#ExploitObserverAlert
CVE-2017-1261
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2017-1261. IBM Security Guardium 10.0 stores potentially sensitive information in log files that could be read by a local user. IBM X-Force ID: 124736.
FIRST-EPSS: 0.000420000
NVD-IS: 1.4
NVD-ES: 1.8
CVE-2017-1261
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2017-1261. IBM Security Guardium 10.0 stores potentially sensitive information in log files that could be read by a local user. IBM X-Force ID: 124736.
FIRST-EPSS: 0.000420000
NVD-IS: 1.4
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2020-0646
DESCRIPTION: Exploit Observer has 22 entries related to CVE-2020-0646. A remote code execution vulnerability exists when the Microsoft .NET Framework fails to validate input properly, aka '.NET Framework Remote Code Execution Injection Vulnerability'.
FIRST-EPSS: 0.975210000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2020-0646
DESCRIPTION: Exploit Observer has 22 entries related to CVE-2020-0646. A remote code execution vulnerability exists when the Microsoft .NET Framework fails to validate input properly, aka '.NET Framework Remote Code Execution Injection Vulnerability'.
FIRST-EPSS: 0.975210000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2020-8608
DESCRIPTION: Exploit Observer has 12 entries related to CVE-2020-8608. In libslirp 4.1.0, as used in QEMU 4.2.0, tcp_subr.c misuses snprintf return values, leading to a buffer overflow in later code.
FIRST-EPSS: 0.004550000
NVD-IS: 3.4
NVD-ES: 2.2
CVE-2020-8608
DESCRIPTION: Exploit Observer has 12 entries related to CVE-2020-8608. In libslirp 4.1.0, as used in QEMU 4.2.0, tcp_subr.c misuses snprintf return values, leading to a buffer overflow in later code.
FIRST-EPSS: 0.004550000
NVD-IS: 3.4
NVD-ES: 2.2
#ExploitObserverAlert
CVE-2023-42793
DESCRIPTION: Exploit Observer has 19 entries related to CVE-2023-42793. In JetBrains TeamCity before 2023.05.4 authentication bypass leading to RCE on TeamCity Server was possible
FIRST-EPSS: 0.972640000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2023-42793
DESCRIPTION: Exploit Observer has 19 entries related to CVE-2023-42793. In JetBrains TeamCity before 2023.05.4 authentication bypass leading to RCE on TeamCity Server was possible
FIRST-EPSS: 0.972640000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2014-6271
DESCRIPTION: Exploit Observer has 751 entries related to CVE-2014-6271. GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution, aka "ShellShock." NOTE: the original fix for this issue was incorrect; CVE-2014-7169 has been assigned to cover the vulnerability that is still present after the incorrect fix.
FIRST-EPSS: 0.975640000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2014-6271
DESCRIPTION: Exploit Observer has 751 entries related to CVE-2014-6271. GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution, aka "ShellShock." NOTE: the original fix for this issue was incorrect; CVE-2014-7169 has been assigned to cover the vulnerability that is still present after the incorrect fix.
FIRST-EPSS: 0.975640000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2020-13945
DESCRIPTION: Exploit Observer has 19 entries related to CVE-2020-13945. In Apache APISIX, the user enabled the Admin API and deleted the Admin API access IP restriction rules. Eventually, the default token is allowed to access APISIX management data. This affects versions 1.2, 1.3, 1.4, 1.5.
FIRST-EPSS: 0.005580000
NVD-IS: 3.6
NVD-ES: 2.8
CVE-2020-13945
DESCRIPTION: Exploit Observer has 19 entries related to CVE-2020-13945. In Apache APISIX, the user enabled the Admin API and deleted the Admin API access IP restriction rules. Eventually, the default token is allowed to access APISIX management data. This affects versions 1.2, 1.3, 1.4, 1.5.
FIRST-EPSS: 0.005580000
NVD-IS: 3.6
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2020-8793
DESCRIPTION: Exploit Observer has 9 entries related to CVE-2020-8793. OpenSMTPD before 6.6.4 allows local users to read arbitrary files (e.g., on some Linux distributions) because of a combination of an untrusted search path in makemap.c and race conditions in the offline functionality in smtpd.c.
