#ExploitObserverAlert
CVE-2020-36072
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2020-36072. SQL injection vulnerability found in Tailor Management System v.1 allows a remote attacker to execute arbitrary code via the id parameter.
FIRST-EPSS: 0.000600000
NVD-IS: 5.9
NVD-ES: 2.8
CVE-2020-36072
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2020-36072. SQL injection vulnerability found in Tailor Management System v.1 allows a remote attacker to execute arbitrary code via the id parameter.
FIRST-EPSS: 0.000600000
NVD-IS: 5.9
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2020-35854
DESCRIPTION: Exploit Observer has 4 entries related to CVE-2020-35854. Textpattern 4.8.4 is affected by cross-site scripting (XSS) in the Body parameter.
FIRST-EPSS: 0.000670000
NVD-IS: 2.7
NVD-ES: 1.7
CVE-2020-35854
DESCRIPTION: Exploit Observer has 4 entries related to CVE-2020-35854. Textpattern 4.8.4 is affected by cross-site scripting (XSS) in the Body parameter.
FIRST-EPSS: 0.000670000
NVD-IS: 2.7
NVD-ES: 1.7
#ExploitObserverAlert
CVE-2020-9496
DESCRIPTION: Exploit Observer has 50 entries related to CVE-2020-9496. XML-RPC request are vulnerable to unsafe deserialization and Cross-Site Scripting issues in Apache OFBiz 17.12.03
FIRST-EPSS: 0.973380000
NVD-IS: 2.7
NVD-ES: 2.8
CVE-2020-9496
DESCRIPTION: Exploit Observer has 50 entries related to CVE-2020-9496. XML-RPC request are vulnerable to unsafe deserialization and Cross-Site Scripting issues in Apache OFBiz 17.12.03
FIRST-EPSS: 0.973380000
NVD-IS: 2.7
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2017-0145
DESCRIPTION: Exploit Observer has 75 entries related to CVE-2017-0145. The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to execute arbitrary code via crafted packets, aka "Windows SMB Remote Code Execution Vulnerability." This vulnerability is different from those described in CVE-2017-0143, CVE-2017-0144, CVE-2017-0146, and CVE-2017-0148.
FIRST-EPSS: 0.972700000
NVD-IS: 5.9
NVD-ES: 2.2
CVE-2017-0145
DESCRIPTION: Exploit Observer has 75 entries related to CVE-2017-0145. The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to execute arbitrary code via crafted packets, aka "Windows SMB Remote Code Execution Vulnerability." This vulnerability is different from those described in CVE-2017-0143, CVE-2017-0144, CVE-2017-0146, and CVE-2017-0148.
FIRST-EPSS: 0.972700000
NVD-IS: 5.9
NVD-ES: 2.2
#ExploitObserverAlert
CVE-2020-5725
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2020-5725. The Grandstream UCM6200 series before 1.0.20.22 is vulnerable to an SQL injection via the HTTP server's websockify endpoint. A remote unauthenticated attacker can invoke the login action with a crafted username and, through the use of timing attacks, can discover user passwords.
FIRST-EPSS: 0.002550000
NVD-IS: 3.6
NVD-ES: 2.2
CVE-2020-5725
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2020-5725. The Grandstream UCM6200 series before 1.0.20.22 is vulnerable to an SQL injection via the HTTP server's websockify endpoint. A remote unauthenticated attacker can invoke the login action with a crafted username and, through the use of timing attacks, can discover user passwords.
FIRST-EPSS: 0.002550000
NVD-IS: 3.6
NVD-ES: 2.2
#ExploitObserverAlert
CVE-2017-8628
DESCRIPTION: Exploit Observer has 10 entries related to CVE-2017-8628. Microsoft Bluetooth Driver in Windows Server 2008 SP2, Windows 7 SP1, Windows 8.1, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703 allows a spoofing vulnerability due to Microsoft's implementation of the Bluetooth stack, aka "Microsoft Bluetooth Driver Spoofing Vulnerability".
FIRST-EPSS: 0.001170000
NVD-IS: 5.2
NVD-ES: 1.6
CVE-2017-8628
DESCRIPTION: Exploit Observer has 10 entries related to CVE-2017-8628. Microsoft Bluetooth Driver in Windows Server 2008 SP2, Windows 7 SP1, Windows 8.1, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703 allows a spoofing vulnerability due to Microsoft's implementation of the Bluetooth stack, aka "Microsoft Bluetooth Driver Spoofing Vulnerability".
