#ExploitObserverAlert
CVE-2023-44487
DESCRIPTION: Exploit Observer has 85 entries related to CVE-2023-44487. The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
FIRST-EPSS: 0.601570000
NVD-IS: 3.6
NVD-ES: 3.9
CVE-2023-44487
DESCRIPTION: Exploit Observer has 85 entries related to CVE-2023-44487. The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
FIRST-EPSS: 0.601570000
NVD-IS: 3.6
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2017-7672
DESCRIPTION: Exploit Observer has 8 entries related to CVE-2017-7672. If an application allows enter an URL in a form field and built-in URLValidator is used, it is possible to prepare a special URL which will be used to overload server process when performing validation of the URL. Solution is to upgrade to Apache Struts version 2.5.12.
FIRST-EPSS: 0.053570000
NVD-IS: 3.6
NVD-ES: 2.2
CVE-2017-7672
DESCRIPTION: Exploit Observer has 8 entries related to CVE-2017-7672. If an application allows enter an URL in a form field and built-in URLValidator is used, it is possible to prepare a special URL which will be used to overload server process when performing validation of the URL. Solution is to upgrade to Apache Struts version 2.5.12.
FIRST-EPSS: 0.053570000
NVD-IS: 3.6
NVD-ES: 2.2
#ExploitObserverAlert
CVE-2021-36369
DESCRIPTION: Exploit Observer has 5 entries related to CVE-2021-36369. An issue was discovered in Dropbear through 2020.81. Due to a non-RFC-compliant check of the available authentication methods in the client-side SSH code, it is possible for an SSH server to change the login process in its favor. This attack can bypass additional security measures such as FIDO2 tokens or SSH-Askpass. Thus, it allows an attacker to abuse a forwarded agent for logging on to another server unnoticed.
FIRST-EPSS: 0.000870000
NVD-IS: 3.6
NVD-ES: 3.9
CVE-2021-36369
DESCRIPTION: Exploit Observer has 5 entries related to CVE-2021-36369. An issue was discovered in Dropbear through 2020.81. Due to a non-RFC-compliant check of the available authentication methods in the client-side SSH code, it is possible for an SSH server to change the login process in its favor. This attack can bypass additional security measures such as FIDO2 tokens or SSH-Askpass. Thus, it allows an attacker to abuse a forwarded agent for logging on to another server unnoticed.
FIRST-EPSS: 0.000870000
NVD-IS: 3.6
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2021-34527
DESCRIPTION: Exploit Observer has 198 entries related to CVE-2021-34527. Windows Print Spooler Remote Code Execution Vulnerability
FIRST-EPSS: 0.968610000
NVD-IS: 5.9
NVD-ES: 2.8
CVE-2021-34527
DESCRIPTION: Exploit Observer has 198 entries related to CVE-2021-34527. Windows Print Spooler Remote Code Execution Vulnerability
FIRST-EPSS: 0.968610000
NVD-IS: 5.9
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2016-4438
DESCRIPTION: Exploit Observer has 17 entries related to CVE-2016-4438. The REST plugin in Apache Struts 2 2.3.19 through 2.3.28.1 allows remote attackers to execute arbitrary code via a crafted expression.
FIRST-EPSS: 0.066830000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2016-4438
DESCRIPTION: Exploit Observer has 17 entries related to CVE-2016-4438. The REST plugin in Apache Struts 2 2.3.19 through 2.3.28.1 allows remote attackers to execute arbitrary code via a crafted expression.
FIRST-EPSS: 0.066830000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2022-30967
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2022-30967. Jenkins Selection tasks Plugin 1.0 and earlier does not escape the name and description of Script Selection task variable parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.
FIRST-EPSS: 0.000770000
NVD-IS: 2.7
NVD-ES: 2.3
CVE-2022-30967
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2022-30967. Jenkins Selection tasks Plugin 1.0 and earlier does not escape the name and description of Script Selection task variable parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.
