#ExploitObserverAlert
CVE-2008-5161
DESCRIPTION: Exploit Observer has 58 entries related to CVE-2008-5161. Error handling in the SSH protocol in (1) SSH Tectia Client and Server and Connector 4.0 through 4.4.11, 5.0 through 5.2.4, and 5.3 through 5.3.8; Client and Server and ConnectSecure 6.0 through 6.0.4; Server for Linux on IBM System z 6.0.4; Server for IBM z/OS 5.5.1 and earlier, 6.0.0, and 6.0.1; and Client 4.0-J through 4.3.3-J and 4.0-K through 4.3.10-K; and (2) OpenSSH 4.7p1 and possibly other versions, when using a block cipher algorithm in Cipher Block Chaining (CBC) mode, makes it easier for remote attackers to recover certain plaintext data from an arbitrary block of ciphertext in an SSH session via unknown vectors.
FIRST-EPSS: 0.010490000
NVD-IS: 2.9
NVD-ES: 4.9
CVE-2008-5161
DESCRIPTION: Exploit Observer has 58 entries related to CVE-2008-5161. Error handling in the SSH protocol in (1) SSH Tectia Client and Server and Connector 4.0 through 4.4.11, 5.0 through 5.2.4, and 5.3 through 5.3.8; Client and Server and ConnectSecure 6.0 through 6.0.4; Server for Linux on IBM System z 6.0.4; Server for IBM z/OS 5.5.1 and earlier, 6.0.0, and 6.0.1; and Client 4.0-J through 4.3.3-J and 4.0-K through 4.3.10-K; and (2) OpenSSH 4.7p1 and possibly other versions, when using a block cipher algorithm in Cipher Block Chaining (CBC) mode, makes it easier for remote attackers to recover certain plaintext data from an arbitrary block of ciphertext in an SSH session via unknown vectors.
FIRST-EPSS: 0.010490000
NVD-IS: 2.9
NVD-ES: 4.9
#ExploitObserverAlert
CVE-2023-29689
DESCRIPTION: Exploit Observer has 6 entries related to CVE-2023-29689. PyroCMS 3.9 contains a remote code execution (RCE) vulnerability that can be exploited through a server-side template injection (SSTI) flaw. This vulnerability allows a malicious attacker to send customized commands to the server and execute arbitrary code on the affected system.
FIRST-EPSS: 0.005910000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2023-29689
DESCRIPTION: Exploit Observer has 6 entries related to CVE-2023-29689. PyroCMS 3.9 contains a remote code execution (RCE) vulnerability that can be exploited through a server-side template injection (SSTI) flaw. This vulnerability allows a malicious attacker to send customized commands to the server and execute arbitrary code on the affected system.
FIRST-EPSS: 0.005910000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2017-16905
DESCRIPTION: Exploit Observer has 30 entries related to CVE-2017-16905. The DuoLingo TinyCards application before 1.0 for Android has one use of unencrypted HTTP, which allows remote attackers to spoof content, and consequently achieve remote code execution, via a man-in-the-middle attack.
FIRST-EPSS: 0.010910000
NVD-IS: 5.9
NVD-ES: 2.2
CVE-2017-16905
DESCRIPTION: Exploit Observer has 30 entries related to CVE-2017-16905. The DuoLingo TinyCards application before 1.0 for Android has one use of unencrypted HTTP, which allows remote attackers to spoof content, and consequently achieve remote code execution, via a man-in-the-middle attack.
FIRST-EPSS: 0.010910000
NVD-IS: 5.9
NVD-ES: 2.2
#ExploitObserverAlert
CVE-2023-24023
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2023-24023. Bluetooth BR/EDR devices with Secure Simple Pairing and Secure Connections pairing in Bluetooth Core Specification 4.2 through 5.4 allow certain man-in-the-middle attacks that force a short key length, and might lead to discovery of the encryption key and live injection, aka BLUFFS.
FIRST-EPSS: 0.000460000
NVD-IS: 5.2
NVD-ES: 1.6
CVE-2023-24023
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2023-24023. Bluetooth BR/EDR devices with Secure Simple Pairing and Secure Connections pairing in Bluetooth Core Specification 4.2 through 5.4 allow certain man-in-the-middle attacks that force a short key length, and might lead to discovery of the encryption key and live injection, aka BLUFFS.