FIRST-EPSS: 0.001170000
NVD-IS: 5.2
NVD-ES: 1.6
#ExploitObserverAlert
CVE-2021-3560
DESCRIPTION: Exploit Observer has 120 entries related to CVE-2021-3560. It was found that polkit could be tricked into bypassing the credential checks for D-Bus requests, elevating the privileges of the requestor to the root user. This flaw could be used by an unprivileged local attacker to, for example, create a new local administrator. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
FIRST-EPSS: 0.011770000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2021-3560
DESCRIPTION: Exploit Observer has 120 entries related to CVE-2021-3560. It was found that polkit could be tricked into bypassing the credential checks for D-Bus requests, elevating the privileges of the requestor to the root user. This flaw could be used by an unprivileged local attacker to, for example, create a new local administrator. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
FIRST-EPSS: 0.011770000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2017-12439
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2017-12439. SocuSoft Flash Slideshow Maker Professional through v5.20, when the advanced configuration is used, has an xml_path HTTP parameter that trusts user-supplied input, in conjunction with an unsafe XML configuration file. This has resultant content forgery, cross site scripting, and unvalidated redirection issues.
FIRST-EPSS: 0.001180000
NVD-IS: 5.9
NVD-ES: 1.6
CVE-2017-12439
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2017-12439. SocuSoft Flash Slideshow Maker Professional through v5.20, when the advanced configuration is used, has an xml_path HTTP parameter that trusts user-supplied input, in conjunction with an unsafe XML configuration file. This has resultant content forgery, cross site scripting, and unvalidated redirection issues.
FIRST-EPSS: 0.001180000
NVD-IS: 5.9
NVD-ES: 1.6
#ExploitObserverAlert
CVE-2020-6287
DESCRIPTION: Exploit Observer has 45 entries related to CVE-2020-6287. SAP NetWeaver AS JAVA (LM Configuration Wizard), versions - 7.30, 7.31, 7.40, 7.50, does not perform an authentication check which allows an attacker without prior authentication to execute configuration tasks to perform critical actions against the SAP Java system, including the ability to create an administrative user, and therefore compromising Confidentiality, Integrity and Availability of the system, leading to Missing Authentication Check.
FIRST-EPSS: 0.972740000
NVD-IS: 6.0
NVD-ES: 3.9
CVE-2020-6287
DESCRIPTION: Exploit Observer has 45 entries related to CVE-2020-6287. SAP NetWeaver AS JAVA (LM Configuration Wizard), versions - 7.30, 7.31, 7.40, 7.50, does not perform an authentication check which allows an attacker without prior authentication to execute configuration tasks to perform critical actions against the SAP Java system, including the ability to create an administrative user, and therefore compromising Confidentiality, Integrity and Availability of the system, leading to Missing Authentication Check.
FIRST-EPSS: 0.972740000
NVD-IS: 6.0
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2017-5689
DESCRIPTION: Exploit Observer has 82 entries related to CVE-2017-5689. An unprivileged network attacker could gain system privileges to provisioned Intel manageability SKUs: Intel Active Management Technology (AMT) and Intel Standard Manageability (ISM). An unprivileged local attacker could provision manageability features gaining unprivileged network or local system privileges on Intel manageability SKUs: Intel Active Management Technology (AMT), Intel Standard Manageability (ISM), and Intel Small Business Technology (SBT).
FIRST-EPSS: 0.974160000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2017-5689
DESCRIPTION: Exploit Observer has 82 entries related to CVE-2017-5689. An unprivileged network attacker could gain system privileges to provisioned Intel manageability SKUs: Intel Active Management Technology (AMT) and Intel Standard Manageability (ISM). An unprivileged local attacker could provision manageability features gaining unprivileged network or local system privileges on Intel manageability SKUs: Intel Active Management Technology (AMT), Intel Standard Manageability (ISM), and Intel Small Business Technology (SBT).
