#ExploitObserverAlert
CVE-2023-20198
DESCRIPTION: Exploit Observer has 153 entries related to CVE-2023-20198. Cisco is aware of active exploitation of a previously unknown vulnerability in the web UI feature of Cisco IOS XE Software when exposed to the internet or to untrusted networks. This vulnerability allows a remote, unauthenticated attacker to create an account on an affected system with privilege level 15 access. The attacker can then use that account to gain control of the affected system.
For steps to close the attack vector for this vulnerability, see the Recommendations section of this advisory
Cisco will provide updates on the status of this investigation and when a software patch is available.
FIRST-EPSS: 0.916150000
NVD-IS: 6.0
NVD-ES: 3.9
CVE-2023-20198
DESCRIPTION: Exploit Observer has 153 entries related to CVE-2023-20198. Cisco is aware of active exploitation of a previously unknown vulnerability in the web UI feature of Cisco IOS XE Software when exposed to the internet or to untrusted networks. This vulnerability allows a remote, unauthenticated attacker to create an account on an affected system with privilege level 15 access. The attacker can then use that account to gain control of the affected system.
For steps to close the attack vector for this vulnerability, see the Recommendations section of this advisory
Cisco will provide updates on the status of this investigation and when a software patch is available.
FIRST-EPSS: 0.916150000
NVD-IS: 6.0
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2022-45143
DESCRIPTION: Exploit Observer has 8 entries related to CVE-2022-45143. The JsonErrorReportValve in Apache Tomcat 8.5.83, 9.0.40 to 9.0.68 and 10.1.0-M1 to 10.1.1 did not escape the type, message or description values. In some circumstances these are constructed from user provided data and it was therefore possible for users to supply values that invalidated or manipulated the JSON output.
FIRST-EPSS: 0.002540000
NVD-IS: 3.6
NVD-ES: 3.9
CVE-2022-45143
DESCRIPTION: Exploit Observer has 8 entries related to CVE-2022-45143. The JsonErrorReportValve in Apache Tomcat 8.5.83, 9.0.40 to 9.0.68 and 10.1.0-M1 to 10.1.1 did not escape the type, message or description values. In some circumstances these are constructed from user provided data and it was therefore possible for users to supply values that invalidated or manipulated the JSON output.
FIRST-EPSS: 0.002540000
NVD-IS: 3.6
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2014-0224
DESCRIPTION: Exploit Observer has 367 entries related to CVE-2014-0224. OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly restrict processing of ChangeCipherSpec messages, which allows man-in-the-middle attackers to trigger use of a zero-length master key in certain OpenSSL-to-OpenSSL communications, and consequently hijack sessions or obtain sensitive information, via a crafted TLS handshake, aka the "CCS Injection" vulnerability.
FIRST-EPSS: 0.974040000
NVD-IS: 5.2
NVD-ES: 2.2
CVE-2014-0224
DESCRIPTION: Exploit Observer has 367 entries related to CVE-2014-0224. OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly restrict processing of ChangeCipherSpec messages, which allows man-in-the-middle attackers to trigger use of a zero-length master key in certain OpenSSL-to-OpenSSL communications, and consequently hijack sessions or obtain sensitive information, via a crafted TLS handshake, aka the "CCS Injection" vulnerability.
FIRST-EPSS: 0.974040000
NVD-IS: 5.2
NVD-ES: 2.2
#ExploitObserverAlert
CVE-2016-2178
DESCRIPTION: Exploit Observer has 70 entries related to CVE-2016-2178. The dsa_sign_setup function in crypto/dsa/dsa_ossl.c in OpenSSL through 1.0.2h does not properly ensure the use of constant-time operations, which makes it easier for local users to discover a DSA private key via a timing side-channel attack.
FIRST-EPSS: 0.001350000
NVD-IS: 3.6
NVD-ES: 1.8
CVE-2016-2178
DESCRIPTION: Exploit Observer has 70 entries related to CVE-2016-2178. The dsa_sign_setup function in crypto/dsa/dsa_ossl.c in OpenSSL through 1.0.2h does not properly ensure the use of constant-time operations, which makes it easier for local users to discover a DSA private key via a timing side-channel attack.
