#ExploitObserverAlert
CVE-2023-6992
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2023-6992. Cloudflare version of zlib library was found to be vulnerable to memory corruption issues affecting the deflation algorithm implementation (deflate.c). The issues resulted from improper input validation and heap-based buffer overflow. A local attacker could exploit the problem during compression using a crafted malicious file potentially leading to denial of service of the software. Patches: The issue has been patched in commit 8352d10 https://github.com/cloudflare/zlib/commit/8352d108c05db1bdc5ac3bdf834dad641694c13c . The upstream repository is not affected.
CVE-2023-6992
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2023-6992. Cloudflare version of zlib library was found to be vulnerable to memory corruption issues affecting the deflation algorithm implementation (deflate.c). The issues resulted from improper input validation and heap-based buffer overflow. A local attacker could exploit the problem during compression using a crafted malicious file potentially leading to denial of service of the software. Patches: The issue has been patched in commit 8352d10 https://github.com/cloudflare/zlib/commit/8352d108c05db1bdc5ac3bdf834dad641694c13c . The upstream repository is not affected.
#ExploitObserverAlert
CVE-2020-11110
DESCRIPTION: Exploit Observer has 10 entries related to CVE-2020-11110. Grafana through 6.7.1 allows stored XSS due to insufficient input protection in the originalUrl field, which allows an attacker to inject JavaScript code that will be executed after clicking on Open Original Dashboard after visiting the snapshot.
FIRST-EPSS: 0.005120000
NVD-IS: 2.7
NVD-ES: 2.3
CVE-2020-11110
DESCRIPTION: Exploit Observer has 10 entries related to CVE-2020-11110. Grafana through 6.7.1 allows stored XSS due to insufficient input protection in the originalUrl field, which allows an attacker to inject JavaScript code that will be executed after clicking on Open Original Dashboard after visiting the snapshot.
FIRST-EPSS: 0.005120000
NVD-IS: 2.7
NVD-ES: 2.3
#ExploitObserverAlert
CVE-2023-34327
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-34327.
CVE-2023-34327
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-34327.
#ExploitObserverAlert
CVE-2016-10750
DESCRIPTION: Exploit Observer has 7 entries related to CVE-2016-10750. In Hazelcast before 3.11, the cluster join procedure is vulnerable to remote code execution via Java deserialization. If an attacker can reach a listening Hazelcast instance with a crafted JoinRequest, and vulnerable classes exist in the classpath, the attacker can run arbitrary code.
FIRST-EPSS: 0.026100000
NVD-IS: 5.9
NVD-ES: 2.2
CVE-2016-10750
DESCRIPTION: Exploit Observer has 7 entries related to CVE-2016-10750. In Hazelcast before 3.11, the cluster join procedure is vulnerable to remote code execution via Java deserialization. If an attacker can reach a listening Hazelcast instance with a crafted JoinRequest, and vulnerable classes exist in the classpath, the attacker can run arbitrary code.
FIRST-EPSS: 0.026100000
NVD-IS: 5.9
NVD-ES: 2.2
#ExploitObserverAlert
CVE-2016-2000
DESCRIPTION: Exploit Observer has 5 entries related to CVE-2016-2000. HPE Asset Manager 9.40, 9.41, and 9.50 and Asset Manager CloudSystem Chargeback 9.40 allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) library.
FIRST-EPSS: 0.003240000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2016-2000
DESCRIPTION: Exploit Observer has 5 entries related to CVE-2016-2000. HPE Asset Manager 9.40, 9.41, and 9.50 and Asset Manager CloudSystem Chargeback 9.40 allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) library.
FIRST-EPSS: 0.003240000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2021-26914
DESCRIPTION: Exploit Observer has 7 entries related to CVE-2021-26914. NetMotion Mobility before 11.73 and 12.x before 12.02 allows unauthenticated remote attackers to execute arbitrary code as SYSTEM because of Java deserialization in MvcUtil valueStringToObject.