FIRST-EPSS: 0.000530000
NVD-IS: 3.6
NVD-ES: 1.0
CVE-2020-8793
DESCRIPTION: Exploit Observer has 9 entries related to CVE-2020-8793. OpenSMTPD before 6.6.4 allows local users to read arbitrary files (e.g., on some Linux distributions) because of a combination of an untrusted search path in makemap.c and race conditions in the offline functionality in smtpd.c.
FIRST-EPSS: 0.000530000
NVD-IS: 3.6
NVD-ES: 1.0
#ExploitObserverAlert
CVE-2022-40674
DESCRIPTION: Exploit Observer has 28 entries related to CVE-2022-40674. libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c.
FIRST-EPSS: 0.004320000
NVD-IS: 5.9
NVD-ES: 2.2
CVE-2022-40674
DESCRIPTION: Exploit Observer has 28 entries related to CVE-2022-40674. libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c.
FIRST-EPSS: 0.004320000
NVD-IS: 5.9
NVD-ES: 2.2
#ExploitObserverAlert
CVE-2014-3120
DESCRIPTION: Exploit Observer has 80 entries related to CVE-2014-3120. The default configuration in Elasticsearch before 1.2 enables dynamic scripting, which allows remote attackers to execute arbitrary MVEL expressions and Java code via the source parameter to _search. NOTE: this only violates the vendor's intended security policy if the user does not run Elasticsearch in its own independent virtual machine.
FIRST-EPSS: 0.530130000
NVD-IS: 6.4
NVD-ES: 8.6
CVE-2014-3120
DESCRIPTION: Exploit Observer has 80 entries related to CVE-2014-3120. The default configuration in Elasticsearch before 1.2 enables dynamic scripting, which allows remote attackers to execute arbitrary MVEL expressions and Java code via the source parameter to _search. NOTE: this only violates the vendor's intended security policy if the user does not run Elasticsearch in its own independent virtual machine.
FIRST-EPSS: 0.530130000
NVD-IS: 6.4
NVD-ES: 8.6
#ExploitObserverAlert
CVE-2022-42889
DESCRIPTION: Exploit Observer has 161 entries related to CVE-2022-42889. Apache Commons Text performs variable interpolation, allowing properties to be dynamically evaluated and expanded. The standard format for interpolation is "${prefix:name}", where "prefix" is used to locate an instance of org.apache.commons.text.lookup.StringLookup that performs the interpolation. Starting with version 1.5 and continuing through 1.9, the set of default Lookup instances included interpolators that could result in arbitrary code execution or contact with remote servers. These lookups are: - "script" - execute expressions using the JVM script execution engine (javax.script) - "dns" - resolve dns records - "url" - load values from urls, including from remote servers Applications using the interpolation defaults in the affected versions may be vulnerable to remote code execution or unintentional contact with remote servers if untrusted configuration values are used. Users are recommended to upgrade to Apache Commons Text 1.10.0, which disables the problematic interpolators by default.
FIRST-EPSS: 0.612250000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2022-42889
DESCRIPTION: Exploit Observer has 161 entries related to CVE-2022-42889. Apache Commons Text performs variable interpolation, allowing properties to be dynamically evaluated and expanded. The standard format for interpolation is "${prefix:name}", where "prefix" is used to locate an instance of org.apache.commons.text.lookup.StringLookup that performs the interpolation. Starting with version 1.5 and continuing through 1.9, the set of default Lookup instances included interpolators that could result in arbitrary code execution or contact with remote servers. These lookups are: - "script" - execute expressions using the JVM script execution engine (javax.script) - "dns" - resolve dns records - "url" - load values from urls, including from remote servers Applications using the interpolation defaults in the affected versions may be vulnerable to remote code execution or unintentional contact with remote servers if untrusted configuration values are used. Users are recommended to upgrade to Apache Commons Text 1.10.0, which disables the problematic interpolators by default.
FIRST-EPSS: 0.612250000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2020-35852
DESCRIPTION: Exploit Observer has 4 entries related to CVE-2020-35852. Chatbox is affected by cross-site scripting (XSS). An attacker has to upload any XSS payload with SVG, XML file in Chatbox. There is no restriction on file upload in Chatbox which leads to stored XSS.
FIRST-EPSS: 0.001130000
NVD-IS: 2.7
NVD-ES: 2.8
CVE-2020-35852
DESCRIPTION: Exploit Observer has 4 entries related to CVE-2020-35852. Chatbox is affected by cross-site scripting (XSS). An attacker has to upload any XSS payload with SVG, XML file in Chatbox. There is no restriction on file upload in Chatbox which leads to stored XSS.
