.1.3.0.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 to compromise Oracle Coherence. Successful attacks of this vulnerability can result in takeover of Oracle Coherence. CVSS 3.0 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).
FIRST-EPSS: 0.965730000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2020-25262
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2020-25262. PyroCMS 3.7 is vulnerable to cross-site request forgery (CSRF) via the admin/pages/delete/ URI: pages will be deleted.
FIRST-EPSS: 0.000990000
NVD-IS: 1.4
NVD-ES: 2.8
CVE-2020-25262
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2020-25262. PyroCMS 3.7 is vulnerable to cross-site request forgery (CSRF) via the admin/pages/delete/ URI: pages will be deleted.
FIRST-EPSS: 0.000990000
NVD-IS: 1.4
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2017-13080
DESCRIPTION: Exploit Observer has 54 entries related to CVE-2017-13080. Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the group key handshake, allowing an attacker within radio range to replay frames from access points to clients.
FIRST-EPSS: 0.003010000
NVD-IS: 3.6
NVD-ES: 1.6
CVE-2017-13080
DESCRIPTION: Exploit Observer has 54 entries related to CVE-2017-13080. Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the group key handshake, allowing an attacker within radio range to replay frames from access points to clients.
FIRST-EPSS: 0.003010000
NVD-IS: 3.6
NVD-ES: 1.6
#ExploitObserverAlert
CVE-2023-41266
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-41266. A path traversal vulnerability found in Qlik Sense Enterprise for Windows for versions May 2023 Patch 3 and earlier, February 2023 Patch 7 and earlier, November 2022 Patch 10 and earlier, and August 2022 Patch 12 and earlier allows an unauthenticated remote attacker to generate an anonymous session. This allows them to transmit HTTP requests to unauthorized endpoints. This is fixed in August 2023 IR, May 2023 Patch 4, February 2023 Patch 8, November 2022 Patch 11, and August 2022 Patch 13.
FIRST-EPSS: 0.526000000
NVD-IS: 2.5
NVD-ES: 3.9
CVE-2023-41266
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-41266. A path traversal vulnerability found in Qlik Sense Enterprise for Windows for versions May 2023 Patch 3 and earlier, February 2023 Patch 7 and earlier, November 2022 Patch 10 and earlier, and August 2022 Patch 12 and earlier allows an unauthenticated remote attacker to generate an anonymous session. This allows them to transmit HTTP requests to unauthorized endpoints. This is fixed in August 2023 IR, May 2023 Patch 4, February 2023 Patch 8, November 2022 Patch 11, and August 2022 Patch 13.
FIRST-EPSS: 0.526000000
NVD-IS: 2.5
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2020-36074
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2020-36074. SQL injection vulnerability found in Tailor Mangement System v.1 allows a remote attacker to execute arbitrary code via the title parameter.
FIRST-EPSS: 0.000600000
NVD-IS: 5.9
NVD-ES: 2.8
CVE-2020-36074
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2020-36074. SQL injection vulnerability found in Tailor Mangement System v.1 allows a remote attacker to execute arbitrary code via the title parameter.
FIRST-EPSS: 0.000600000
NVD-IS: 5.9
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2017-0144
DESCRIPTION: Exploit Observer has 125 entries related to CVE-2017-0144. The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to execute arbitrary code via crafted packets, aka "Windows SMB Remote Code Execution Vulnerability." This vulnerability is different from those described in CVE-2017-0143, CVE-2017-0145, CVE-2017-0146, and CVE-2017-0148.
FIRST-EPSS: 0.974460000
NVD-IS: 5.9
NVD-ES: 2.2
CVE-2017-0144
DESCRIPTION: Exploit Observer has 125 entries related to CVE-2017-0144. The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to execute arbitrary code via crafted packets, aka "Windows SMB Remote Code Execution Vulnerability." This vulnerability is different from those described in CVE-2017-0143, CVE-2017-0145, CVE-2017-0146, and CVE-2017-0148.
FIRST-EPSS: 0.974460000
NVD-IS: 5.9
NVD-ES: 2.2