FIRST-EPSS: 0.000770000
NVD-IS: 2.7
NVD-ES: 2.3
#ExploitObserverAlert
CVE-2020-14364
DESCRIPTION: Exploit Observer has 25 entries related to CVE-2020-14364. An out-of-bounds read/write access flaw was found in the USB emulator of the QEMU in versions before 5.2.0. This issue occurs while processing USB packets from a guest when USBDevice 'setup_len' exceeds its 'data_buf[4096]' in the do_token_in, do_token_out routines. This flaw allows a guest user to crash the QEMU process, resulting in a denial of service, or the potential execution of arbitrary code with the privileges of the QEMU process on the host.
FIRST-EPSS: 0.000470000
NVD-IS: 3.7
NVD-ES: 0.8
CVE-2020-14364
DESCRIPTION: Exploit Observer has 25 entries related to CVE-2020-14364. An out-of-bounds read/write access flaw was found in the USB emulator of the QEMU in versions before 5.2.0. This issue occurs while processing USB packets from a guest when USBDevice 'setup_len' exceeds its 'data_buf[4096]' in the do_token_in, do_token_out routines. This flaw allows a guest user to crash the QEMU process, resulting in a denial of service, or the potential execution of arbitrary code with the privileges of the QEMU process on the host.
FIRST-EPSS: 0.000470000
NVD-IS: 3.7
NVD-ES: 0.8
#ExploitObserverAlert
CVE-2020-14975
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2020-14975. The driver in IOBit Unlocker 1.1.2 allows a low-privileged user to delete, move, or copy arbitrary files via IOCTL code 0x222124.
FIRST-EPSS: 0.000510000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2020-14975
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2020-14975. The driver in IOBit Unlocker 1.1.2 allows a low-privileged user to delete, move, or copy arbitrary files via IOCTL code 0x222124.
FIRST-EPSS: 0.000510000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2022-22954
DESCRIPTION: Exploit Observer has 103 entries related to CVE-2022-22954. VMware Workspace ONE Access and Identity Manager contain a remote code execution vulnerability due to server-side template injection. A malicious actor with network access can trigger a server-side template injection that may result in remote code execution.
FIRST-EPSS: 0.974020000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2022-22954
DESCRIPTION: Exploit Observer has 103 entries related to CVE-2022-22954. VMware Workspace ONE Access and Identity Manager contain a remote code execution vulnerability due to server-side template injection. A malicious actor with network access can trigger a server-side template injection that may result in remote code execution.
FIRST-EPSS: 0.974020000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2021-1801
DESCRIPTION: Exploit Observer has 15 entries related to CVE-2021-1801. This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. Maliciously crafted web content may violate iframe sandboxing policy.
FIRST-EPSS: 0.002300000
NVD-IS: 3.6
NVD-ES: 2.8
CVE-2021-1801
DESCRIPTION: Exploit Observer has 15 entries related to CVE-2021-1801. This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. Maliciously crafted web content may violate iframe sandboxing policy.
FIRST-EPSS: 0.002300000
NVD-IS: 3.6
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2022-41040
DESCRIPTION: Exploit Observer has 99 entries related to CVE-2022-41040. Microsoft Exchange Server Elevation of Privilege Vulnerability.
FIRST-EPSS: 0.965310000
NVD-IS: 5.9
NVD-ES: 2.8
CVE-2022-41040
DESCRIPTION: Exploit Observer has 99 entries related to CVE-2022-41040. Microsoft Exchange Server Elevation of Privilege Vulnerability.
FIRST-EPSS: 0.965310000
NVD-IS: 5.9
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2017-17689
DESCRIPTION: Exploit Observer has 7 entries related to CVE-2017-17689. The S/MIME specification allows a Cipher Block Chaining (CBC) malleability-gadget attack that can indirectly lead to plaintext exfiltration, aka EFAIL.