FIRST-EPSS: 0.001130000
NVD-IS: 2.7
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2023-3390
DESCRIPTION: Exploit Observer has 7 entries related to CVE-2023-3390. A use-after-free vulnerability was found in the Linux kernel's netfilter subsystem in net/netfilter/nf_tables_api.c. Mishandled error handling with NFT_MSG_NEWRULE makes it possible to use a dangling pointer in the same transaction causing a use-after-free vulnerability. This flaw allows a local attacker with user access to cause a privilege escalation issue. We recommend upgrading past commit 1240eb93f0616b21c675416516ff3d74798fdc97.
FIRST-EPSS: 0.000420000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2023-3390
DESCRIPTION: Exploit Observer has 7 entries related to CVE-2023-3390. A use-after-free vulnerability was found in the Linux kernel's netfilter subsystem in net/netfilter/nf_tables_api.c. Mishandled error handling with NFT_MSG_NEWRULE makes it possible to use a dangling pointer in the same transaction causing a use-after-free vulnerability. This flaw allows a local attacker with user access to cause a privilege escalation issue. We recommend upgrading past commit 1240eb93f0616b21c675416516ff3d74798fdc97.
FIRST-EPSS: 0.000420000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2017-8514
DESCRIPTION: Exploit Observer has 30 entries related to CVE-2017-8514. An information disclosure vulnerability exists when Microsoft SharePoint software fails to properly sanitize a specially crafted requests, aka "Microsoft SharePoint Reflective XSS Vulnerability".
FIRST-EPSS: 0.002550000
NVD-IS: 2.7
NVD-ES: 2.3
CVE-2017-8514
DESCRIPTION: Exploit Observer has 30 entries related to CVE-2017-8514. An information disclosure vulnerability exists when Microsoft SharePoint software fails to properly sanitize a specially crafted requests, aka "Microsoft SharePoint Reflective XSS Vulnerability".
FIRST-EPSS: 0.002550000
NVD-IS: 2.7
NVD-ES: 2.3
#ExploitObserverAlert
CVE-2020-36318
DESCRIPTION: Exploit Observer has 4 entries related to CVE-2020-36318. In the standard library in Rust before 1.49.0, VecDeque::make_contiguous has a bug that pops the same element more than once under certain condition. This bug could result in a use-after-free or double free.
FIRST-EPSS: 0.002360000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2020-36318
DESCRIPTION: Exploit Observer has 4 entries related to CVE-2020-36318. In the standard library in Rust before 1.49.0, VecDeque::make_contiguous has a bug that pops the same element more than once under certain condition. This bug could result in a use-after-free or double free.
FIRST-EPSS: 0.002360000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2022-30962
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2022-30962. Jenkins Global Variable String Parameter Plugin 1.2 and earlier does not escape the name and description of Global Variable String parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.
FIRST-EPSS: 0.000770000
NVD-IS: 2.7
NVD-ES: 2.3
CVE-2022-30962
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2022-30962. Jenkins Global Variable String Parameter Plugin 1.2 and earlier does not escape the name and description of Global Variable String parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.
FIRST-EPSS: 0.000770000
NVD-IS: 2.7
NVD-ES: 2.3
#ExploitObserverAlert
CVE-2020-8840
DESCRIPTION: Exploit Observer has 73 entries related to CVE-2020-8840. FasterXML jackson-databind 2.0.0 through 2.9.10.2 lacks certain xbean-reflect/JNDI blocking, as demonstrated by org.apache.xbean.propertyeditor.JndiConverter.
FIRST-EPSS: 0.022860000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2020-8840
DESCRIPTION: Exploit Observer has 73 entries related to CVE-2020-8840. FasterXML jackson-databind 2.0.0 through 2.9.10.2 lacks certain xbean-reflect/JNDI blocking, as demonstrated by org.apache.xbean.propertyeditor.JndiConverter.
FIRST-EPSS: 0.022860000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2020-3992
DESCRIPTION: Exploit Observer has 11 entries related to CVE-2020-3992. OpenSLP as used in VMware ESXi (7.0 before ESXi_7.0.1-0.0.16850804, 6.7 before ESXi670-202010401-SG, 6.5 before ESXi650-202010401-SG) has a use-after-free issue. A malicious actor residing in the management network who has access to port 427 on an ESXi machine may be able to trigger a use-after-free in the OpenSLP service resulting in remote code execution.