FIRST-EPSS: 0.634780000
NVD-IS: 5.9
NVD-ES: 2.2
CVE-2021-26914
DESCRIPTION: Exploit Observer has 7 entries related to CVE-2021-26914. NetMotion Mobility before 11.73 and 12.x before 12.02 allows unauthenticated remote attackers to execute arbitrary code as SYSTEM because of Java deserialization in MvcUtil valueStringToObject.
FIRST-EPSS: 0.634780000
NVD-IS: 5.9
NVD-ES: 2.2
#ExploitObserverAlert
CVE-2023-28503
DESCRIPTION: Exploit Observer has 4 entries related to CVE-2023-28503. Rocket Software UniData versions prior to 8.2.4 build 3003 and UniVerse versions prior to 11.3.5 build 1001 or 12.2.1 build 2002 suffer from an authentication bypass vulnerability, where a special username with a deterministic password can be leveraged to bypass authentication checks and execute OS commands as the root user.
FIRST-EPSS: 0.015220000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2023-28503
DESCRIPTION: Exploit Observer has 4 entries related to CVE-2023-28503. Rocket Software UniData versions prior to 8.2.4 build 3003 and UniVerse versions prior to 11.3.5 build 1001 or 12.2.1 build 2002 suffer from an authentication bypass vulnerability, where a special username with a deterministic password can be leveraged to bypass authentication checks and execute OS commands as the root user.
FIRST-EPSS: 0.015220000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2017-15693
DESCRIPTION: Exploit Observer has 5 entries related to CVE-2017-15693. In Apache Geode before v1.4.0, the Geode server stores application objects in serialized form. Certain cluster operations and API invocations cause these objects to be deserialized. A user with DATA:WRITE access to the cluster may be able to cause remote code execution if certain classes are present on the classpath.
FIRST-EPSS: 0.010930000
NVD-IS: 5.9
NVD-ES: 1.6
CVE-2017-15693
DESCRIPTION: Exploit Observer has 5 entries related to CVE-2017-15693. In Apache Geode before v1.4.0, the Geode server stores application objects in serialized form. Certain cluster operations and API invocations cause these objects to be deserialized. A user with DATA:WRITE access to the cluster may be able to cause remote code execution if certain classes are present on the classpath.
FIRST-EPSS: 0.010930000
NVD-IS: 5.9
NVD-ES: 1.6
#ExploitObserverAlert
CVE-2020-36254
DESCRIPTION: Exploit Observer has 4 entries related to CVE-2020-36254. scp.c in Dropbear before 2020.79 mishandles the filename of . or an empty filename, a related issue to CVE-2018-20685.
FIRST-EPSS: 0.002220000
NVD-IS: 5.9
NVD-ES: 2.2
CVE-2020-36254
DESCRIPTION: Exploit Observer has 4 entries related to CVE-2020-36254. scp.c in Dropbear before 2020.79 mishandles the filename of . or an empty filename, a related issue to CVE-2018-20685.
FIRST-EPSS: 0.002220000
NVD-IS: 5.9
NVD-ES: 2.2
#ExploitObserverAlert
CVE-2016-9498
DESCRIPTION: Exploit Observer has 8 entries related to CVE-2016-9498. ManageEngine Applications Manager 12 and 13 before build 13200, allows unserialization of unsafe Java objects. The vulnerability can be exploited by remote user without authentication and it allows to execute remote code compromising the application as well as the operating system. As Application Manager's RMI registry is running with privileges of system administrator, by exploiting this vulnerability an attacker gains highest privileges on the underlying operating system.
FIRST-EPSS: 0.023560000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2016-9498
DESCRIPTION: Exploit Observer has 8 entries related to CVE-2016-9498. ManageEngine Applications Manager 12 and 13 before build 13200, allows unserialization of unsafe Java objects. The vulnerability can be exploited by remote user without authentication and it allows to execute remote code compromising the application as well as the operating system. As Application Manager's RMI registry is running with privileges of system administrator, by exploiting this vulnerability an attacker gains highest privileges on the underlying operating system.
