#ExploitObserverAlert
CVE-2018-15473
DESCRIPTION: Exploit Observer has 128 entries related to CVE-2018-15473. OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed, related to auth2-gss.c, auth2-hostbased.c, and auth2-pubkey.c.
FIRST-EPSS: 0.032470000
NVD-IS: 1.4
NVD-ES: 3.9
CVE-2018-15473
DESCRIPTION: Exploit Observer has 128 entries related to CVE-2018-15473. OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed, related to auth2-gss.c, auth2-hostbased.c, and auth2-pubkey.c.
FIRST-EPSS: 0.032470000
NVD-IS: 1.4
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2016-5195
DESCRIPTION: Exploit Observer has 544 entries related to CVE-2016-5195. Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by leveraging incorrect handling of a copy-on-write (COW) feature to write to a read-only memory mapping, as exploited in the wild in October 2016, aka "Dirty COW."
FIRST-EPSS: 0.879360000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2016-5195
DESCRIPTION: Exploit Observer has 544 entries related to CVE-2016-5195. Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by leveraging incorrect handling of a copy-on-write (COW) feature to write to a read-only memory mapping, as exploited in the wild in October 2016, aka "Dirty COW."
FIRST-EPSS: 0.879360000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2017-9791
DESCRIPTION: Exploit Observer has 46 entries related to CVE-2017-9791. The Struts 1 plugin in Apache Struts 2.1.x and 2.3.x might allow remote code execution via a malicious field value passed in a raw message to the ActionMessage.
FIRST-EPSS: 0.974480000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2017-9791
DESCRIPTION: Exploit Observer has 46 entries related to CVE-2017-9791. The Struts 1 plugin in Apache Struts 2.1.x and 2.3.x might allow remote code execution via a malicious field value passed in a raw message to the ActionMessage.
FIRST-EPSS: 0.974480000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2017-9805
DESCRIPTION: Exploit Observer has 143 entries related to CVE-2017-9805. The REST Plugin in Apache Struts 2.1.1 through 2.3.x before 2.3.34 and 2.5.x before 2.5.13 uses an XStreamHandler with an instance of XStream for deserialization without any type filtering, which can lead to Remote Code Execution when deserializing XML payloads.
FIRST-EPSS: 0.975450000
NVD-IS: 5.9
NVD-ES: 2.2
CVE-2017-9805
DESCRIPTION: Exploit Observer has 143 entries related to CVE-2017-9805. The REST Plugin in Apache Struts 2.1.1 through 2.3.x before 2.3.34 and 2.5.x before 2.5.13 uses an XStreamHandler with an instance of XStream for deserialization without any type filtering, which can lead to Remote Code Execution when deserializing XML payloads.
FIRST-EPSS: 0.975450000
NVD-IS: 5.9
NVD-ES: 2.2
#ExploitObserverAlert
CVE-2020-22916
DESCRIPTION: Exploit Observer has 8 entries related to CVE-2020-22916. ** DISPUTED ** An issue discovered in XZ 5.2.5 allows attackers to cause a denial of service via decompression of a crafted file. NOTE: the vendor disputes the claims of "endless output" and "denial of service" because decompression of the 17,486 bytes always results in 114,881,179 bytes, which is often a reasonable size increase.
FIRST-EPSS: 0.000530000
NVD-IS: 3.6
NVD-ES: 1.8
CVE-2020-22916
DESCRIPTION: Exploit Observer has 8 entries related to CVE-2020-22916. ** DISPUTED ** An issue discovered in XZ 5.2.5 allows attackers to cause a denial of service via decompression of a crafted file. NOTE: the vendor disputes the claims of "endless output" and "denial of service" because decompression of the 17,486 bytes always results in 114,881,179 bytes, which is often a reasonable size increase.
FIRST-EPSS: 0.000530000
NVD-IS: 3.6
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2019-2725
DESCRIPTION: Exploit Observer has 162 entries related to CVE-2019-2725. Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Web Services). Supported versions that are affected are 10.3.6.0.0 and 12.1.3.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.0 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).
FIRST-EPSS: 0.975620000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2019-2725
DESCRIPTION: Exploit Observer has 162 entries related to CVE-2019-2725. Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Web Services). Supported versions that are affected are 10.3.6.0.0 and 12.1.3.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.0 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).
