#ExploitObserverAlert
CVE-2018-8581
DESCRIPTION: Exploit Observer has 58 entries related to CVE-2018-8581. An elevation of privilege vulnerability exists in Microsoft Exchange Server, aka "Microsoft Exchange Server Elevation of Privilege Vulnerability." This affects Microsoft Exchange Server.
FIRST-EPSS: 0.034210000
NVD-IS: 5.2
NVD-ES: 2.2
CVE-2018-8581
DESCRIPTION: Exploit Observer has 58 entries related to CVE-2018-8581. An elevation of privilege vulnerability exists in Microsoft Exchange Server, aka "Microsoft Exchange Server Elevation of Privilege Vulnerability." This affects Microsoft Exchange Server.
FIRST-EPSS: 0.034210000
NVD-IS: 5.2
NVD-ES: 2.2
#ExploitObserverAlert
CVE-2020-3153
DESCRIPTION: Exploit Observer has 25 entries related to CVE-2020-3153. A vulnerability in the installer component of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated local attacker to copy user-supplied files to system level directories with system level privileges. The vulnerability is due to the incorrect handling of directory paths. An attacker could exploit this vulnerability by creating a malicious file and copying the file to a system directory. An exploit could allow the attacker to copy malicious files to arbitrary locations with system level privileges. This could include DLL pre-loading, DLL hijacking, and other related attacks. To exploit this vulnerability, the attacker needs valid credentials on the Windows system.
FIRST-EPSS: 0.000830000
NVD-IS: 4.0
NVD-ES: 2.0
CVE-2020-3153
DESCRIPTION: Exploit Observer has 25 entries related to CVE-2020-3153. A vulnerability in the installer component of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated local attacker to copy user-supplied files to system level directories with system level privileges. The vulnerability is due to the incorrect handling of directory paths. An attacker could exploit this vulnerability by creating a malicious file and copying the file to a system directory. An exploit could allow the attacker to copy malicious files to arbitrary locations with system level privileges. This could include DLL pre-loading, DLL hijacking, and other related attacks. To exploit this vulnerability, the attacker needs valid credentials on the Windows system.
FIRST-EPSS: 0.000830000
NVD-IS: 4.0
NVD-ES: 2.0
#ExploitObserverAlert
CVE-2018-8174
DESCRIPTION: Exploit Observer has 76 entries related to CVE-2018-8174. A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka "Windows VBScript Engine Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.
FIRST-EPSS: 0.974410000
NVD-IS: 5.9
NVD-ES: 1.6
CVE-2018-8174
DESCRIPTION: Exploit Observer has 76 entries related to CVE-2018-8174. A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka "Windows VBScript Engine Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.
FIRST-EPSS: 0.974410000
NVD-IS: 5.9
NVD-ES: 1.6
#ExploitObserverAlert
CVE-2019-19781
DESCRIPTION: Exploit Observer has 193 entries related to CVE-2019-19781. An issue was discovered in Citrix Application Delivery Controller (ADC) and Gateway 10.5, 11.1, 12.0, 12.1, and 13.0. They allow Directory Traversal.
FIRST-EPSS: 0.975070000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2019-19781
DESCRIPTION: Exploit Observer has 193 entries related to CVE-2019-19781. An issue was discovered in Citrix Application Delivery Controller (ADC) and Gateway 10.5, 11.1, 12.0, 12.1, and 13.0. They allow Directory Traversal.
FIRST-EPSS: 0.975070000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2019-2890
DESCRIPTION: Exploit Observer has 54 entries related to CVE-2019-2890. Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Web Services). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0 and 12.2.1.3.0. Easily exploitable vulnerability allows high privileged attacker with network access via T3 to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.0 Base Score 7.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H).
FIRST-EPSS: 0.249110000
NVD-IS: 5.9
NVD-ES: 1.2
CVE-2019-2890
DESCRIPTION: Exploit Observer has 54 entries related to CVE-2019-2890. Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Web Services). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0 and 12.2.1.3.0. Easily exploitable vulnerability allows high privileged attacker with network access via T3 to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.0 Base Score 7.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H).
FIRST-EPSS: 0.249110000
NVD-IS: 5.9
NVD-ES: 1.2
#ExploitObserverAlert
CVE-2023-33629
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-33629. H3C Magic R300 version R300-2100MV100R004 was discovered to contain a stack overflow via the DeltriggerList interface at /goform/aspForm.
FIRST-EPSS: 0.005340000
NVD-IS: 5.9
NVD-ES: 1.2
CVE-2023-33629
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-33629. H3C Magic R300 version R300-2100MV100R004 was discovered to contain a stack overflow via the DeltriggerList interface at /goform/aspForm.