FIRST-EPSS: 0.023560000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2018-15381
DESCRIPTION: Exploit Observer has 6 entries related to CVE-2018-15381. A Java deserialization vulnerability in Cisco Unity Express (CUE) could allow an unauthenticated, remote attacker to execute arbitrary shell commands with the privileges of the root user. The vulnerability is due to insecure deserialization of user-supplied content by the affected software. An attacker could exploit this vulnerability by sending a malicious serialized Java object to the listening Java Remote Method Invocation (RMI) service. A successful exploit could allow the attacker to execute arbitrary commands on the device with root privileges.
FIRST-EPSS: 0.885110000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2018-15381
DESCRIPTION: Exploit Observer has 6 entries related to CVE-2018-15381. A Java deserialization vulnerability in Cisco Unity Express (CUE) could allow an unauthenticated, remote attacker to execute arbitrary shell commands with the privileges of the root user. The vulnerability is due to insecure deserialization of user-supplied content by the affected software. An attacker could exploit this vulnerability by sending a malicious serialized Java object to the listening Java Remote Method Invocation (RMI) service. A successful exploit could allow the attacker to execute arbitrary commands on the device with root privileges.
FIRST-EPSS: 0.885110000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2021-40367
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2021-40367. A vulnerability has been identified in syngo fastView (All versions). The affected application lacks proper validation of user-supplied data when parsing DICOM files. This could result in an out-of-bounds write past the end of an allocated structure. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-15097)
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2021-40367
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2021-40367. A vulnerability has been identified in syngo fastView (All versions). The affected application lacks proper validation of user-supplied data when parsing DICOM files. This could result in an out-of-bounds write past the end of an allocated structure. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-15097)
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2016-5004
DESCRIPTION: Exploit Observer has 10 entries related to CVE-2016-5004. The Content-Encoding HTTP header feature in ws-xmlrpc 3.1.3 as used in Apache Archiva allows remote attackers to cause a denial of service (resource consumption) by decompressing a large file containing zeroes.
FIRST-EPSS: 0.002180000
NVD-IS: 3.6
NVD-ES: 2.8
CVE-2016-5004
DESCRIPTION: Exploit Observer has 10 entries related to CVE-2016-5004. The Content-Encoding HTTP header feature in ws-xmlrpc 3.1.3 as used in Apache Archiva allows remote attackers to cause a denial of service (resource consumption) by decompressing a large file containing zeroes.
FIRST-EPSS: 0.002180000
NVD-IS: 3.6
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2016-2003
DESCRIPTION: Exploit Observer has 6 entries related to CVE-2016-2003. HPE P9000 Command View Advanced Edition Software (CVAE) 7.x and 8.x before 8.4.0-00 and XP7 CVAE 7.x and 8.x before 8.4.0-00 allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) library.
FIRST-EPSS: 0.003240000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2016-2003
DESCRIPTION: Exploit Observer has 6 entries related to CVE-2016-2003. HPE P9000 Command View Advanced Edition Software (CVAE) 7.x and 8.x before 8.4.0-00 and XP7 CVAE 7.x and 8.x before 8.4.0-00 allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) library.
FIRST-EPSS: 0.003240000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2016-5229
DESCRIPTION: Exploit Observer has 9 entries related to CVE-2016-5229. Atlassian Bamboo before 5.11.4.1 and 5.12.x before 5.12.3.1 does not properly restrict permitted deserialized classes, which allows remote attackers to execute arbitrary code via vectors related to XStream Serialization.
FIRST-EPSS: 0.041710000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2016-5229
DESCRIPTION: Exploit Observer has 9 entries related to CVE-2016-5229. Atlassian Bamboo before 5.11.4.1 and 5.12.x before 5.12.3.1 does not properly restrict permitted deserialized classes, which allows remote attackers to execute arbitrary code via vectors related to XStream Serialization.
FIRST-EPSS: 0.041710000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2018-1567
DESCRIPTION: Exploit Observer has 6 entries related to CVE-2018-1567. IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow remote attackers to execute arbitrary Java code through the SOAP connector with a serialized object from untrusted sources. IBM X-Force ID: 143024.
