#ExploitObserverAlert
CVE-2019-14378
DESCRIPTION: Exploit Observer has 30 entries related to CVE-2019-14378. ip_reass in ip_input.c in libslirp 4.0.0 has a heap-based buffer overflow via a large packet because it mishandles a case involving the first fragment.
FIRST-EPSS: 0.015650000
NVD-IS: 5.9
NVD-ES: 2.8
CVE-2019-14378
DESCRIPTION: Exploit Observer has 30 entries related to CVE-2019-14378. ip_reass in ip_input.c in libslirp 4.0.0 has a heap-based buffer overflow via a large packet because it mishandles a case involving the first fragment.
FIRST-EPSS: 0.015650000
NVD-IS: 5.9
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2020-36327
DESCRIPTION: Exploit Observer has 8 entries related to CVE-2020-36327. Bundler 1.16.0 through 2.2.9 and 2.2.11 through 2.2.16 sometimes chooses a dependency source based on the highest gem version number, which means that a rogue gem found at a public source may be chosen, even if the intended choice was a private gem that is a dependency of another private gem that is explicitly depended on by the application. NOTE: it is not correct to use CVE-2021-24105 for every "Dependency Confusion" issue in every product.
FIRST-EPSS: 0.009930000
NVD-IS: 5.9
NVD-ES: 2.8
CVE-2020-36327
DESCRIPTION: Exploit Observer has 8 entries related to CVE-2020-36327. Bundler 1.16.0 through 2.2.9 and 2.2.11 through 2.2.16 sometimes chooses a dependency source based on the highest gem version number, which means that a rogue gem found at a public source may be chosen, even if the intended choice was a private gem that is a dependency of another private gem that is explicitly depended on by the application. NOTE: it is not correct to use CVE-2021-24105 for every "Dependency Confusion" issue in every product.
FIRST-EPSS: 0.009930000
NVD-IS: 5.9
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2014-6278
DESCRIPTION: Exploit Observer has 142 entries related to CVE-2014-6278. GNU Bash through 4.3 bash43-026 does not properly parse function definitions in the values of environment variables, which allows remote attackers to execute arbitrary commands via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-6271, CVE-2014-7169, and CVE-2014-6277.
FIRST-EPSS: 0.973450000
NVD-IS: 10.0
NVD-ES: 10.0
CVE-2014-6278
DESCRIPTION: Exploit Observer has 142 entries related to CVE-2014-6278. GNU Bash through 4.3 bash43-026 does not properly parse function definitions in the values of environment variables, which allows remote attackers to execute arbitrary commands via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-6271, CVE-2014-7169, and CVE-2014-6277.
FIRST-EPSS: 0.973450000
NVD-IS: 10.0
NVD-ES: 10.0
#ExploitObserverAlert
CVE-2011-3923
DESCRIPTION: Exploit Observer has 19 entries related to CVE-2011-3923. Apache Struts before 2.3.1.2 allows remote attackers to bypass security protections in the ParameterInterceptor class and execute arbitrary commands.
FIRST-EPSS: 0.956640000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2011-3923
DESCRIPTION: Exploit Observer has 19 entries related to CVE-2011-3923. Apache Struts before 2.3.1.2 allows remote attackers to bypass security protections in the ParameterInterceptor class and execute arbitrary commands.
FIRST-EPSS: 0.956640000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2017-13078
DESCRIPTION: Exploit Observer has 44 entries related to CVE-2017-13078. Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the four-way handshake, allowing an attacker within radio range to replay frames from access points to clients.
FIRST-EPSS: 0.001360000
NVD-IS: 3.6
NVD-ES: 1.6
CVE-2017-13078
DESCRIPTION: Exploit Observer has 44 entries related to CVE-2017-13078. Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the four-way handshake, allowing an attacker within radio range to replay frames from access points to clients.
FIRST-EPSS: 0.001360000
NVD-IS: 3.6
NVD-ES: 1.6
#ExploitObserverAlert
CVE-2020-2100
DESCRIPTION: Exploit Observer has 8 entries related to CVE-2020-2100. Jenkins 2.218 and earlier, LTS 2.204.1 and earlier was vulnerable to a UDP amplification reflection denial of service attack on port 33848.
