#ExploitObserverAlert
CVE-2023-3390
DESCRIPTION: Exploit Observer has 7 entries related to CVE-2023-3390. A use-after-free vulnerability was found in the Linux kernel's netfilter subsystem in net/netfilter/nf_tables_api.c. Mishandled error handling with NFT_MSG_NEWRULE makes it possible to use a dangling pointer in the same transaction causing a use-after-free vulnerability. This flaw allows a local attacker with user access to cause a privilege escalation issue. We recommend upgrading past commit 1240eb93f0616b21c675416516ff3d74798fdc97.
FIRST-EPSS: 0.000420000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2023-3390
DESCRIPTION: Exploit Observer has 7 entries related to CVE-2023-3390. A use-after-free vulnerability was found in the Linux kernel's netfilter subsystem in net/netfilter/nf_tables_api.c. Mishandled error handling with NFT_MSG_NEWRULE makes it possible to use a dangling pointer in the same transaction causing a use-after-free vulnerability. This flaw allows a local attacker with user access to cause a privilege escalation issue. We recommend upgrading past commit 1240eb93f0616b21c675416516ff3d74798fdc97.
FIRST-EPSS: 0.000420000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2017-8514
DESCRIPTION: Exploit Observer has 30 entries related to CVE-2017-8514. An information disclosure vulnerability exists when Microsoft SharePoint software fails to properly sanitize a specially crafted requests, aka "Microsoft SharePoint Reflective XSS Vulnerability".
FIRST-EPSS: 0.002550000
NVD-IS: 2.7
NVD-ES: 2.3
CVE-2017-8514
DESCRIPTION: Exploit Observer has 30 entries related to CVE-2017-8514. An information disclosure vulnerability exists when Microsoft SharePoint software fails to properly sanitize a specially crafted requests, aka "Microsoft SharePoint Reflective XSS Vulnerability".
FIRST-EPSS: 0.002550000
NVD-IS: 2.7
NVD-ES: 2.3
#ExploitObserverAlert
CVE-2020-36318
DESCRIPTION: Exploit Observer has 4 entries related to CVE-2020-36318. In the standard library in Rust before 1.49.0, VecDeque::make_contiguous has a bug that pops the same element more than once under certain condition. This bug could result in a use-after-free or double free.
FIRST-EPSS: 0.002360000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2020-36318
DESCRIPTION: Exploit Observer has 4 entries related to CVE-2020-36318. In the standard library in Rust before 1.49.0, VecDeque::make_contiguous has a bug that pops the same element more than once under certain condition. This bug could result in a use-after-free or double free.
FIRST-EPSS: 0.002360000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2022-30962
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2022-30962. Jenkins Global Variable String Parameter Plugin 1.2 and earlier does not escape the name and description of Global Variable String parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.
FIRST-EPSS: 0.000770000
NVD-IS: 2.7
NVD-ES: 2.3
CVE-2022-30962
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2022-30962. Jenkins Global Variable String Parameter Plugin 1.2 and earlier does not escape the name and description of Global Variable String parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.
FIRST-EPSS: 0.000770000
NVD-IS: 2.7
NVD-ES: 2.3
#ExploitObserverAlert
CVE-2020-8840
DESCRIPTION: Exploit Observer has 73 entries related to CVE-2020-8840. FasterXML jackson-databind 2.0.0 through 2.9.10.2 lacks certain xbean-reflect/JNDI blocking, as demonstrated by org.apache.xbean.propertyeditor.JndiConverter.
FIRST-EPSS: 0.022860000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2020-8840
DESCRIPTION: Exploit Observer has 73 entries related to CVE-2020-8840. FasterXML jackson-databind 2.0.0 through 2.9.10.2 lacks certain xbean-reflect/JNDI blocking, as demonstrated by org.apache.xbean.propertyeditor.JndiConverter.
FIRST-EPSS: 0.022860000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2020-3992
DESCRIPTION: Exploit Observer has 11 entries related to CVE-2020-3992. OpenSLP as used in VMware ESXi (7.0 before ESXi_7.0.1-0.0.16850804, 6.7 before ESXi670-202010401-SG, 6.5 before ESXi650-202010401-SG) has a use-after-free issue. A malicious actor residing in the management network who has access to port 427 on an ESXi machine may be able to trigger a use-after-free in the OpenSLP service resulting in remote code execution.