FIRST-EPSS: 0.005460000
NVD-IS: 3.6
NVD-ES: 2.2
CVE-2017-17689
DESCRIPTION: Exploit Observer has 7 entries related to CVE-2017-17689. The S/MIME specification allows a Cipher Block Chaining (CBC) malleability-gadget attack that can indirectly lead to plaintext exfiltration, aka EFAIL.
FIRST-EPSS: 0.005460000
NVD-IS: 3.6
NVD-ES: 2.2
#ExploitObserverAlert
CVE-2010-1870
DESCRIPTION: Exploit Observer has 25 entries related to CVE-2010-1870. The OGNL extensive expression evaluation capability in XWork in Struts 2.0.0 through 2.1.8.1, as used in Atlassian Fisheye, Crucible, and possibly other products, uses a permissive whitelist, which allows remote attackers to modify server-side context objects and bypass the "
CVE-2010-1870
DESCRIPTION: Exploit Observer has 25 entries related to CVE-2010-1870. The OGNL extensive expression evaluation capability in XWork in Struts 2.0.0 through 2.1.8.1, as used in Atlassian Fisheye, Crucible, and possibly other products, uses a permissive whitelist, which allows remote attackers to modify server-side context objects and bypass the "
#ExploitObserverAlert
CVE-2010-5107
DESCRIPTION: Exploit Observer has 26 entries related to CVE-2010-5107. The default configuration of OpenSSH through 6.1 enforces a fixed time limit between establishing a TCP connection and completing a login, which makes it easier for remote attackers to cause a denial of service (connection-slot exhaustion) by periodically making many new TCP connections.
FIRST-EPSS: 0.078700000
NVD-IS: 2.9
NVD-ES: 10.0
CVE-2010-5107
DESCRIPTION: Exploit Observer has 26 entries related to CVE-2010-5107. The default configuration of OpenSSH through 6.1 enforces a fixed time limit between establishing a TCP connection and completing a login, which makes it easier for remote attackers to cause a denial of service (connection-slot exhaustion) by periodically making many new TCP connections.
FIRST-EPSS: 0.078700000
NVD-IS: 2.9
NVD-ES: 10.0
#ExploitObserverAlert
CVE-2017-13079
DESCRIPTION: Exploit Observer has 31 entries related to CVE-2017-13079. Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during the four-way handshake, allowing an attacker within radio range to spoof frames from access points to clients.
FIRST-EPSS: 0.001360000
NVD-IS: 3.6
NVD-ES: 1.6
CVE-2017-13079
DESCRIPTION: Exploit Observer has 31 entries related to CVE-2017-13079. Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during the four-way handshake, allowing an attacker within radio range to spoof frames from access points to clients.
FIRST-EPSS: 0.001360000
NVD-IS: 3.6
NVD-ES: 1.6
#ExploitObserverAlert
CVE-2019-5029
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2019-5029. An exploitable command injection vulnerability exists in the Config editor of the Exhibitor Web UI versions 1.0.9 to 1.7.1. Arbitrary shell commands surrounded by backticks or $() can be inserted into the editor and will be executed by the Exhibitor process when it launches ZooKeeper. An attacker can execute any command as the user running the Exhibitor process.
FIRST-EPSS: 0.936410000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2019-5029
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2019-5029. An exploitable command injection vulnerability exists in the Config editor of the Exhibitor Web UI versions 1.0.9 to 1.7.1. Arbitrary shell commands surrounded by backticks or $() can be inserted into the editor and will be executed by the Exhibitor process when it launches ZooKeeper. An attacker can execute any command as the user running the Exhibitor process.
FIRST-EPSS: 0.936410000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2012-0814
DESCRIPTION: Exploit Observer has 24 entries related to CVE-2012-0814. The auth_parse_options function in auth-options.c in sshd in OpenSSH before 5.7 provides debug messages containing authorized_keys command options, which allows remote authenticated users to obtain potentially sensitive information by reading these messages, as demonstrated by the shared user account required by Gitolite. NOTE: this can cross privilege boundaries because a user account may intentionally have no shell or filesystem access, and therefore may have no supported way to read an authorized_keys file in its own home directory.