FIRST-EPSS: 0.975620000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2020-36179
DESCRIPTION: Exploit Observer has 18 entries related to CVE-2020-36179. FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to oadd.org.apache.commons.dbcp.cpdsadapter.DriverAdapterCPDS.
FIRST-EPSS: 0.003570000
NVD-IS: 5.9
NVD-ES: 2.2
CVE-2020-36179
DESCRIPTION: Exploit Observer has 18 entries related to CVE-2020-36179. FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to oadd.org.apache.commons.dbcp.cpdsadapter.DriverAdapterCPDS.
FIRST-EPSS: 0.003570000
NVD-IS: 5.9
NVD-ES: 2.2
#ExploitObserverAlert
CVE-2023-3817
DESCRIPTION: Exploit Observer has 6 entries related to CVE-2023-3817. Issue summary: Checking excessively long DH keys or parameters may be very slow.
Impact summary: Applications that use the functions DH_check(), DH_check_ex()
or EVP_PKEY_param_check() to check a DH key or DH parameters may experience long
delays. Where the key or parameters that are being checked have been obtained
from an untrusted source this may lead to a Denial of Service.
The function DH_check() performs various checks on DH parameters. After fixing
CVE-2023-3446 it was discovered that a large q parameter value can also trigger
an overly long computation during some of these checks. A correct q value,
if present, cannot be larger than the modulus p parameter, thus it is
unnecessary to perform these checks if q is larger than p.
An application that calls DH_check() and supplies a key or parameters obtained
from an untrusted source could be vulnerable to a Denial of Service attack.
The function DH_check() is itself called by a number of other OpenSSL functions.
An application calling any of those other functions may similarly be affected.
The other functions affected by this are DH_check_ex() and
EVP_PKEY_param_check().
Also vulnerable are the OpenSSL dhparam and pkeyparam command line applications
when using the "-check" option.
The OpenSSL SSL/TLS implementation is not affected by this issue.
The OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue.
FIRST-EPSS: 0.001640000
NVD-IS: 1.4
NVD-ES: 3.9
CVE-2023-3817
DESCRIPTION: Exploit Observer has 6 entries related to CVE-2023-3817. Issue summary: Checking excessively long DH keys or parameters may be very slow.
Impact summary: Applications that use the functions DH_check(), DH_check_ex()
or EVP_PKEY_param_check() to check a DH key or DH parameters may experience long
delays. Where the key or parameters that are being checked have been obtained
from an untrusted source this may lead to a Denial of Service.
The function DH_check() performs various checks on DH parameters. After fixing
CVE-2023-3446 it was discovered that a large q parameter value can also trigger
an overly long computation during some of these checks. A correct q value,
if present, cannot be larger than the modulus p parameter, thus it is
unnecessary to perform these checks if q is larger than p.
An application that calls DH_check() and supplies a key or parameters obtained
from an untrusted source could be vulnerable to a Denial of Service attack.
The function DH_check() is itself called by a number of other OpenSSL functions.
An application calling any of those other functions may similarly be affected.
The other functions affected by this are DH_check_ex() and
EVP_PKEY_param_check().
Also vulnerable are the OpenSSL dhparam and pkeyparam command line applications
when using the "-check" option.
The OpenSSL SSL/TLS implementation is not affected by this issue.
The OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue.
FIRST-EPSS: 0.001640000
NVD-IS: 1.4
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2019-8449
DESCRIPTION: Exploit Observer has 36 entries related to CVE-2019-8449. The /rest/api/latest/groupuserpicker resource in Jira before version 8.4.0 allows remote attackers to enumerate usernames via an information disclosure vulnerability.
FIRST-EPSS: 0.244440000
NVD-IS: 1.4
NVD-ES: 3.9
CVE-2019-8449
DESCRIPTION: Exploit Observer has 36 entries related to CVE-2019-8449. The /rest/api/latest/groupuserpicker resource in Jira before version 8.4.0 allows remote attackers to enumerate usernames via an information disclosure vulnerability.
FIRST-EPSS: 0.244440000
NVD-IS: 1.4
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2020-11651
DESCRIPTION: Exploit Observer has 73 entries related to CVE-2020-11651. An issue was discovered in SaltStack Salt before 2019.2.4 and 3000 before 3000.2. The salt-master process ClearFuncs class does not properly validate method calls. This allows a remote user to access some methods without authentication. These methods can be used to retrieve user tokens from the salt master and/or run arbitrary commands on salt minions.