FIRST-EPSS: 0.974160000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2020-8554
DESCRIPTION: Exploit Observer has 45 entries related to CVE-2020-8554. Kubernetes API server in all versions allow an attacker who is able to create a ClusterIP service and set the spec.externalIPs field, to intercept traffic to that IP address. Additionally, an attacker who is able to patch the status (which is considered a privileged operation and should not typically be granted to users) of a LoadBalancer service can set the status.loadBalancer.ingress.ip to similar effect.
FIRST-EPSS: 0.002380000
NVD-IS: 3.4
NVD-ES: 1.6
CVE-2020-8554
DESCRIPTION: Exploit Observer has 45 entries related to CVE-2020-8554. Kubernetes API server in all versions allow an attacker who is able to create a ClusterIP service and set the spec.externalIPs field, to intercept traffic to that IP address. Additionally, an attacker who is able to patch the status (which is considered a privileged operation and should not typically be granted to users) of a LoadBalancer service can set the status.loadBalancer.ingress.ip to similar effect.
FIRST-EPSS: 0.002380000
NVD-IS: 3.4
NVD-ES: 1.6
#ExploitObserverAlert
CVE-2020-10213
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2020-10213. An issue was discovered on D-Link DIR-825 Rev.B 2.10 devices. They allow remote attackers to execute arbitrary commands via the wps_sta_enrollee_pin parameter in a set_sta_enrollee_pin.cgi POST request. TRENDnet TEW-632BRP 1.010B32 is also affected.
FIRST-EPSS: 0.003270000
NVD-IS: 5.9
NVD-ES: 2.8
CVE-2020-10213
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2020-10213. An issue was discovered on D-Link DIR-825 Rev.B 2.10 devices. They allow remote attackers to execute arbitrary commands via the wps_sta_enrollee_pin parameter in a set_sta_enrollee_pin.cgi POST request. TRENDnet TEW-632BRP 1.010B32 is also affected.
FIRST-EPSS: 0.003270000
NVD-IS: 5.9
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2023-27524
DESCRIPTION: Exploit Observer has 40 entries related to CVE-2023-27524. Session Validation attacks in Apache Superset versions up to and including 2.0.1. Installations that have not altered the default configured SECRET_KEY according to installation instructions allow for an attacker to authenticate and access unauthorized resources. This does not affect Superset administrators who have changed the default value for SECRET_KEY config.
FIRST-EPSS: 0.906990000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2023-27524
DESCRIPTION: Exploit Observer has 40 entries related to CVE-2023-27524. Session Validation attacks in Apache Superset versions up to and including 2.0.1. Installations that have not altered the default configured SECRET_KEY according to installation instructions allow for an attacker to authenticate and access unauthorized resources. This does not affect Superset administrators who have changed the default value for SECRET_KEY config.
FIRST-EPSS: 0.906990000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2014-6277
DESCRIPTION: Exploit Observer has 127 entries related to CVE-2014-6277. GNU Bash through 4.3 bash43-026 does not properly parse function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code or cause a denial of service (uninitialized memory access, and untrusted-pointer read and write operations) via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-6271 and CVE-2014-7169.
FIRST-EPSS: 0.973120000
NVD-IS: 10.0
NVD-ES: 10.0
CVE-2014-6277
DESCRIPTION: Exploit Observer has 127 entries related to CVE-2014-6277. GNU Bash through 4.3 bash43-026 does not properly parse function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code or cause a denial of service (uninitialized memory access, and untrusted-pointer read and write operations) via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-6271 and CVE-2014-7169.
FIRST-EPSS: 0.973120000
NVD-IS: 10.0
NVD-ES: 10.0
#ExploitObserverAlert
CVE-2023-22515
DESCRIPTION: Exploit Observer has 244 entries related to CVE-2023-22515. Atlassian has been made aware of an issue reported by a handful of customers where external attackers may have exploited a previously unknown vulnerability in publicly accessible Confluence Data Center and Server instances to create unauthorized Confluence administrator accounts and access Confluence instances. Atlassian Cloud sites are not affected by this vulnerability. If your Confluence site is accessed via an atlassian.net domain, it is hosted by Atlassian and is not vulnerable to this issue.
FIRST-EPSS: 0.955290000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2023-22515
DESCRIPTION: Exploit Observer has 244 entries related to CVE-2023-22515. Atlassian has been made aware of an issue reported by a handful of customers where external attackers may have exploited a previously unknown vulnerability in publicly accessible Confluence Data Center and Server instances to create unauthorized Confluence administrator accounts and access Confluence instances. Atlassian Cloud sites are not affected by this vulnerability. If your Confluence site is accessed via an atlassian.net domain, it is hosted by Atlassian and is not vulnerable to this issue.