FIRST-EPSS: 0.004110000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2018-1567
DESCRIPTION: Exploit Observer has 6 entries related to CVE-2018-1567. IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow remote attackers to execute arbitrary Java code through the SOAP connector with a serialized object from untrusted sources. IBM X-Force ID: 143024.
FIRST-EPSS: 0.004110000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2015-6934
DESCRIPTION: Exploit Observer has 7 entries related to CVE-2015-6934. Serialized-object interfaces in VMware vRealize Orchestrator 6.x, vCenter Orchestrator 5.x, vRealize Operations 6.x, vCenter Operations 5.x, and vCenter Application Discovery Manager (vADM) 7.x allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections library.
FIRST-EPSS: 0.002910000
NVD-IS: 3.4
NVD-ES: 3.9
CVE-2015-6934
DESCRIPTION: Exploit Observer has 7 entries related to CVE-2015-6934. Serialized-object interfaces in VMware vRealize Orchestrator 6.x, vCenter Orchestrator 5.x, vRealize Operations 6.x, vCenter Operations 5.x, and vCenter Application Discovery Manager (vADM) 7.x allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections library.
FIRST-EPSS: 0.002910000
NVD-IS: 3.4
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2020-11518
DESCRIPTION: Exploit Observer has 5 entries related to CVE-2020-11518. Zoho ManageEngine ADSelfService Plus before 5815 allows unauthenticated remote code execution.
FIRST-EPSS: 0.004950000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2020-11518
DESCRIPTION: Exploit Observer has 5 entries related to CVE-2020-11518. Zoho ManageEngine ADSelfService Plus before 5815 allows unauthenticated remote code execution.
FIRST-EPSS: 0.004950000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2016-3642
DESCRIPTION: Exploit Observer has 8 entries related to CVE-2016-3642. The RMI service in SolarWinds Virtualization Manager 6.3.1 and earlier allows remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) library.
FIRST-EPSS: 0.006610000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2016-3642
DESCRIPTION: Exploit Observer has 8 entries related to CVE-2016-3642. The RMI service in SolarWinds Virtualization Manager 6.3.1 and earlier allows remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) library.
FIRST-EPSS: 0.006610000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2020-4448
DESCRIPTION: Exploit Observer has 9 entries related to CVE-2020-4448. IBM WebSphere Application Server Network Deployment 7.0, 8.0, 8.5, and 9.0 could allow a remote attacker to execute arbitrary code on the system with a specially-crafted sequence of serialized objects from untrusted sources. IBM X-Force ID: 181228.
FIRST-EPSS: 0.019910000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2020-4448
DESCRIPTION: Exploit Observer has 9 entries related to CVE-2020-4448. IBM WebSphere Application Server Network Deployment 7.0, 8.0, 8.5, and 9.0 could allow a remote attacker to execute arbitrary code on the system with a specially-crafted sequence of serialized objects from untrusted sources. IBM X-Force ID: 181228.
FIRST-EPSS: 0.019910000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2016-3461
DESCRIPTION: Exploit Observer has 8 entries related to CVE-2016-3461. Unspecified vulnerability in the MySQL Enterprise Monitor component in Oracle MySQL 3.0.25 and earlier and 3.1.2 and earlier allows remote administrators to affect confidentiality, integrity, and availability via vectors related to Monitoring: Server.
FIRST-EPSS: 0.001460000
NVD-IS: 5.9
NVD-ES: 1.2
CVE-2016-3461
DESCRIPTION: Exploit Observer has 8 entries related to CVE-2016-3461. Unspecified vulnerability in the MySQL Enterprise Monitor component in Oracle MySQL 3.0.25 and earlier and 3.1.2 and earlier allows remote administrators to affect confidentiality, integrity, and availability via vectors related to Monitoring: Server.
FIRST-EPSS: 0.001460000
NVD-IS: 5.9
NVD-ES: 1.2