FIRST-EPSS: 0.003970000
NVD-IS: 1.4
NVD-ES: 3.9
CVE-2020-2100
DESCRIPTION: Exploit Observer has 8 entries related to CVE-2020-2100. Jenkins 2.218 and earlier, LTS 2.204.1 and earlier was vulnerable to a UDP amplification reflection denial of service attack on port 33848.
FIRST-EPSS: 0.003970000
NVD-IS: 1.4
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2020-8913
DESCRIPTION: Exploit Observer has 19 entries related to CVE-2020-8913. A local, arbitrary code execution vulnerability exists in the SplitCompat.install endpoint in Android's Play Core Library versions prior to 1.7.2. A malicious attacker could create an apk which targets a specific application, and if a victim were to install this apk, the attacker could perform a directory traversal, execute code as the targeted application and access the targeted application's data on the Android device. We recommend all users update Play Core to version 1.7.2 or later.
FIRST-EPSS: 0.001500000
NVD-IS: 5.9
NVD-ES: 2.8
CVE-2020-8913
DESCRIPTION: Exploit Observer has 19 entries related to CVE-2020-8913. A local, arbitrary code execution vulnerability exists in the SplitCompat.install endpoint in Android's Play Core Library versions prior to 1.7.2. A malicious attacker could create an apk which targets a specific application, and if a victim were to install this apk, the attacker could perform a directory traversal, execute code as the targeted application and access the targeted application's data on the Android device. We recommend all users update Play Core to version 1.7.2 or later.
FIRST-EPSS: 0.001500000
NVD-IS: 5.9
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2016-1555
DESCRIPTION: Exploit Observer has 15 entries related to CVE-2016-1555. (1) boardData102.php, (2) boardData103.php, (3) boardDataJP.php, (4) boardDataNA.php, and (5) boardDataWW.php in Netgear WN604 before 3.3.3 and WN802Tv2, WNAP210v2, WNAP320, WNDAP350, WNDAP360, and WNDAP660 before 3.5.5.0 allow remote attackers to execute arbitrary commands.
FIRST-EPSS: 0.973210000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2016-1555
DESCRIPTION: Exploit Observer has 15 entries related to CVE-2016-1555. (1) boardData102.php, (2) boardData103.php, (3) boardDataJP.php, (4) boardDataNA.php, and (5) boardDataWW.php in Netgear WN604 before 3.3.3 and WN802Tv2, WNAP210v2, WNAP320, WNDAP350, WNDAP360, and WNDAP660 before 3.5.5.0 allow remote attackers to execute arbitrary commands.
FIRST-EPSS: 0.973210000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2023-4206
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-4206. A use-after-free vulnerability in the Linux kernel's net/sched: cls_route component can be exploited to achieve local privilege escalation. When route4_change() is called on an existing filter, the whole tcf_result struct is always copied into the new instance of the filter. This causes a problem when updating a filter bound to a class, as tcf_unbind_filter() is always called on the old instance in the success path, decreasing filter_cnt of the still referenced class and allowing it to be deleted, leading to a use-after-free. We recommend upgrading past commit b80b829e9e2c1b3f7aae34855e04d8f6ecaf13c8.
FIRST-EPSS: 0.000420000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2023-4206
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-4206. A use-after-free vulnerability in the Linux kernel's net/sched: cls_route component can be exploited to achieve local privilege escalation. When route4_change() is called on an existing filter, the whole tcf_result struct is always copied into the new instance of the filter. This causes a problem when updating a filter bound to a class, as tcf_unbind_filter() is always called on the old instance in the success path, decreasing filter_cnt of the still referenced class and allowing it to be deleted, leading to a use-after-free. We recommend upgrading past commit b80b829e9e2c1b3f7aae34855e04d8f6ecaf13c8.
FIRST-EPSS: 0.000420000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2008-3259
DESCRIPTION: Exploit Observer has 15 entries related to CVE-2008-3259. OpenSSH before 5.1 sets the SO_REUSEADDR socket option when the X11UseLocalhost configuration setting is disabled, which allows local users on some platforms to hijack the X11 forwarding port via a bind to a single IP address, as demonstrated on the HP-UX platform.
