#ExploitObserverAlert
CVE-2021-4355
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2021-4355. The Welcart e-Commerce plugin for WordPress is vulnerable to authorization bypass due to missing capability checks on the download_orderdetail_list(), change_orderlist(), and download_member_list() functions called via admin_init hooks in versions up to, and including, 2.2.7. This makes it possible for unauthenticated attackers to download lists of members, products and orders.
FIRST-EPSS: 0.000720000
NVD-IS: 1.4
NVD-ES: 3.9
CVE-2021-4355
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2021-4355. The Welcart e-Commerce plugin for WordPress is vulnerable to authorization bypass due to missing capability checks on the download_orderdetail_list(), change_orderlist(), and download_member_list() functions called via admin_init hooks in versions up to, and including, 2.2.7. This makes it possible for unauthenticated attackers to download lists of members, products and orders.
FIRST-EPSS: 0.000720000
NVD-IS: 1.4
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2021-26855
DESCRIPTION: Exploit Observer has 190 entries related to CVE-2021-26855. Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-26412, CVE-2021-26854, CVE-2021-26857, CVE-2021-26858, CVE-2021-27065, CVE-2021-27078.
FIRST-EPSS: 0.975300000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2021-26855
DESCRIPTION: Exploit Observer has 190 entries related to CVE-2021-26855. Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-26412, CVE-2021-26854, CVE-2021-26857, CVE-2021-26858, CVE-2021-27065, CVE-2021-27078.
FIRST-EPSS: 0.975300000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2022-27943
DESCRIPTION: Exploit Observer has 6 entries related to CVE-2022-27943. libiberty/rust-demangle.c in GNU GCC 11.2 allows stack consumption in demangle_const, as demonstrated by nm-new.
FIRST-EPSS: 0.000610000
NVD-IS: 3.6
NVD-ES: 1.8
CVE-2022-27943
DESCRIPTION: Exploit Observer has 6 entries related to CVE-2022-27943. libiberty/rust-demangle.c in GNU GCC 11.2 allows stack consumption in demangle_const, as demonstrated by nm-new.
FIRST-EPSS: 0.000610000
NVD-IS: 3.6
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2020-9715
DESCRIPTION: Exploit Observer has 9 entries related to CVE-2020-9715. Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and earlier, and 2015.006.30523 and earlier have an use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution .
FIRST-EPSS: 0.387920000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2020-9715
DESCRIPTION: Exploit Observer has 9 entries related to CVE-2020-9715. Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and earlier, and 2015.006.30523 and earlier have an use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution .
FIRST-EPSS: 0.387920000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2019-12272
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2019-12272. In OpenWrt LuCI through 0.10, the endpoints admin/status/realtime/bandwidth_status and admin/status/realtime/wireless_status of the web application are affected by a command injection vulnerability.
FIRST-EPSS: 0.001290000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2019-12272
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2019-12272. In OpenWrt LuCI through 0.10, the endpoints admin/status/realtime/bandwidth_status and admin/status/realtime/wireless_status of the web application are affected by a command injection vulnerability.
FIRST-EPSS: 0.001290000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2019-15642
DESCRIPTION: Exploit Observer has 21 entries related to CVE-2019-15642. rpc.cgi in Webmin through 1.920 allows authenticated Remote Code Execution via a crafted object name because unserialise_variable makes an eval call. NOTE: the Webmin_Servers_Index documentation states "RPC can be used to run any command or modify any file on a server, which is why access to it must not be granted to un-trusted Webmin users."
FIRST-EPSS: 0.269940000
NVD-IS: 5.9
NVD-ES: 2.8
CVE-2019-15642
DESCRIPTION: Exploit Observer has 21 entries related to CVE-2019-15642. rpc.cgi in Webmin through 1.920 allows authenticated Remote Code Execution via a crafted object name because unserialise_variable makes an eval call. NOTE: the Webmin_Servers_Index documentation states "RPC can be used to run any command or modify any file on a server, which is why access to it must not be granted to un-trusted Webmin users."
FIRST-EPSS: 0.269940000
NVD-IS: 5.9
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2022-0847
DESCRIPTION: Exploit Observer has 349 entries related to CVE-2022-0847. A flaw was found in the way the "flags" member of the new pipe buffer structure was lacking proper initialization in copy_page_to_iter_pipe and push_pipe functions in the Linux kernel and could thus contain stale values. An unprivileged local user could use this flaw to write to pages in the page cache backed by read only files and as such escalate their privileges on the system.