FIRST-EPSS: 0.974930000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2020-11651
DESCRIPTION: Exploit Observer has 73 entries related to CVE-2020-11651. An issue was discovered in SaltStack Salt before 2019.2.4 and 3000 before 3000.2. The salt-master process ClearFuncs class does not properly validate method calls. This allows a remote user to access some methods without authentication. These methods can be used to retrieve user tokens from the salt master and/or run arbitrary commands on salt minions.
FIRST-EPSS: 0.974930000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2011-2005
DESCRIPTION: Exploit Observer has 15 entries related to CVE-2011-2005. afd.sys in the Ancillary Function Driver in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 does not properly validate user-mode input passed to kernel mode, which allows local users to gain privileges via a crafted application, aka "Ancillary Function Driver Elevation of Privilege Vulnerability."
FIRST-EPSS: 0.000570000
NVD-IS: 10.0
NVD-ES: 3.9
CVE-2011-2005
DESCRIPTION: Exploit Observer has 15 entries related to CVE-2011-2005. afd.sys in the Ancillary Function Driver in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 does not properly validate user-mode input passed to kernel mode, which allows local users to gain privileges via a crafted application, aka "Ancillary Function Driver Elevation of Privilege Vulnerability."
FIRST-EPSS: 0.000570000
NVD-IS: 10.0
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2019-3396
DESCRIPTION: Exploit Observer has 106 entries related to CVE-2019-3396. The Widget Connector macro in Atlassian Confluence Server before version 6.6.12 (the fixed version for 6.6.x), from version 6.7.0 before 6.12.3 (the fixed version for 6.12.x), from version 6.13.0 before 6.13.3 (the fixed version for 6.13.x), and from version 6.14.0 before 6.14.2 (the fixed version for 6.14.x), allows remote attackers to achieve path traversal and remote code execution on a Confluence Server or Data Center instance via server-side template injection.
FIRST-EPSS: 0.975040000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2019-3396
DESCRIPTION: Exploit Observer has 106 entries related to CVE-2019-3396. The Widget Connector macro in Atlassian Confluence Server before version 6.6.12 (the fixed version for 6.6.x), from version 6.7.0 before 6.12.3 (the fixed version for 6.12.x), from version 6.13.0 before 6.13.3 (the fixed version for 6.13.x), and from version 6.14.0 before 6.14.2 (the fixed version for 6.14.x), allows remote attackers to achieve path traversal and remote code execution on a Confluence Server or Data Center instance via server-side template injection.
FIRST-EPSS: 0.975040000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2022-20338
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2022-20338. In HierarchicalUri.readFrom of Uri.java, there is a possible way to craft a malformed Uri object due to improper input validation. This could lead to a local escalation of privilege, preventing processes from validating URIs correctly, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12LAndroid ID: A-171966843
FIRST-EPSS: 0.000420000
NVD-IS: 1.4
NVD-ES: 1.8
CVE-2022-20338
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2022-20338. In HierarchicalUri.readFrom of Uri.java, there is a possible way to craft a malformed Uri object due to improper input validation. This could lead to a local escalation of privilege, preventing processes from validating URIs correctly, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12LAndroid ID: A-171966843
FIRST-EPSS: 0.000420000
NVD-IS: 1.4
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2021-27850
DESCRIPTION: Exploit Observer has 14 entries related to CVE-2021-27850. A critical unauthenticated remote code execution vulnerability was found all recent versions of Apache Tapestry. The affected versions include 5.4.5, 5.5.0, 5.6.2 and 5.7.0. The vulnerability I have found is a bypass of the fix for CVE-2019-0195. Recap: Before the fix of CVE-2019-0195 it was possible to download arbitrary class files from the classpath by providing a crafted asset file URL. An attacker was able to download the file `AppModule.class` by requesting the URL `http://localhost:8080/assets/something/services/AppModule.class` which contains a HMAC secret key. The fix for that bug was a blacklist filter that checks if the URL ends with `.class`, `.properties` or `.xml`. Bypass: Unfortunately, the blacklist solution can simply be bypassed by appending a `/` at the end of the URL: `http://localhost:8080/assets/something/services/AppModule.class/` The slash is stripped after the blacklist check and the file `AppModule.class` is loaded into the response. This class usually contains the HMAC secret key which is used to sign serialized Java objects. With the knowledge of that key an attacker can sign a Java gadget chain that leads to RCE (e.g. CommonsBeanUtils1 from ysoserial). Solution for this vulnerability: * For Apache Tapestry 5.4.0 to 5.6.1, upgrade to 5.6.2 or later. * For Apache Tapestry 5.7.0, upgrade to 5.7.1 or later.