FIRST-EPSS: 0.228610000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2020-3992
DESCRIPTION: Exploit Observer has 11 entries related to CVE-2020-3992. OpenSLP as used in VMware ESXi (7.0 before ESXi_7.0.1-0.0.16850804, 6.7 before ESXi670-202010401-SG, 6.5 before ESXi650-202010401-SG) has a use-after-free issue. A malicious actor residing in the management network who has access to port 427 on an ESXi machine may be able to trigger a use-after-free in the OpenSLP service resulting in remote code execution.
FIRST-EPSS: 0.228610000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2023-38831
DESCRIPTION: Exploit Observer has 108 entries related to CVE-2023-38831. RARLAB WinRAR before 6.23 allows attackers to execute arbitrary code when a user attempts to view a benign file within a ZIP archive. The issue occurs because a ZIP archive may include a benign file (such as an ordinary .JPG file) and also a folder that has the same name as the benign file, and the contents of the folder (which may include executable content) are processed during an attempt to access only the benign file. This was exploited in the wild in April through October 2023.
FIRST-EPSS: 0.234040000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2023-38831
DESCRIPTION: Exploit Observer has 108 entries related to CVE-2023-38831. RARLAB WinRAR before 6.23 allows attackers to execute arbitrary code when a user attempts to view a benign file within a ZIP archive. The issue occurs because a ZIP archive may include a benign file (such as an ordinary .JPG file) and also a folder that has the same name as the benign file, and the contents of the folder (which may include executable content) are processed during an attempt to access only the benign file. This was exploited in the wild in April through October 2023.
FIRST-EPSS: 0.234040000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2011-1002
DESCRIPTION: Exploit Observer has 38 entries related to CVE-2011-1002. avahi-core/socket.c in avahi-daemon in Avahi before 0.6.29 allows remote attackers to cause a denial of service (infinite loop) via an empty mDNS (1) IPv4 or (2) IPv6 UDP packet to port 5353. NOTE: this vulnerability exists because of an incorrect fix for CVE-2010-2244.
FIRST-EPSS: 0.612910000
NVD-IS: 2.9
NVD-ES: 10.0
CVE-2011-1002
DESCRIPTION: Exploit Observer has 38 entries related to CVE-2011-1002. avahi-core/socket.c in avahi-daemon in Avahi before 0.6.29 allows remote attackers to cause a denial of service (infinite loop) via an empty mDNS (1) IPv4 or (2) IPv6 UDP packet to port 5353. NOTE: this vulnerability exists because of an incorrect fix for CVE-2010-2244.
FIRST-EPSS: 0.612910000
NVD-IS: 2.9
NVD-ES: 10.0
#ExploitObserverAlert
CVE-2020-7069
DESCRIPTION: Exploit Observer has 14 entries related to CVE-2020-7069. In PHP versions 7.2.x below 7.2.34, 7.3.x below 7.3.23 and 7.4.x below 7.4.11, when AES-CCM mode is used with openssl_encrypt() function with 12 bytes IV, only first 7 bytes of the IV is actually used. This can lead to both decreased security and incorrect encryption data.
FIRST-EPSS: 0.002440000
NVD-IS: 2.5
NVD-ES: 3.9
CVE-2020-7069
DESCRIPTION: Exploit Observer has 14 entries related to CVE-2020-7069. In PHP versions 7.2.x below 7.2.34, 7.3.x below 7.3.23 and 7.4.x below 7.4.11, when AES-CCM mode is used with openssl_encrypt() function with 12 bytes IV, only first 7 bytes of the IV is actually used. This can lead to both decreased security and incorrect encryption data.
FIRST-EPSS: 0.002440000
NVD-IS: 2.5
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2020-36072
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2020-36072. SQL injection vulnerability found in Tailor Management System v.1 allows a remote attacker to execute arbitrary code via the id parameter.
FIRST-EPSS: 0.000600000
NVD-IS: 5.9
NVD-ES: 2.8
CVE-2020-36072
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2020-36072. SQL injection vulnerability found in Tailor Management System v.1 allows a remote attacker to execute arbitrary code via the id parameter.
FIRST-EPSS: 0.000600000
NVD-IS: 5.9
NVD-ES: 2.8