FIRST-EPSS: 0.955290000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2019-11358
DESCRIPTION: Exploit Observer has 3669 entries related to CVE-2019-11358. jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.
FIRST-EPSS: 0.029520000
NVD-IS: 2.7
NVD-ES: 2.8
CVE-2019-11358
DESCRIPTION: Exploit Observer has 3669 entries related to CVE-2019-11358. jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.
FIRST-EPSS: 0.029520000
NVD-IS: 2.7
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2023-32784
DESCRIPTION: Exploit Observer has 45 entries related to CVE-2023-32784. In KeePass 2.x before 2.54, it is possible to recover the cleartext master password from a memory dump, even when a workspace is locked or no longer running. The memory dump can be a KeePass process dump, swap file (pagefile.sys), hibernation file (hiberfil.sys), or RAM dump of the entire system. The first character cannot be recovered. In 2.54, there is different API usage and/or random string insertion for mitigation.
FIRST-EPSS: 0.001040000
NVD-IS: 3.6
NVD-ES: 3.9
CVE-2023-32784
DESCRIPTION: Exploit Observer has 45 entries related to CVE-2023-32784. In KeePass 2.x before 2.54, it is possible to recover the cleartext master password from a memory dump, even when a workspace is locked or no longer running. The memory dump can be a KeePass process dump, swap file (pagefile.sys), hibernation file (hiberfil.sys), or RAM dump of the entire system. The first character cannot be recovered. In 2.54, there is different API usage and/or random string insertion for mitigation.
FIRST-EPSS: 0.001040000
NVD-IS: 3.6
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2022-35405
DESCRIPTION: Exploit Observer has 19 entries related to CVE-2022-35405. Zoho ManageEngine Password Manager Pro before 12101 and PAM360 before 5510 are vulnerable to unauthenticated remote code execution. (This also affects ManageEngine Access Manager Plus before 4303 with authentication.)
FIRST-EPSS: 0.974500000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2022-35405
DESCRIPTION: Exploit Observer has 19 entries related to CVE-2022-35405. Zoho ManageEngine Password Manager Pro before 12101 and PAM360 before 5510 are vulnerable to unauthenticated remote code execution. (This also affects ManageEngine Access Manager Plus before 4303 with authentication.)
FIRST-EPSS: 0.974500000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2017-0781
DESCRIPTION: Exploit Observer has 37 entries related to CVE-2017-0781. A remote code execution vulnerability in the Android system (bluetooth). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-63146105.
FIRST-EPSS: 0.019700000
NVD-IS: 5.9
NVD-ES: 2.8
CVE-2017-0781
DESCRIPTION: Exploit Observer has 37 entries related to CVE-2017-0781. A remote code execution vulnerability in the Android system (bluetooth). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-63146105.
FIRST-EPSS: 0.019700000
NVD-IS: 5.9
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2019-11091
DESCRIPTION: Exploit Observer has 38 entries related to CVE-2019-11091. Microarchitectural Data Sampling Uncacheable Memory (MDSUM): Uncacheable memory on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf
FIRST-EPSS: 0.000610000
NVD-IS: 4.0
NVD-ES: 1.1
CVE-2019-11091
DESCRIPTION: Exploit Observer has 38 entries related to CVE-2019-11091. Microarchitectural Data Sampling Uncacheable Memory (MDSUM): Uncacheable memory on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf
FIRST-EPSS: 0.000610000
NVD-IS: 4.0
NVD-ES: 1.1
#ExploitObserverAlert
CVE-2022-26923
DESCRIPTION: Exploit Observer has 69 entries related to CVE-2022-26923. Active Directory Domain Services Elevation of Privilege Vulnerability.
FIRST-EPSS: 0.006670000
NVD-IS: 5.9
NVD-ES: 2.8
CVE-2022-26923
DESCRIPTION: Exploit Observer has 69 entries related to CVE-2022-26923. Active Directory Domain Services Elevation of Privilege Vulnerability.
FIRST-EPSS: 0.006670000
NVD-IS: 5.9
NVD-ES: 2.8