FIRST-EPSS: 0.000420000
NVD-IS: 2.9
NVD-ES: 1.9
CVE-2008-3259
DESCRIPTION: Exploit Observer has 15 entries related to CVE-2008-3259. OpenSSH before 5.1 sets the SO_REUSEADDR socket option when the X11UseLocalhost configuration setting is disabled, which allows local users on some platforms to hijack the X11 forwarding port via a bind to a single IP address, as demonstrated on the HP-UX platform.
FIRST-EPSS: 0.000420000
NVD-IS: 2.9
NVD-ES: 1.9
#ExploitObserverAlert
CVE-2012-2012
DESCRIPTION: Exploit Observer has 34 entries related to CVE-2012-2012. HP System Management Homepage (SMH) before 7.1.1 does not have an off autocomplete attribute for unspecified form fields, which makes it easier for remote attackers to obtain access by leveraging an unattended workstation.
FIRST-EPSS: 0.007140000
NVD-IS: 10.0
NVD-ES: 10.0
CVE-2012-2012
DESCRIPTION: Exploit Observer has 34 entries related to CVE-2012-2012. HP System Management Homepage (SMH) before 7.1.1 does not have an off autocomplete attribute for unspecified form fields, which makes it easier for remote attackers to obtain access by leveraging an unattended workstation.
FIRST-EPSS: 0.007140000
NVD-IS: 10.0
NVD-ES: 10.0
#ExploitObserverAlert
CVE-2013-1966
DESCRIPTION: Exploit Observer has 18 entries related to CVE-2013-1966. Apache Struts 2 before 2.3.14.2 allows remote attackers to execute arbitrary OGNL code via a crafted request that is not properly handled when using the includeParams attribute in the (1) URL or (2) A tag.
FIRST-EPSS: 0.018580000
NVD-IS: 10.0
NVD-ES: 8.6
CVE-2013-1966
DESCRIPTION: Exploit Observer has 18 entries related to CVE-2013-1966. Apache Struts 2 before 2.3.14.2 allows remote attackers to execute arbitrary OGNL code via a crafted request that is not properly handled when using the includeParams attribute in the (1) URL or (2) A tag.
FIRST-EPSS: 0.018580000
NVD-IS: 10.0
NVD-ES: 8.6
#ExploitObserverAlert
CVE-2022-22942
DESCRIPTION: Exploit Observer has 6 entries related to CVE-2022-22942.
FIRST-EPSS: 0.002090000
CVE-2022-22942
DESCRIPTION: Exploit Observer has 6 entries related to CVE-2022-22942.
FIRST-EPSS: 0.002090000
#ExploitObserverAlert
CVE-2019-0211
DESCRIPTION: Exploit Observer has 81 entries related to CVE-2019-0211. In Apache HTTP Server 2.4 releases 2.4.17 to 2.4.38, with MPM event, worker or prefork, code executing in less-privileged child processes or threads (including scripts executed by an in-process scripting interpreter) could execute arbitrary code with the privileges of the parent process (usually root) by manipulating the scoreboard. Non-Unix systems are not affected.
FIRST-EPSS: 0.974190000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2019-0211
DESCRIPTION: Exploit Observer has 81 entries related to CVE-2019-0211. In Apache HTTP Server 2.4 releases 2.4.17 to 2.4.38, with MPM event, worker or prefork, code executing in less-privileged child processes or threads (including scripts executed by an in-process scripting interpreter) could execute arbitrary code with the privileges of the parent process (usually root) by manipulating the scoreboard. Non-Unix systems are not affected.
FIRST-EPSS: 0.974190000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2020-5849
DESCRIPTION: Exploit Observer has 8 entries related to CVE-2020-5849. Unraid 6.8.0 allows authentication bypass.
FIRST-EPSS: 0.972030000
NVD-IS: 3.6
NVD-ES: 3.9
CVE-2020-5849
DESCRIPTION: Exploit Observer has 8 entries related to CVE-2020-5849. Unraid 6.8.0 allows authentication bypass.
FIRST-EPSS: 0.972030000
NVD-IS: 3.6
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2017-5753
DESCRIPTION: Exploit Observer has 166 entries related to CVE-2017-5753. Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.
FIRST-EPSS: 0.975510000
NVD-IS: 4.0
NVD-ES: 1.1
CVE-2017-5753
DESCRIPTION: Exploit Observer has 166 entries related to CVE-2017-5753. Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.