FIRST-EPSS: 0.228610000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2020-3992
DESCRIPTION: Exploit Observer has 11 entries related to CVE-2020-3992. OpenSLP as used in VMware ESXi (7.0 before ESXi_7.0.1-0.0.16850804, 6.7 before ESXi670-202010401-SG, 6.5 before ESXi650-202010401-SG) has a use-after-free issue. A malicious actor residing in the management network who has access to port 427 on an ESXi machine may be able to trigger a use-after-free in the OpenSLP service resulting in remote code execution.
FIRST-EPSS: 0.228610000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2023-38831
DESCRIPTION: Exploit Observer has 108 entries related to CVE-2023-38831. RARLAB WinRAR before 6.23 allows attackers to execute arbitrary code when a user attempts to view a benign file within a ZIP archive. The issue occurs because a ZIP archive may include a benign file (such as an ordinary .JPG file) and also a folder that has the same name as the benign file, and the contents of the folder (which may include executable content) are processed during an attempt to access only the benign file. This was exploited in the wild in April through October 2023.
FIRST-EPSS: 0.234040000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2023-38831
DESCRIPTION: Exploit Observer has 108 entries related to CVE-2023-38831. RARLAB WinRAR before 6.23 allows attackers to execute arbitrary code when a user attempts to view a benign file within a ZIP archive. The issue occurs because a ZIP archive may include a benign file (such as an ordinary .JPG file) and also a folder that has the same name as the benign file, and the contents of the folder (which may include executable content) are processed during an attempt to access only the benign file. This was exploited in the wild in April through October 2023.
FIRST-EPSS: 0.234040000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2011-1002
DESCRIPTION: Exploit Observer has 38 entries related to CVE-2011-1002. avahi-core/socket.c in avahi-daemon in Avahi before 0.6.29 allows remote attackers to cause a denial of service (infinite loop) via an empty mDNS (1) IPv4 or (2) IPv6 UDP packet to port 5353. NOTE: this vulnerability exists because of an incorrect fix for CVE-2010-2244.
FIRST-EPSS: 0.612910000
NVD-IS: 2.9
NVD-ES: 10.0
CVE-2011-1002
DESCRIPTION: Exploit Observer has 38 entries related to CVE-2011-1002. avahi-core/socket.c in avahi-daemon in Avahi before 0.6.29 allows remote attackers to cause a denial of service (infinite loop) via an empty mDNS (1) IPv4 or (2) IPv6 UDP packet to port 5353. NOTE: this vulnerability exists because of an incorrect fix for CVE-2010-2244.
FIRST-EPSS: 0.612910000
NVD-IS: 2.9
NVD-ES: 10.0
#ExploitObserverAlert
CVE-2020-7069
DESCRIPTION: Exploit Observer has 14 entries related to CVE-2020-7069. In PHP versions 7.2.x below 7.2.34, 7.3.x below 7.3.23 and 7.4.x below 7.4.11, when AES-CCM mode is used with openssl_encrypt() function with 12 bytes IV, only first 7 bytes of the IV is actually used. This can lead to both decreased security and incorrect encryption data.
FIRST-EPSS: 0.002440000
NVD-IS: 2.5
NVD-ES: 3.9
CVE-2020-7069
DESCRIPTION: Exploit Observer has 14 entries related to CVE-2020-7069. In PHP versions 7.2.x below 7.2.34, 7.3.x below 7.3.23 and 7.4.x below 7.4.11, when AES-CCM mode is used with openssl_encrypt() function with 12 bytes IV, only first 7 bytes of the IV is actually used. This can lead to both decreased security and incorrect encryption data.
FIRST-EPSS: 0.002440000
NVD-IS: 2.5
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2020-36072
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2020-36072. SQL injection vulnerability found in Tailor Management System v.1 allows a remote attacker to execute arbitrary code via the id parameter.
FIRST-EPSS: 0.000600000
NVD-IS: 5.9
NVD-ES: 2.8
CVE-2020-36072
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2020-36072. SQL injection vulnerability found in Tailor Management System v.1 allows a remote attacker to execute arbitrary code via the id parameter.
FIRST-EPSS: 0.000600000
NVD-IS: 5.9
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2020-35854
DESCRIPTION: Exploit Observer has 4 entries related to CVE-2020-35854. Textpattern 4.8.4 is affected by cross-site scripting (XSS) in the Body parameter.
FIRST-EPSS: 0.000670000
NVD-IS: 2.7
NVD-ES: 1.7
CVE-2020-35854
DESCRIPTION: Exploit Observer has 4 entries related to CVE-2020-35854. Textpattern 4.8.4 is affected by cross-site scripting (XSS) in the Body parameter.