FIRST-EPSS: 0.002850000
NVD-IS: 2.9
NVD-ES: 6.8
CVE-2012-0814
DESCRIPTION: Exploit Observer has 24 entries related to CVE-2012-0814. The auth_parse_options function in auth-options.c in sshd in OpenSSH before 5.7 provides debug messages containing authorized_keys command options, which allows remote authenticated users to obtain potentially sensitive information by reading these messages, as demonstrated by the shared user account required by Gitolite. NOTE: this can cross privilege boundaries because a user account may intentionally have no shell or filesystem access, and therefore may have no supported way to read an authorized_keys file in its own home directory.
FIRST-EPSS: 0.002850000
NVD-IS: 2.9
NVD-ES: 6.8
#ExploitObserverAlert
CVE-2022-30966
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2022-30966. Jenkins Random String Parameter Plugin 1.0 and earlier does not escape the name and description of Random String parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.
FIRST-EPSS: 0.000770000
NVD-IS: 2.7
NVD-ES: 2.3
CVE-2022-30966
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2022-30966. Jenkins Random String Parameter Plugin 1.0 and earlier does not escape the name and description of Random String parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.
FIRST-EPSS: 0.000770000
NVD-IS: 2.7
NVD-ES: 2.3
#ExploitObserverAlert
CVE-2021-3156
DESCRIPTION: Exploit Observer has 373 entries related to CVE-2021-3156. Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege escalation to root via "sudoedit -s" and a command-line argument that ends with a single backslash character.
FIRST-EPSS: 0.965750000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2021-3156
DESCRIPTION: Exploit Observer has 373 entries related to CVE-2021-3156. Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege escalation to root via "sudoedit -s" and a command-line argument that ends with a single backslash character.
FIRST-EPSS: 0.965750000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2019-20197
DESCRIPTION: Exploit Observer has 5 entries related to CVE-2019-20197. In Nagios XI 5.6.9, an authenticated user is able to execute arbitrary OS commands via shell metacharacters in the id parameter to schedulereport.php, in the context of the web-server user account.
FIRST-EPSS: 0.012490000
NVD-IS: 5.9
NVD-ES: 2.8
CVE-2019-20197
DESCRIPTION: Exploit Observer has 5 entries related to CVE-2019-20197. In Nagios XI 5.6.9, an authenticated user is able to execute arbitrary OS commands via shell metacharacters in the id parameter to schedulereport.php, in the context of the web-server user account.
FIRST-EPSS: 0.012490000
NVD-IS: 5.9
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2022-0540
DESCRIPTION: Exploit Observer has 22 entries related to CVE-2022-0540. A vulnerability in Jira Seraph allows a remote, unauthenticated attacker to bypass authentication by sending a specially crafted HTTP request. This affects Atlassian Jira Server and Data Center versions before 8.13.18, versions 8.14.0 and later before 8.20.6, and versions 8.21.0 and later before 8.22.0. This also affects Atlassian Jira Service Management Server and Data Center versions before 4.13.18, versions 4.14.0 and later before 4.20.6, and versions 4.21.0 and later before 4.22.0.
FIRST-EPSS: 0.158000000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2022-0540
DESCRIPTION: Exploit Observer has 22 entries related to CVE-2022-0540. A vulnerability in Jira Seraph allows a remote, unauthenticated attacker to bypass authentication by sending a specially crafted HTTP request. This affects Atlassian Jira Server and Data Center versions before 8.13.18, versions 8.14.0 and later before 8.20.6, and versions 8.21.0 and later before 8.22.0. This also affects Atlassian Jira Service Management Server and Data Center versions before 4.13.18, versions 4.14.0 and later before 4.20.6, and versions 4.21.0 and later before 4.22.0.
FIRST-EPSS: 0.158000000
NVD-IS: 5.9
NVD-ES: 3.9