FIRST-EPSS: 0.975510000
NVD-IS: 4.0
NVD-ES: 1.1
#ExploitObserverAlert
CVE-2020-25803
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2020-25803. Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of Crafter CMS allows authenticated developers to execute OS commands via FreeMarker template exposed objects. This issue affects: Crafter Software Crafter CMS 3.0 versions prior to 3.0.27; 3.1 versions prior to 3.1.7.
FIRST-EPSS: 0.001040000
NVD-IS: 5.9
NVD-ES: 1.2
CVE-2020-25803
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2020-25803. Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of Crafter CMS allows authenticated developers to execute OS commands via FreeMarker template exposed objects. This issue affects: Crafter Software Crafter CMS 3.0 versions prior to 3.0.27; 3.1 versions prior to 3.1.7.
FIRST-EPSS: 0.001040000
NVD-IS: 5.9
NVD-ES: 1.2
#ExploitObserverAlert
CVE-2020-13487
DESCRIPTION: Exploit Observer has 27 entries related to CVE-2020-13487. The bbPress plugin through 2.6.4 for WordPress has stored XSS in the Forum creation section, resulting in JavaScript execution at wp-admin/edit.php?post_type=forum (aka the Forum listing page) for all users. An administrator can exploit this at the wp-admin/post.php?action=edit URI.
FIRST-EPSS: 0.002670000
NVD-IS: 2.7
NVD-ES: 1.7
CVE-2020-13487
DESCRIPTION: Exploit Observer has 27 entries related to CVE-2020-13487. The bbPress plugin through 2.6.4 for WordPress has stored XSS in the Forum creation section, resulting in JavaScript execution at wp-admin/edit.php?post_type=forum (aka the Forum listing page) for all users. An administrator can exploit this at the wp-admin/post.php?action=edit URI.
FIRST-EPSS: 0.002670000
NVD-IS: 2.7
NVD-ES: 1.7
#ExploitObserverAlert
CVE-2020-1921
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2020-1921. In the crypt function, we attempt to null terminate a buffer using the size of the input salt without validating that the offset is within the buffer. This issue affects HHVM versions prior to 4.56.3, all versions between 4.57.0 and 4.80.1, all versions between 4.81.0 and 4.93.1, and versions 4.94.0, 4.95.0, 4.96.0, 4.97.0, 4.98.0.
FIRST-EPSS: 0.001100000
NVD-IS: 3.6
NVD-ES: 3.9
CVE-2020-1921
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2020-1921. In the crypt function, we attempt to null terminate a buffer using the size of the input salt without validating that the offset is within the buffer. This issue affects HHVM versions prior to 4.56.3, all versions between 4.57.0 and 4.80.1, all versions between 4.81.0 and 4.93.1, and versions 4.94.0, 4.95.0, 4.96.0, 4.97.0, 4.98.0.
FIRST-EPSS: 0.001100000
NVD-IS: 3.6
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2017-13088
DESCRIPTION: Exploit Observer has 29 entries related to CVE-2017-13088. Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows reinstallation of the Integrity Group Temporal Key (IGTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame, allowing an attacker within radio range to replay frames from access points to clients.
FIRST-EPSS: 0.001360000
NVD-IS: 3.6
NVD-ES: 1.6
CVE-2017-13088
DESCRIPTION: Exploit Observer has 29 entries related to CVE-2017-13088. Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows reinstallation of the Integrity Group Temporal Key (IGTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame, allowing an attacker within radio range to replay frames from access points to clients.
FIRST-EPSS: 0.001360000
NVD-IS: 3.6
NVD-ES: 1.6
#ExploitObserverAlert
CVE-2020-35272
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2020-35272. Employee Performance Evaluation System in PHP/MySQLi with Source Code 1.0 is affected by cross-site scripting (XSS) in the Admin Portal in the Task and Description fields.
FIRST-EPSS: 0.000910000
NVD-IS: 2.7
NVD-ES: 1.7
CVE-2020-35272
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2020-35272. Employee Performance Evaluation System in PHP/MySQLi with Source Code 1.0 is affected by cross-site scripting (XSS) in the Admin Portal in the Task and Description fields.
FIRST-EPSS: 0.000910000
NVD-IS: 2.7
NVD-ES: 1.7