FIRST-EPSS: 0.000460000
NVD-IS: 5.2
NVD-ES: 1.6
#ExploitObserverAlert
CVE-2019-17564
DESCRIPTION: Exploit Observer has 38 entries related to CVE-2019-17564. Unsafe deserialization occurs within a Dubbo application which has HTTP remoting enabled. An attacker may submit a POST request with a Java object in it to completely compromise a Provider instance of Apache Dubbo, if this instance enables HTTP. This issue affected Apache Dubbo 2.7.0 to 2.7.4, 2.6.0 to 2.6.7, and all 2.5.x versions.
FIRST-EPSS: 0.029430000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2019-17564
DESCRIPTION: Exploit Observer has 38 entries related to CVE-2019-17564. Unsafe deserialization occurs within a Dubbo application which has HTTP remoting enabled. An attacker may submit a POST request with a Java object in it to completely compromise a Provider instance of Apache Dubbo, if this instance enables HTTP. This issue affected Apache Dubbo 2.7.0 to 2.7.4, 2.6.0 to 2.6.7, and all 2.5.x versions.
FIRST-EPSS: 0.029430000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2020-16850
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2020-16850. Mitsubishi MELSEC iQ-R Series PLCs with firmware 49 allow an unauthenticated attacker to halt the industrial process by sending a crafted packet over the network. This denial of service attack exposes Improper Input Validation. After halting, physical access to the PLC is required in order to restore production, and the device state is lost. This is related to R04CPU, RJ71GF11-T2, R04CPU, and RJ71GF11-T2.
FIRST-EPSS: 0.000770000
NVD-IS: 3.6
NVD-ES: 3.9
CVE-2020-16850
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2020-16850. Mitsubishi MELSEC iQ-R Series PLCs with firmware 49 allow an unauthenticated attacker to halt the industrial process by sending a crafted packet over the network. This denial of service attack exposes Improper Input Validation. After halting, physical access to the PLC is required in order to restore production, and the device state is lost. This is related to R04CPU, RJ71GF11-T2, R04CPU, and RJ71GF11-T2.
FIRST-EPSS: 0.000770000
NVD-IS: 3.6
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2017-5638
DESCRIPTION: Exploit Observer has 345 entries related to CVE-2017-5638. The Jakarta Multipart parser in Apache Struts 2 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1 has incorrect exception handling and error-message generation during file-upload attempts, which allows remote attackers to execute arbitrary commands via a crafted Content-Type, Content-Disposition, or Content-Length HTTP header, as exploited in the wild in March 2017 with a Content-Type header containing a
CVE-2017-5638
DESCRIPTION: Exploit Observer has 345 entries related to CVE-2017-5638. The Jakarta Multipart parser in Apache Struts 2 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1 has incorrect exception handling and error-message generation during file-upload attempts, which allows remote attackers to execute arbitrary commands via a crafted Content-Type, Content-Disposition, or Content-Length HTTP header, as exploited in the wild in March 2017 with a Content-Type header containing a
#ExploitObserverAlert
CVE-2015-2208
DESCRIPTION: Exploit Observer has 21 entries related to CVE-2015-2208. The saveObject function in moadmin.php in phpMoAdmin 1.1.2 allows remote attackers to execute arbitrary commands via shell metacharacters in the object parameter.
FIRST-EPSS: 0.968030000
NVD-IS: 6.4
NVD-ES: 10.0
CVE-2015-2208
DESCRIPTION: Exploit Observer has 21 entries related to CVE-2015-2208. The saveObject function in moadmin.php in phpMoAdmin 1.1.2 allows remote attackers to execute arbitrary commands via shell metacharacters in the object parameter.
FIRST-EPSS: 0.968030000
NVD-IS: 6.4
NVD-ES: 10.0
#ExploitObserverAlert
CVE-2020-12873
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2020-12873. An issue was discovered in Alfresco Enterprise Content Management (ECM) before 6.2.1. A user with privileges to edit a FreeMarker template (e.g., a webscript) may execute arbitrary Java code or run arbitrary system commands with the same privileges as the account running Alfresco.
FIRST-EPSS: 0.000840000
NVD-IS: 5.9
NVD-ES: 2.8
CVE-2020-12873
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2020-12873. An issue was discovered in Alfresco Enterprise Content Management (ECM) before 6.2.1. A user with privileges to edit a FreeMarker template (e.g., a webscript) may execute arbitrary Java code or run arbitrary system commands with the same privileges as the account running Alfresco.
FIRST-EPSS: 0.000840000
NVD-IS: 5.9
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2022-37434
DESCRIPTION: Exploit Observer has 54 entries related to CVE-2022-37434. zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable to call inflateGetHeader (e.g., see the nodejs/node reference).