FIRST-EPSS: 0.075840000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2022-0847
DESCRIPTION: Exploit Observer has 349 entries related to CVE-2022-0847. A flaw was found in the way the "flags" member of the new pipe buffer structure was lacking proper initialization in copy_page_to_iter_pipe and push_pipe functions in the Linux kernel and could thus contain stale values. An unprivileged local user could use this flaw to write to pages in the page cache backed by read only files and as such escalate their privileges on the system.
FIRST-EPSS: 0.075840000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2018-9995
DESCRIPTION: Exploit Observer has 103 entries related to CVE-2018-9995. TBK DVR4104 and DVR4216 devices, as well as Novo, CeNova, QSee, Pulnix, XVR 5 in 1, Securus, Night OWL, DVR Login, HVR Login, and MDVR Login, which run re-branded versions of the original TBK DVR4104 and DVR4216 series, allow remote attackers to bypass authentication via a "Cookie: uid=admin" header, as demonstrated by a device.rsp?opt=user
CVE-2018-9995
DESCRIPTION: Exploit Observer has 103 entries related to CVE-2018-9995. TBK DVR4104 and DVR4216 devices, as well as Novo, CeNova, QSee, Pulnix, XVR 5 in 1, Securus, Night OWL, DVR Login, HVR Login, and MDVR Login, which run re-branded versions of the original TBK DVR4104 and DVR4216 series, allow remote attackers to bypass authentication via a "Cookie: uid=admin" header, as demonstrated by a device.rsp?opt=user
#ExploitObserverAlert
CVE-2023-2953
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-2953. A vulnerability was found in openldap. This security flaw causes a null pointer dereference in ber_memalloc_x() function.
FIRST-EPSS: 0.004070000
NVD-IS: 3.6
NVD-ES: 3.9
CVE-2023-2953
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-2953. A vulnerability was found in openldap. This security flaw causes a null pointer dereference in ber_memalloc_x() function.
FIRST-EPSS: 0.004070000
NVD-IS: 3.6
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2018-13382
DESCRIPTION: Exploit Observer has 13 entries related to CVE-2018-13382. An Improper Authorization vulnerability in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.0 to 5.6.8 and 5.4.1 to 5.4.10 and FortiProxy 2.0.0, 1.2.0 to 1.2.8, 1.1.0 to 1.1.6, 1.0.0 to 1.0.7 under SSL VPN web portal allows an unauthenticated attacker to modify the password of an SSL VPN web portal user via specially crafted HTTP requests
FIRST-EPSS: 0.895730000
NVD-IS: 3.6
NVD-ES: 3.9
CVE-2018-13382
DESCRIPTION: Exploit Observer has 13 entries related to CVE-2018-13382. An Improper Authorization vulnerability in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.0 to 5.6.8 and 5.4.1 to 5.4.10 and FortiProxy 2.0.0, 1.2.0 to 1.2.8, 1.1.0 to 1.1.6, 1.0.0 to 1.0.7 under SSL VPN web portal allows an unauthenticated attacker to modify the password of an SSL VPN web portal user via specially crafted HTTP requests
FIRST-EPSS: 0.895730000
NVD-IS: 3.6
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2021-31166
DESCRIPTION: Exploit Observer has 49 entries related to CVE-2021-31166. HTTP Protocol Stack Remote Code Execution Vulnerability
FIRST-EPSS: 0.972300000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2021-31166
DESCRIPTION: Exploit Observer has 49 entries related to CVE-2021-31166. HTTP Protocol Stack Remote Code Execution Vulnerability
FIRST-EPSS: 0.972300000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2018-15473
DESCRIPTION: Exploit Observer has 128 entries related to CVE-2018-15473. OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed, related to auth2-gss.c, auth2-hostbased.c, and auth2-pubkey.c.
FIRST-EPSS: 0.032470000
NVD-IS: 1.4
NVD-ES: 3.9
CVE-2018-15473
DESCRIPTION: Exploit Observer has 128 entries related to CVE-2018-15473. OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed, related to auth2-gss.c, auth2-hostbased.c, and auth2-pubkey.c.