FIRST-EPSS: 0.005340000
NVD-IS: 5.9
NVD-ES: 1.2
#ExploitObserverAlert
CVE-2023-2975
DESCRIPTION: Exploit Observer has 4 entries related to CVE-2023-2975. Issue summary: The AES-SIV cipher implementation contains a bug that causes
it to ignore empty associated data entries which are unauthenticated as
a consequence.
Impact summary: Applications that use the AES-SIV algorithm and want to
authenticate empty data entries as associated data can be mislead by removing
adding or reordering such empty entries as these are ignored by the OpenSSL
implementation. We are currently unaware of any such applications.
The AES-SIV algorithm allows for authentication of multiple associated
data entries along with the encryption. To authenticate empty data the
application has to call EVP_EncryptUpdate() (or EVP_CipherUpdate()) with
NULL pointer as the output buffer and 0 as the input buffer length.
The AES-SIV implementation in OpenSSL just returns success for such a call
instead of performing the associated data authentication operation.
The empty data thus will not be authenticated.
As this issue does not affect non-empty associated data authentication and
we expect it to be rare for an application to use empty associated data
entries this is qualified as Low severity issue.
FIRST-EPSS: 0.002780000
NVD-IS: 1.4
NVD-ES: 3.9
CVE-2023-2975
DESCRIPTION: Exploit Observer has 4 entries related to CVE-2023-2975. Issue summary: The AES-SIV cipher implementation contains a bug that causes
it to ignore empty associated data entries which are unauthenticated as
a consequence.
Impact summary: Applications that use the AES-SIV algorithm and want to
authenticate empty data entries as associated data can be mislead by removing
adding or reordering such empty entries as these are ignored by the OpenSSL
implementation. We are currently unaware of any such applications.
The AES-SIV algorithm allows for authentication of multiple associated
data entries along with the encryption. To authenticate empty data the
application has to call EVP_EncryptUpdate() (or EVP_CipherUpdate()) with
NULL pointer as the output buffer and 0 as the input buffer length.
The AES-SIV implementation in OpenSSL just returns success for such a call
instead of performing the associated data authentication operation.
The empty data thus will not be authenticated.
As this issue does not affect non-empty associated data authentication and
we expect it to be rare for an application to use empty associated data
entries this is qualified as Low severity issue.
FIRST-EPSS: 0.002780000
NVD-IS: 1.4
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2017-18635
DESCRIPTION: Exploit Observer has 14 entries related to CVE-2017-18635. An XSS vulnerability was discovered in noVNC before 0.6.2 in which the remote VNC server could inject arbitrary HTML into the noVNC web page via the messages propagated to the status field, such as the VNC server name.
FIRST-EPSS: 0.005060000
NVD-IS: 2.7
NVD-ES: 2.8
CVE-2017-18635
DESCRIPTION: Exploit Observer has 14 entries related to CVE-2017-18635. An XSS vulnerability was discovered in noVNC before 0.6.2 in which the remote VNC server could inject arbitrary HTML into the noVNC web page via the messages propagated to the status field, such as the VNC server name.
FIRST-EPSS: 0.005060000
NVD-IS: 2.7
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2017-8759
DESCRIPTION: Exploit Observer has 116 entries related to CVE-2017-8759. Microsoft .NET Framework 2.0, 3.5, 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2 and 4.7 allow an attacker to execute code remotely via a malicious document or application, aka ".NET Framework Remote Code Execution Vulnerability."
FIRST-EPSS: 0.970420000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2017-8759
DESCRIPTION: Exploit Observer has 116 entries related to CVE-2017-8759. Microsoft .NET Framework 2.0, 3.5, 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2 and 4.7 allow an attacker to execute code remotely via a malicious document or application, aka ".NET Framework Remote Code Execution Vulnerability."
FIRST-EPSS: 0.970420000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2022-3715
DESCRIPTION: Exploit Observer has 10 entries related to CVE-2022-3715. A flaw was found in the bash package, where a heap-buffer overflow can occur in valid parameter_transform. This issue may lead to memory problems.
FIRST-EPSS: 0.000430000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2022-3715
DESCRIPTION: Exploit Observer has 10 entries related to CVE-2022-3715. A flaw was found in the bash package, where a heap-buffer overflow can occur in valid parameter_transform. This issue may lead to memory problems.
FIRST-EPSS: 0.000430000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2021-34558
DESCRIPTION: Exploit Observer has 25 entries related to CVE-2021-34558. The crypto/tls package of Go through 1.16.5 does not properly assert that the type of public key in an X.509 certificate matches the expected type when doing a RSA based key exchange, allowing a malicious TLS server to cause a TLS client to panic.