FIRST-EPSS: 0.000670000
NVD-IS: 2.7
NVD-ES: 1.7
#ExploitObserverAlert
CVE-2020-9496
DESCRIPTION: Exploit Observer has 50 entries related to CVE-2020-9496. XML-RPC request are vulnerable to unsafe deserialization and Cross-Site Scripting issues in Apache OFBiz 17.12.03
FIRST-EPSS: 0.973380000
NVD-IS: 2.7
NVD-ES: 2.8
CVE-2020-9496
DESCRIPTION: Exploit Observer has 50 entries related to CVE-2020-9496. XML-RPC request are vulnerable to unsafe deserialization and Cross-Site Scripting issues in Apache OFBiz 17.12.03
FIRST-EPSS: 0.973380000
NVD-IS: 2.7
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2017-0145
DESCRIPTION: Exploit Observer has 75 entries related to CVE-2017-0145. The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to execute arbitrary code via crafted packets, aka "Windows SMB Remote Code Execution Vulnerability." This vulnerability is different from those described in CVE-2017-0143, CVE-2017-0144, CVE-2017-0146, and CVE-2017-0148.
FIRST-EPSS: 0.972700000
NVD-IS: 5.9
NVD-ES: 2.2
CVE-2017-0145
DESCRIPTION: Exploit Observer has 75 entries related to CVE-2017-0145. The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to execute arbitrary code via crafted packets, aka "Windows SMB Remote Code Execution Vulnerability." This vulnerability is different from those described in CVE-2017-0143, CVE-2017-0144, CVE-2017-0146, and CVE-2017-0148.
FIRST-EPSS: 0.972700000
NVD-IS: 5.9
NVD-ES: 2.2
#ExploitObserverAlert
CVE-2020-5725
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2020-5725. The Grandstream UCM6200 series before 1.0.20.22 is vulnerable to an SQL injection via the HTTP server's websockify endpoint. A remote unauthenticated attacker can invoke the login action with a crafted username and, through the use of timing attacks, can discover user passwords.
FIRST-EPSS: 0.002550000
NVD-IS: 3.6
NVD-ES: 2.2
CVE-2020-5725
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2020-5725. The Grandstream UCM6200 series before 1.0.20.22 is vulnerable to an SQL injection via the HTTP server's websockify endpoint. A remote unauthenticated attacker can invoke the login action with a crafted username and, through the use of timing attacks, can discover user passwords.
FIRST-EPSS: 0.002550000
NVD-IS: 3.6
NVD-ES: 2.2
#ExploitObserverAlert
CVE-2017-8628
DESCRIPTION: Exploit Observer has 10 entries related to CVE-2017-8628. Microsoft Bluetooth Driver in Windows Server 2008 SP2, Windows 7 SP1, Windows 8.1, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703 allows a spoofing vulnerability due to Microsoft's implementation of the Bluetooth stack, aka "Microsoft Bluetooth Driver Spoofing Vulnerability".
FIRST-EPSS: 0.001170000
NVD-IS: 5.2
NVD-ES: 1.6
CVE-2017-8628
DESCRIPTION: Exploit Observer has 10 entries related to CVE-2017-8628. Microsoft Bluetooth Driver in Windows Server 2008 SP2, Windows 7 SP1, Windows 8.1, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703 allows a spoofing vulnerability due to Microsoft's implementation of the Bluetooth stack, aka "Microsoft Bluetooth Driver Spoofing Vulnerability".
FIRST-EPSS: 0.001170000
NVD-IS: 5.2
NVD-ES: 1.6
#ExploitObserverAlert
CVE-2021-3560
DESCRIPTION: Exploit Observer has 120 entries related to CVE-2021-3560. It was found that polkit could be tricked into bypassing the credential checks for D-Bus requests, elevating the privileges of the requestor to the root user. This flaw could be used by an unprivileged local attacker to, for example, create a new local administrator. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
FIRST-EPSS: 0.011770000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2021-3560
DESCRIPTION: Exploit Observer has 120 entries related to CVE-2021-3560. It was found that polkit could be tricked into bypassing the credential checks for D-Bus requests, elevating the privileges of the requestor to the root user. This flaw could be used by an unprivileged local attacker to, for example, create a new local administrator. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
FIRST-EPSS: 0.011770000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2017-12439
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2017-12439. SocuSoft Flash Slideshow Maker Professional through v5.20, when the advanced configuration is used, has an xml_path HTTP parameter that trusts user-supplied input, in conjunction with an unsafe XML configuration file. This has resultant content forgery, cross site scripting, and unvalidated redirection issues.