FIRST-EPSS: 0.032470000
NVD-IS: 1.4
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2016-5195
DESCRIPTION: Exploit Observer has 544 entries related to CVE-2016-5195. Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by leveraging incorrect handling of a copy-on-write (COW) feature to write to a read-only memory mapping, as exploited in the wild in October 2016, aka "Dirty COW."
FIRST-EPSS: 0.879360000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2016-5195
DESCRIPTION: Exploit Observer has 544 entries related to CVE-2016-5195. Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by leveraging incorrect handling of a copy-on-write (COW) feature to write to a read-only memory mapping, as exploited in the wild in October 2016, aka "Dirty COW."
FIRST-EPSS: 0.879360000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2017-9791
DESCRIPTION: Exploit Observer has 46 entries related to CVE-2017-9791. The Struts 1 plugin in Apache Struts 2.1.x and 2.3.x might allow remote code execution via a malicious field value passed in a raw message to the ActionMessage.
FIRST-EPSS: 0.974480000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2017-9791
DESCRIPTION: Exploit Observer has 46 entries related to CVE-2017-9791. The Struts 1 plugin in Apache Struts 2.1.x and 2.3.x might allow remote code execution via a malicious field value passed in a raw message to the ActionMessage.
FIRST-EPSS: 0.974480000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2017-9805
DESCRIPTION: Exploit Observer has 143 entries related to CVE-2017-9805. The REST Plugin in Apache Struts 2.1.1 through 2.3.x before 2.3.34 and 2.5.x before 2.5.13 uses an XStreamHandler with an instance of XStream for deserialization without any type filtering, which can lead to Remote Code Execution when deserializing XML payloads.
FIRST-EPSS: 0.975450000
NVD-IS: 5.9
NVD-ES: 2.2
CVE-2017-9805
DESCRIPTION: Exploit Observer has 143 entries related to CVE-2017-9805. The REST Plugin in Apache Struts 2.1.1 through 2.3.x before 2.3.34 and 2.5.x before 2.5.13 uses an XStreamHandler with an instance of XStream for deserialization without any type filtering, which can lead to Remote Code Execution when deserializing XML payloads.
FIRST-EPSS: 0.975450000
NVD-IS: 5.9
NVD-ES: 2.2
#ExploitObserverAlert
CVE-2020-22916
DESCRIPTION: Exploit Observer has 8 entries related to CVE-2020-22916. ** DISPUTED ** An issue discovered in XZ 5.2.5 allows attackers to cause a denial of service via decompression of a crafted file. NOTE: the vendor disputes the claims of "endless output" and "denial of service" because decompression of the 17,486 bytes always results in 114,881,179 bytes, which is often a reasonable size increase.
FIRST-EPSS: 0.000530000
NVD-IS: 3.6
NVD-ES: 1.8
CVE-2020-22916
DESCRIPTION: Exploit Observer has 8 entries related to CVE-2020-22916. ** DISPUTED ** An issue discovered in XZ 5.2.5 allows attackers to cause a denial of service via decompression of a crafted file. NOTE: the vendor disputes the claims of "endless output" and "denial of service" because decompression of the 17,486 bytes always results in 114,881,179 bytes, which is often a reasonable size increase.
FIRST-EPSS: 0.000530000
NVD-IS: 3.6
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2019-2725
DESCRIPTION: Exploit Observer has 162 entries related to CVE-2019-2725. Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Web Services). Supported versions that are affected are 10.3.6.0.0 and 12.1.3.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.0 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).
FIRST-EPSS: 0.975620000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2019-2725
DESCRIPTION: Exploit Observer has 162 entries related to CVE-2019-2725. Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Web Services). Supported versions that are affected are 10.3.6.0.0 and 12.1.3.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.0 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).
FIRST-EPSS: 0.975620000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2020-36179
DESCRIPTION: Exploit Observer has 18 entries related to CVE-2020-36179. FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to oadd.org.apache.commons.dbcp.cpdsadapter.DriverAdapterCPDS.
FIRST-EPSS: 0.003570000
NVD-IS: 5.9
NVD-ES: 2.2
CVE-2020-36179
DESCRIPTION: Exploit Observer has 18 entries related to CVE-2020-36179. FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to oadd.org.apache.commons.dbcp.cpdsadapter.DriverAdapterCPDS.