FIRST-EPSS: 0.004010000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2022-37434
DESCRIPTION: Exploit Observer has 54 entries related to CVE-2022-37434. zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable to call inflateGetHeader (e.g., see the nodejs/node reference).
FIRST-EPSS: 0.004010000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2020-10234
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2020-10234. The AscRegistryFilter.sys kernel driver in IObit Advanced SystemCare 13.2 allows an unprivileged user to send an IOCTL to the device driver. If the user provides a NULL entry for the dwIoControlCode parameter, a kernel panic (aka BSOD) follows. The IOCTL codes can be found in the dispatch function: 0x8001E000, 0x8001E004, 0x8001E008, 0x8001E00C, 0x8001E010, 0x8001E014, 0x8001E020, 0x8001E024, 0x8001E040, 0x8001E044, and 0x8001E048. \DosDevices\AscRegistryFilter and \Device\AscRegistryFilter are affected.
FIRST-EPSS: 0.001280000
NVD-IS: 3.6
NVD-ES: 2.8
CVE-2020-10234
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2020-10234. The AscRegistryFilter.sys kernel driver in IObit Advanced SystemCare 13.2 allows an unprivileged user to send an IOCTL to the device driver. If the user provides a NULL entry for the dwIoControlCode parameter, a kernel panic (aka BSOD) follows. The IOCTL codes can be found in the dispatch function: 0x8001E000, 0x8001E004, 0x8001E008, 0x8001E00C, 0x8001E010, 0x8001E014, 0x8001E020, 0x8001E024, 0x8001E040, 0x8001E044, and 0x8001E048. \DosDevices\AscRegistryFilter and \Device\AscRegistryFilter are affected.
FIRST-EPSS: 0.001280000
NVD-IS: 3.6
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2020-1967
DESCRIPTION: Exploit Observer has 57 entries related to CVE-2020-1967. Server or client applications that call the SSL_check_chain() function during or after a TLS 1.3 handshake may crash due to a NULL pointer dereference as a result of incorrect handling of the "signature_algorithms_cert" TLS extension. The crash occurs if an invalid or unrecognised signature algorithm is received from the peer. This could be exploited by a malicious peer in a Denial of Service attack. OpenSSL version 1.1.1d, 1.1.1e, and 1.1.1f are affected by this issue. This issue did not affect OpenSSL versions prior to 1.1.1d. Fixed in OpenSSL 1.1.1g (Affected 1.1.1d-1.1.1f).
FIRST-EPSS: 0.099530000
NVD-IS: 3.6
NVD-ES: 3.9
CVE-2020-1967
DESCRIPTION: Exploit Observer has 57 entries related to CVE-2020-1967. Server or client applications that call the SSL_check_chain() function during or after a TLS 1.3 handshake may crash due to a NULL pointer dereference as a result of incorrect handling of the "signature_algorithms_cert" TLS extension. The crash occurs if an invalid or unrecognised signature algorithm is received from the peer. This could be exploited by a malicious peer in a Denial of Service attack. OpenSSL version 1.1.1d, 1.1.1e, and 1.1.1f are affected by this issue. This issue did not affect OpenSSL versions prior to 1.1.1d. Fixed in OpenSSL 1.1.1g (Affected 1.1.1d-1.1.1f).
FIRST-EPSS: 0.099530000
NVD-IS: 3.6
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2020-12122
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2020-12122. In Max Secure Max Spyware Detector 1.0.0.044, the driver file (MaxProc64.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x2200019. (This also extends to the various other products from Max Secure that include MaxProc64.sys.)
FIRST-EPSS: 0.000420000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2020-12122
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2020-12122. In Max Secure Max Spyware Detector 1.0.0.044, the driver file (MaxProc64.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x2200019. (This also extends to the various other products from Max Secure that include MaxProc64.sys.)
FIRST-EPSS: 0.000420000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2013-4316
DESCRIPTION: Exploit Observer has 10 entries related to CVE-2013-4316. Apache Struts 2.0.0 through 2.3.15.1 enables Dynamic Method Invocation by default, which has unknown impact and attack vectors.
FIRST-EPSS: 0.008710000
NVD-IS: 10.0
NVD-ES: 10.0
CVE-2013-4316
DESCRIPTION: Exploit Observer has 10 entries related to CVE-2013-4316. Apache Struts 2.0.0 through 2.3.15.1 enables Dynamic Method Invocation by default, which has unknown impact and attack vectors.