FIRST-EPSS: 0.001180000
NVD-IS: 5.9
NVD-ES: 1.6
CVE-2017-12439
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2017-12439. SocuSoft Flash Slideshow Maker Professional through v5.20, when the advanced configuration is used, has an xml_path HTTP parameter that trusts user-supplied input, in conjunction with an unsafe XML configuration file. This has resultant content forgery, cross site scripting, and unvalidated redirection issues.
FIRST-EPSS: 0.001180000
NVD-IS: 5.9
NVD-ES: 1.6
#ExploitObserverAlert
CVE-2020-6287
DESCRIPTION: Exploit Observer has 45 entries related to CVE-2020-6287. SAP NetWeaver AS JAVA (LM Configuration Wizard), versions - 7.30, 7.31, 7.40, 7.50, does not perform an authentication check which allows an attacker without prior authentication to execute configuration tasks to perform critical actions against the SAP Java system, including the ability to create an administrative user, and therefore compromising Confidentiality, Integrity and Availability of the system, leading to Missing Authentication Check.
FIRST-EPSS: 0.972740000
NVD-IS: 6.0
NVD-ES: 3.9
CVE-2020-6287
DESCRIPTION: Exploit Observer has 45 entries related to CVE-2020-6287. SAP NetWeaver AS JAVA (LM Configuration Wizard), versions - 7.30, 7.31, 7.40, 7.50, does not perform an authentication check which allows an attacker without prior authentication to execute configuration tasks to perform critical actions against the SAP Java system, including the ability to create an administrative user, and therefore compromising Confidentiality, Integrity and Availability of the system, leading to Missing Authentication Check.
FIRST-EPSS: 0.972740000
NVD-IS: 6.0
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2017-5689
DESCRIPTION: Exploit Observer has 82 entries related to CVE-2017-5689. An unprivileged network attacker could gain system privileges to provisioned Intel manageability SKUs: Intel Active Management Technology (AMT) and Intel Standard Manageability (ISM). An unprivileged local attacker could provision manageability features gaining unprivileged network or local system privileges on Intel manageability SKUs: Intel Active Management Technology (AMT), Intel Standard Manageability (ISM), and Intel Small Business Technology (SBT).
FIRST-EPSS: 0.974160000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2017-5689
DESCRIPTION: Exploit Observer has 82 entries related to CVE-2017-5689. An unprivileged network attacker could gain system privileges to provisioned Intel manageability SKUs: Intel Active Management Technology (AMT) and Intel Standard Manageability (ISM). An unprivileged local attacker could provision manageability features gaining unprivileged network or local system privileges on Intel manageability SKUs: Intel Active Management Technology (AMT), Intel Standard Manageability (ISM), and Intel Small Business Technology (SBT).
FIRST-EPSS: 0.974160000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2020-8554
DESCRIPTION: Exploit Observer has 45 entries related to CVE-2020-8554. Kubernetes API server in all versions allow an attacker who is able to create a ClusterIP service and set the spec.externalIPs field, to intercept traffic to that IP address. Additionally, an attacker who is able to patch the status (which is considered a privileged operation and should not typically be granted to users) of a LoadBalancer service can set the status.loadBalancer.ingress.ip to similar effect.
FIRST-EPSS: 0.002380000
NVD-IS: 3.4
NVD-ES: 1.6
CVE-2020-8554
DESCRIPTION: Exploit Observer has 45 entries related to CVE-2020-8554. Kubernetes API server in all versions allow an attacker who is able to create a ClusterIP service and set the spec.externalIPs field, to intercept traffic to that IP address. Additionally, an attacker who is able to patch the status (which is considered a privileged operation and should not typically be granted to users) of a LoadBalancer service can set the status.loadBalancer.ingress.ip to similar effect.
FIRST-EPSS: 0.002380000
NVD-IS: 3.4
NVD-ES: 1.6
#ExploitObserverAlert
CVE-2020-10213
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2020-10213. An issue was discovered on D-Link DIR-825 Rev.B 2.10 devices. They allow remote attackers to execute arbitrary commands via the wps_sta_enrollee_pin parameter in a set_sta_enrollee_pin.cgi POST request. TRENDnet TEW-632BRP 1.010B32 is also affected.
FIRST-EPSS: 0.003270000
NVD-IS: 5.9
NVD-ES: 2.8
CVE-2020-10213
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2020-10213. An issue was discovered on D-Link DIR-825 Rev.B 2.10 devices. They allow remote attackers to execute arbitrary commands via the wps_sta_enrollee_pin parameter in a set_sta_enrollee_pin.cgi POST request. TRENDnet TEW-632BRP 1.010B32 is also affected.
FIRST-EPSS: 0.003270000
NVD-IS: 5.9
NVD-ES: 2.8