FIRST-EPSS: 0.003570000
NVD-IS: 5.9
NVD-ES: 2.2
#ExploitObserverAlert
CVE-2023-3817
DESCRIPTION: Exploit Observer has 6 entries related to CVE-2023-3817. Issue summary: Checking excessively long DH keys or parameters may be very slow.
Impact summary: Applications that use the functions DH_check(), DH_check_ex()
or EVP_PKEY_param_check() to check a DH key or DH parameters may experience long
delays. Where the key or parameters that are being checked have been obtained
from an untrusted source this may lead to a Denial of Service.
The function DH_check() performs various checks on DH parameters. After fixing
CVE-2023-3446 it was discovered that a large q parameter value can also trigger
an overly long computation during some of these checks. A correct q value,
if present, cannot be larger than the modulus p parameter, thus it is
unnecessary to perform these checks if q is larger than p.
An application that calls DH_check() and supplies a key or parameters obtained
from an untrusted source could be vulnerable to a Denial of Service attack.
The function DH_check() is itself called by a number of other OpenSSL functions.
An application calling any of those other functions may similarly be affected.
The other functions affected by this are DH_check_ex() and
EVP_PKEY_param_check().
Also vulnerable are the OpenSSL dhparam and pkeyparam command line applications
when using the "-check" option.
The OpenSSL SSL/TLS implementation is not affected by this issue.
The OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue.
FIRST-EPSS: 0.001640000
NVD-IS: 1.4
NVD-ES: 3.9
CVE-2023-3817
DESCRIPTION: Exploit Observer has 6 entries related to CVE-2023-3817. Issue summary: Checking excessively long DH keys or parameters may be very slow.
Impact summary: Applications that use the functions DH_check(), DH_check_ex()
or EVP_PKEY_param_check() to check a DH key or DH parameters may experience long
delays. Where the key or parameters that are being checked have been obtained
from an untrusted source this may lead to a Denial of Service.
The function DH_check() performs various checks on DH parameters. After fixing
CVE-2023-3446 it was discovered that a large q parameter value can also trigger
an overly long computation during some of these checks. A correct q value,
if present, cannot be larger than the modulus p parameter, thus it is
unnecessary to perform these checks if q is larger than p.
An application that calls DH_check() and supplies a key or parameters obtained
from an untrusted source could be vulnerable to a Denial of Service attack.
The function DH_check() is itself called by a number of other OpenSSL functions.
An application calling any of those other functions may similarly be affected.
The other functions affected by this are DH_check_ex() and
EVP_PKEY_param_check().
Also vulnerable are the OpenSSL dhparam and pkeyparam command line applications
when using the "-check" option.
The OpenSSL SSL/TLS implementation is not affected by this issue.
The OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue.
FIRST-EPSS: 0.001640000
NVD-IS: 1.4
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2019-8449
DESCRIPTION: Exploit Observer has 36 entries related to CVE-2019-8449. The /rest/api/latest/groupuserpicker resource in Jira before version 8.4.0 allows remote attackers to enumerate usernames via an information disclosure vulnerability.
FIRST-EPSS: 0.244440000
NVD-IS: 1.4
NVD-ES: 3.9
CVE-2019-8449
DESCRIPTION: Exploit Observer has 36 entries related to CVE-2019-8449. The /rest/api/latest/groupuserpicker resource in Jira before version 8.4.0 allows remote attackers to enumerate usernames via an information disclosure vulnerability.
FIRST-EPSS: 0.244440000
NVD-IS: 1.4
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2020-11651
DESCRIPTION: Exploit Observer has 73 entries related to CVE-2020-11651. An issue was discovered in SaltStack Salt before 2019.2.4 and 3000 before 3000.2. The salt-master process ClearFuncs class does not properly validate method calls. This allows a remote user to access some methods without authentication. These methods can be used to retrieve user tokens from the salt master and/or run arbitrary commands on salt minions.
FIRST-EPSS: 0.974930000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2020-11651
DESCRIPTION: Exploit Observer has 73 entries related to CVE-2020-11651. An issue was discovered in SaltStack Salt before 2019.2.4 and 3000 before 3000.2. The salt-master process ClearFuncs class does not properly validate method calls. This allows a remote user to access some methods without authentication. These methods can be used to retrieve user tokens from the salt master and/or run arbitrary commands on salt minions.
FIRST-EPSS: 0.974930000
NVD-IS: 5.9
NVD-ES: 3.9