FIRST-EPSS: 0.008710000
NVD-IS: 10.0
NVD-ES: 10.0
#ExploitObserverAlert
CVE-2023-21768
DESCRIPTION: Exploit Observer has 30 entries related to CVE-2023-21768. Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
FIRST-EPSS: 0.016680000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2023-21768
DESCRIPTION: Exploit Observer has 30 entries related to CVE-2023-21768. Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
FIRST-EPSS: 0.016680000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2020-10214
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2020-10214. An issue was discovered on D-Link DIR-825 Rev.B 2.10 devices. There is a stack-based buffer overflow in the httpd binary. It allows an authenticated user to execute arbitrary code via a POST to ntp_sync.cgi with a sufficiently long parameter ntp_server.
FIRST-EPSS: 0.001210000
NVD-IS: 5.9
NVD-ES: 2.8
CVE-2020-10214
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2020-10214. An issue was discovered on D-Link DIR-825 Rev.B 2.10 devices. There is a stack-based buffer overflow in the httpd binary. It allows an authenticated user to execute arbitrary code via a POST to ntp_sync.cgi with a sufficiently long parameter ntp_server.
FIRST-EPSS: 0.001210000
NVD-IS: 5.9
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2023-46214
DESCRIPTION: Exploit Observer has 9 entries related to CVE-2023-46214. In Splunk Enterprise versions below 9.0.7 and 9.1.2, Splunk Enterprise does not safely sanitize extensible stylesheet language transformations (XSLT) that users supply. This means that an attacker can upload malicious XSLT which can result in remote code execution on the Splunk Enterprise instance.
FIRST-EPSS: 0.144520000
NVD-IS: 5.9
NVD-ES: 2.8
CVE-2023-46214
DESCRIPTION: Exploit Observer has 9 entries related to CVE-2023-46214. In Splunk Enterprise versions below 9.0.7 and 9.1.2, Splunk Enterprise does not safely sanitize extensible stylesheet language transformations (XSLT) that users supply. This means that an attacker can upload malicious XSLT which can result in remote code execution on the Splunk Enterprise instance.
FIRST-EPSS: 0.144520000
NVD-IS: 5.9
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2017-13082
DESCRIPTION: Exploit Observer has 33 entries related to CVE-2017-13082. Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11r allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the fast BSS transmission (FT) handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.
FIRST-EPSS: 0.001220000
NVD-IS: 5.2
NVD-ES: 2.8
CVE-2017-13082
DESCRIPTION: Exploit Observer has 33 entries related to CVE-2017-13082. Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11r allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the fast BSS transmission (FT) handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.
FIRST-EPSS: 0.001220000
NVD-IS: 5.2
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2020-6537
DESCRIPTION: Exploit Observer has 4 entries related to CVE-2020-6537. Type confusion in V8 in Google Chrome prior to 84.0.4147.105 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.
FIRST-EPSS: 0.005210000
NVD-IS: 5.9
NVD-ES: 2.8
CVE-2020-6537
DESCRIPTION: Exploit Observer has 4 entries related to CVE-2020-6537. Type confusion in V8 in Google Chrome prior to 84.0.4147.105 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.
FIRST-EPSS: 0.005210000
NVD-IS: 5.9
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2020-25592
DESCRIPTION: Exploit Observer has 11 entries related to CVE-2020-25592. In SaltStack Salt through 3002, salt-netapi improperly validates eauth credentials and tokens. A user can bypass authentication and invoke Salt SSH.
FIRST-EPSS: 0.450680000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2020-25592
DESCRIPTION: Exploit Observer has 11 entries related to CVE-2020-25592. In SaltStack Salt through 3002, salt-netapi improperly validates eauth credentials and tokens. A user can bypass authentication and invoke Salt SSH.
FIRST-EPSS: 0.450680000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2022-36884
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2022-36884. The webhook endpoint in Jenkins Git Plugin 4.11.3 and earlier provide unauthenticated attackers information about the existence of jobs configured to use an attacker-specified Git repository.
FIRST-EPSS: 0.000750000
NVD-IS: 1.4
NVD-ES: 3.9
CVE-2022-36884
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2022-36884. The webhook endpoint in Jenkins Git Plugin 4.11.3 and earlier provide unauthenticated attackers information about the existence of jobs configured to use an attacker-specified Git repository.
FIRST-EPSS: 0.000750000
NVD-IS: 1.4
NVD-ES: 3.9