FIRST-EPSS: 0.002550000
NVD-IS: 3.6
NVD-ES: 2.8
CVE-2021-34558
DESCRIPTION: Exploit Observer has 25 entries related to CVE-2021-34558. The crypto/tls package of Go through 1.16.5 does not properly assert that the type of public key in an X.509 certificate matches the expected type when doing a RSA based key exchange, allowing a malicious TLS server to cause a TLS client to panic.
FIRST-EPSS: 0.002550000
NVD-IS: 3.6
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2023-4016
DESCRIPTION: Exploit Observer has 4 entries related to CVE-2023-4016. Under some circumstances, this weakness allows a user who has access to run the “ps” utility on a machine, the ability to write almost unlimited amounts of unfiltered data into the process heap.
FIRST-EPSS: 0.000430000
NVD-IS: 3.6
NVD-ES: 1.8
CVE-2023-4016
DESCRIPTION: Exploit Observer has 4 entries related to CVE-2023-4016. Under some circumstances, this weakness allows a user who has access to run the “ps” utility on a machine, the ability to write almost unlimited amounts of unfiltered data into the process heap.
FIRST-EPSS: 0.000430000
NVD-IS: 3.6
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2019-10392
DESCRIPTION: Exploit Observer has 13 entries related to CVE-2019-10392. Jenkins Git Client Plugin 2.8.4 and earlier and 3.0.0-rc did not properly restrict values passed as URL argument to an invocation of 'git ls-remote', resulting in OS command injection.
FIRST-EPSS: 0.947360000
NVD-IS: 5.9
NVD-ES: 2.8
CVE-2019-10392
DESCRIPTION: Exploit Observer has 13 entries related to CVE-2019-10392. Jenkins Git Client Plugin 2.8.4 and earlier and 3.0.0-rc did not properly restrict values passed as URL argument to an invocation of 'git ls-remote', resulting in OS command injection.
FIRST-EPSS: 0.947360000
NVD-IS: 5.9
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2017-12611
DESCRIPTION: Exploit Observer has 27 entries related to CVE-2017-12611. In Apache Struts 2.0.0 through 2.3.33 and 2.5 through 2.5.10.1, using an unintentional expression in a Freemarker tag instead of string literals can lead to a RCE attack.
FIRST-EPSS: 0.973580000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2017-12611
DESCRIPTION: Exploit Observer has 27 entries related to CVE-2017-12611. In Apache Struts 2.0.0 through 2.3.33 and 2.5 through 2.5.10.1, using an unintentional expression in a Freemarker tag instead of string literals can lead to a RCE attack.
FIRST-EPSS: 0.973580000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2022-0185
DESCRIPTION: Exploit Observer has 56 entries related to CVE-2022-0185. A heap-based buffer overflow flaw was found in the way the legacy_parse_param function in the Filesystem Context functionality of the Linux kernel verified the supplied parameters length. An unprivileged (in case of unprivileged user namespaces enabled, otherwise needs namespaced CAP_SYS_ADMIN privilege) local user able to open a filesystem that does not support the Filesystem Context API (and thus fallbacks to legacy handling) could use this flaw to escalate their privileges on the system.
FIRST-EPSS: 0.000600000
NVD-IS: 5.9
NVD-ES: 2.5
CVE-2022-0185
DESCRIPTION: Exploit Observer has 56 entries related to CVE-2022-0185. A heap-based buffer overflow flaw was found in the way the legacy_parse_param function in the Filesystem Context functionality of the Linux kernel verified the supplied parameters length. An unprivileged (in case of unprivileged user namespaces enabled, otherwise needs namespaced CAP_SYS_ADMIN privilege) local user able to open a filesystem that does not support the Filesystem Context API (and thus fallbacks to legacy handling) could use this flaw to escalate their privileges on the system.
FIRST-EPSS: 0.000600000
NVD-IS: 5.9
NVD-ES: 2.5
#ExploitObserverAlert
CVE-2022-29464
DESCRIPTION: Exploit Observer has 91 entries related to CVE-2022-29464. Certain WSO2 products allow unrestricted file upload with resultant remote code execution. The attacker must use a /fileupload endpoint with a Content-Disposition directory traversal sequence to reach a directory under the web root, such as a ../../../../repository/deployment/server/webapps directory. This affects WSO2 API Manager 2.2.0 up to 4.0.0, WSO2 Identity Server 5.2.0 up to 5.11.0, WSO2 Identity Server Analytics 5.4.0, 5.4.1, 5.5.0 and 5.6.0, WSO2 Identity Server as Key Manager 5.3.0 up to 5.11.0, WSO2 Enterprise Integrator 6.2.0 up to 6.6.0, WSO2 Open Banking AM 1.4.0 up to 2.0.0 and WSO2 Open Banking KM 1.4.0, up to 2.0.0.