FIRST-EPSS: 0.974140000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2021-27850
DESCRIPTION: Exploit Observer has 14 entries related to CVE-2021-27850. A critical unauthenticated remote code execution vulnerability was found all recent versions of Apache Tapestry. The affected versions include 5.4.5, 5.5.0, 5.6.2 and 5.7.0. The vulnerability I have found is a bypass of the fix for CVE-2019-0195. Recap: Before the fix of CVE-2019-0195 it was possible to download arbitrary class files from the classpath by providing a crafted asset file URL. An attacker was able to download the file `AppModule.class` by requesting the URL `http://localhost:8080/assets/something/services/AppModule.class` which contains a HMAC secret key. The fix for that bug was a blacklist filter that checks if the URL ends with `.class`, `.properties` or `.xml`. Bypass: Unfortunately, the blacklist solution can simply be bypassed by appending a `/` at the end of the URL: `http://localhost:8080/assets/something/services/AppModule.class/` The slash is stripped after the blacklist check and the file `AppModule.class` is loaded into the response. This class usually contains the HMAC secret key which is used to sign serialized Java objects. With the knowledge of that key an attacker can sign a Java gadget chain that leads to RCE (e.g. CommonsBeanUtils1 from ysoserial). Solution for this vulnerability: * For Apache Tapestry 5.4.0 to 5.6.1, upgrade to 5.6.2 or later. * For Apache Tapestry 5.7.0, upgrade to 5.7.1 or later.
FIRST-EPSS: 0.974140000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2019-12409
DESCRIPTION: Exploit Observer has 26 entries related to CVE-2019-12409. The 8.1.1 and 8.2.0 releases of Apache Solr contain an insecure setting for the ENABLE_REMOTE_JMX_OPTS configuration option in the default solr.in.sh configuration file shipping with Solr. If you use the default solr.in.sh file from the affected releases, then JMX monitoring will be enabled and exposed on RMI_PORT (default=18983), without any authentication. If this port is opened for inbound traffic in your firewall, then anyone with network access to your Solr nodes will be able to access JMX, which may in turn allow them to upload malicious code for execution on the Solr server.
FIRST-EPSS: 0.057530000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2019-12409
DESCRIPTION: Exploit Observer has 26 entries related to CVE-2019-12409. The 8.1.1 and 8.2.0 releases of Apache Solr contain an insecure setting for the ENABLE_REMOTE_JMX_OPTS configuration option in the default solr.in.sh configuration file shipping with Solr. If you use the default solr.in.sh file from the affected releases, then JMX monitoring will be enabled and exposed on RMI_PORT (default=18983), without any authentication. If this port is opened for inbound traffic in your firewall, then anyone with network access to your Solr nodes will be able to access JMX, which may in turn allow them to upload malicious code for execution on the Solr server.
FIRST-EPSS: 0.057530000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2022-3602
DESCRIPTION: Exploit Observer has 94 entries related to CVE-2022-3602. A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed the malicious certificate or for the application to continue certificate verification despite failure to construct a path to a trusted issuer. An attacker can craft a malicious email address to overflow four attacker-controlled bytes on the stack. This buffer overflow could result in a crash (causing a denial of service) or potentially remote code execution. Many platforms implement stack overflow protections which would mitigate against the risk of remote code execution. The risk may be further mitigated based on stack layout for any given platform/compiler. Pre-announcements of CVE-2022-3602 described this issue as CRITICAL. Further analysis based on some of the mitigating factors described above have led this to be downgraded to HIGH. Users are still encouraged to upgrade to a new version as soon as possible. In a TLS client, this can be triggered by connecting to a malicious server. In a TLS server, this can be triggered if the server requests client authentication and a malicious client connects. Fixed in OpenSSL 3.0.7 (Affected 3.0.0,3.0.1,3.0.2,3.0.3,3.0.4,3.0.5,3.0.6).