FIRST-EPSS: 0.973460000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2022-29464
DESCRIPTION: Exploit Observer has 91 entries related to CVE-2022-29464. Certain WSO2 products allow unrestricted file upload with resultant remote code execution. The attacker must use a /fileupload endpoint with a Content-Disposition directory traversal sequence to reach a directory under the web root, such as a ../../../../repository/deployment/server/webapps directory. This affects WSO2 API Manager 2.2.0 up to 4.0.0, WSO2 Identity Server 5.2.0 up to 5.11.0, WSO2 Identity Server Analytics 5.4.0, 5.4.1, 5.5.0 and 5.6.0, WSO2 Identity Server as Key Manager 5.3.0 up to 5.11.0, WSO2 Enterprise Integrator 6.2.0 up to 6.6.0, WSO2 Open Banking AM 1.4.0 up to 2.0.0 and WSO2 Open Banking KM 1.4.0, up to 2.0.0.
FIRST-EPSS: 0.973460000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2023-29489
DESCRIPTION: Exploit Observer has 29 entries related to CVE-2023-29489. An issue was discovered in cPanel before 11.109.9999.116. XSS can occur on the cpsrvd error page via an invalid webcall ID, aka SEC-669. The fixed versions are 11.109.9999.116, 11.108.0.13, 11.106.0.18, and 11.102.0.31.
FIRST-EPSS: 0.001670000
NVD-IS: 2.7
NVD-ES: 2.8
CVE-2023-29489
DESCRIPTION: Exploit Observer has 29 entries related to CVE-2023-29489. An issue was discovered in cPanel before 11.109.9999.116. XSS can occur on the cpsrvd error page via an invalid webcall ID, aka SEC-669. The fixed versions are 11.109.9999.116, 11.108.0.13, 11.106.0.18, and 11.102.0.31.
FIRST-EPSS: 0.001670000
NVD-IS: 2.7
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2003-0358
DESCRIPTION: Exploit Observer has 6 entries related to CVE-2003-0358. Buffer overflow in (1) nethack 3.4.0 and earlier, and (2) falconseye 1.9.3 and earlier, which is based on nethack, allows local users to gain privileges via a long -s command line option.
FIRST-EPSS: 0.000420000
NVD-IS: 6.4
NVD-ES: 3.9
CVE-2003-0358
DESCRIPTION: Exploit Observer has 6 entries related to CVE-2003-0358. Buffer overflow in (1) nethack 3.4.0 and earlier, and (2) falconseye 1.9.3 and earlier, which is based on nethack, allows local users to gain privileges via a long -s command line option.
FIRST-EPSS: 0.000420000
NVD-IS: 6.4
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2020-24765
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2020-24765. InterMind iMind Server through 3.13.65 allows remote unauthenticated attackers to read the self-diagnostic archive via a direct api/rs/monitoring/rs/api/system/dump-diagnostic-info?server=127.0.0.1 request.
FIRST-EPSS: 0.013530000
NVD-IS: 3.6
NVD-ES: 3.9
CVE-2020-24765
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2020-24765. InterMind iMind Server through 3.13.65 allows remote unauthenticated attackers to read the self-diagnostic archive via a direct api/rs/monitoring/rs/api/system/dump-diagnostic-info?server=127.0.0.1 request.
FIRST-EPSS: 0.013530000
NVD-IS: 3.6
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2019-7314
DESCRIPTION: Exploit Observer has 22 entries related to CVE-2019-7314. liblivemedia in Live555 before 2019.02.03 mishandles the termination of an RTSP stream after RTP/RTCP-over-RTSP has been set up, which could lead to a Use-After-Free error that causes the RTSP server to crash (Segmentation fault) or possibly have unspecified other impact.
FIRST-EPSS: 0.024370000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2019-7314
DESCRIPTION: Exploit Observer has 22 entries related to CVE-2019-7314. liblivemedia in Live555 before 2019.02.03 mishandles the termination of an RTSP stream after RTP/RTCP-over-RTSP has been set up, which could lead to a Use-After-Free error that causes the RTSP server to crash (Segmentation fault) or possibly have unspecified other impact.
FIRST-EPSS: 0.024370000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2023-4504
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-4504. Due to failure in validating the length provided by an attacker-crafted PPD PostScript document, CUPS and libppd are susceptible to a heap-based buffer overflow and possibly code execution. This issue has been fixed in CUPS version 2.4.7, released in September of 2023.
FIRST-EPSS: 0.001030000
NVD-IS: 5.9
NVD-ES: 1.0
CVE-2023-4504
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-4504. Due to failure in validating the length provided by an attacker-crafted PPD PostScript document, CUPS and libppd are susceptible to a heap-based buffer overflow and possibly code execution. This issue has been fixed in CUPS version 2.4.7, released in September of 2023.
FIRST-EPSS: 0.001030000
NVD-IS: 5.9
NVD-ES: 1.0