FIRST-EPSS: 0.023270000
NVD-IS: 3.6
NVD-ES: 3.9
CVE-2022-3602
DESCRIPTION: Exploit Observer has 94 entries related to CVE-2022-3602. A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed the malicious certificate or for the application to continue certificate verification despite failure to construct a path to a trusted issuer. An attacker can craft a malicious email address to overflow four attacker-controlled bytes on the stack. This buffer overflow could result in a crash (causing a denial of service) or potentially remote code execution. Many platforms implement stack overflow protections which would mitigate against the risk of remote code execution. The risk may be further mitigated based on stack layout for any given platform/compiler. Pre-announcements of CVE-2022-3602 described this issue as CRITICAL. Further analysis based on some of the mitigating factors described above have led this to be downgraded to HIGH. Users are still encouraged to upgrade to a new version as soon as possible. In a TLS client, this can be triggered by connecting to a malicious server. In a TLS server, this can be triggered if the server requests client authentication and a malicious client connects. Fixed in OpenSSL 3.0.7 (Affected 3.0.0,3.0.1,3.0.2,3.0.3,3.0.4,3.0.5,3.0.6).
FIRST-EPSS: 0.023270000
NVD-IS: 3.6
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2021-42287
DESCRIPTION: Exploit Observer has 104 entries related to CVE-2021-42287. Active Directory Domain Services Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-42278, CVE-2021-42282, CVE-2021-42291.
FIRST-EPSS: 0.926130000
NVD-IS: 5.9
NVD-ES: 2.8
CVE-2021-42287
DESCRIPTION: Exploit Observer has 104 entries related to CVE-2021-42287. Active Directory Domain Services Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-42278, CVE-2021-42282, CVE-2021-42291.
FIRST-EPSS: 0.926130000
NVD-IS: 5.9
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2021-1732
DESCRIPTION: Exploit Observer has 81 entries related to CVE-2021-1732. Windows Win32k Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-1698.
FIRST-EPSS: 0.006840000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2021-1732
DESCRIPTION: Exploit Observer has 81 entries related to CVE-2021-1732. Windows Win32k Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-1698.
FIRST-EPSS: 0.006840000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2003-0127
DESCRIPTION: Exploit Observer has 59 entries related to CVE-2003-0127. The kernel module loader in Linux kernel 2.2.x before 2.2.25, and 2.4.x before 2.4.21, allows local users to gain root privileges by using ptrace to attach to a child process that is spawned by the kernel.
FIRST-EPSS: 0.000430000
NVD-IS: 10.0
NVD-ES: 3.9
CVE-2003-0127
DESCRIPTION: Exploit Observer has 59 entries related to CVE-2003-0127. The kernel module loader in Linux kernel 2.2.x before 2.2.25, and 2.4.x before 2.4.21, allows local users to gain root privileges by using ptrace to attach to a child process that is spawned by the kernel.
FIRST-EPSS: 0.000430000
NVD-IS: 10.0
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2021-26857
DESCRIPTION: Exploit Observer has 41 entries related to CVE-2021-26857. Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-26412, CVE-2021-26854, CVE-2021-26855, CVE-2021-26858, CVE-2021-27065, CVE-2021-27078.
FIRST-EPSS: 0.456740000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2021-26857
DESCRIPTION: Exploit Observer has 41 entries related to CVE-2021-26857. Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-26412, CVE-2021-26854, CVE-2021-26855, CVE-2021-26858, CVE-2021-27065, CVE-2021-27078.
FIRST-EPSS: 0.456740000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2014-0160
DESCRIPTION: Exploit Observer has 650 entries related to CVE-2014-0160. The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as demonstrated by reading private keys, related to d1_both.c and t1_lib.c, aka the Heartbleed bug.
FIRST-EPSS: 0.975180000
NVD-IS: 3.6
NVD-ES: 3.9
CVE-2014-0160
DESCRIPTION: Exploit Observer has 650 entries related to CVE-2014-0160. The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as demonstrated by reading private keys, related to d1_both.c and t1_lib.c, aka the Heartbleed bug.
FIRST-EPSS: 0.975180000
NVD-IS: 3.6
NVD-ES: 3.9