FIRST-EPSS: 0.001350000
NVD-IS: 3.6
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2022-0492
DESCRIPTION: Exploit Observer has 53 entries related to CVE-2022-0492. A vulnerability was found in the Linux kernel’s cgroup_release_agent_write in the kernel/cgroup/cgroup-v1.c function. This flaw, under certain circumstances, allows the use of the cgroups v1 release_agent feature to escalate privileges and bypass the namespace isolation unexpectedly.
FIRST-EPSS: 0.000450000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2022-0492
DESCRIPTION: Exploit Observer has 53 entries related to CVE-2022-0492. A vulnerability was found in the Linux kernel’s cgroup_release_agent_write in the kernel/cgroup/cgroup-v1.c function. This flaw, under certain circumstances, allows the use of the cgroups v1 release_agent feature to escalate privileges and bypass the namespace isolation unexpectedly.
FIRST-EPSS: 0.000450000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2011-2523
DESCRIPTION: Exploit Observer has 52 entries related to CVE-2011-2523. vsftpd 2.3.4 downloaded between 20110630 and 20110703 contains a backdoor which opens a shell on port 6200/tcp.
FIRST-EPSS: 0.883420000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2011-2523
DESCRIPTION: Exploit Observer has 52 entries related to CVE-2011-2523. vsftpd 2.3.4 downloaded between 20110630 and 20110703 contains a backdoor which opens a shell on port 6200/tcp.
FIRST-EPSS: 0.883420000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2017-7921
DESCRIPTION: Exploit Observer has 39 entries related to CVE-2017-7921. An Improper Authentication issue was discovered in Hikvision DS-2CD2xx2F-I Series V5.2.0 build 140721 to V5.4.0 build 160530, DS-2CD2xx0F-I Series V5.2.0 build 140721 to V5.4.0 Build 160401, DS-2CD2xx2FWD Series V5.3.1 build 150410 to V5.4.4 Build 161125, DS-2CD4x2xFWD Series V5.2.0 build 140721 to V5.4.0 Build 160414, DS-2CD4xx5 Series V5.2.0 build 140721 to V5.4.0 Build 160421, DS-2DFx Series V5.2.0 build 140805 to V5.4.5 Build 160928, and DS-2CD63xx Series V5.0.9 build 140305 to V5.3.5 Build 160106 devices. The improper authentication vulnerability occurs when an application does not adequately or correctly authenticate users. This may allow a malicious user to escalate his or her privileges on the system and gain access to sensitive information.
FIRST-EPSS: 0.013610000
NVD-IS: 6.0
NVD-ES: 3.9
CVE-2017-7921
DESCRIPTION: Exploit Observer has 39 entries related to CVE-2017-7921. An Improper Authentication issue was discovered in Hikvision DS-2CD2xx2F-I Series V5.2.0 build 140721 to V5.4.0 build 160530, DS-2CD2xx0F-I Series V5.2.0 build 140721 to V5.4.0 Build 160401, DS-2CD2xx2FWD Series V5.3.1 build 150410 to V5.4.4 Build 161125, DS-2CD4x2xFWD Series V5.2.0 build 140721 to V5.4.0 Build 160414, DS-2CD4xx5 Series V5.2.0 build 140721 to V5.4.0 Build 160421, DS-2DFx Series V5.2.0 build 140805 to V5.4.5 Build 160928, and DS-2CD63xx Series V5.0.9 build 140305 to V5.3.5 Build 160106 devices. The improper authentication vulnerability occurs when an application does not adequately or correctly authenticate users. This may allow a malicious user to escalate his or her privileges on the system and gain access to sensitive information.
FIRST-EPSS: 0.013610000
NVD-IS: 6.0
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2014-0160
DESCRIPTION: Exploit Observer has 652 entries related to CVE-2014-0160. The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as demonstrated by reading private keys, related to d1_both.c and t1_lib.c, aka the Heartbleed bug.
FIRST-EPSS: 0.975180000
NVD-IS: 3.6
NVD-ES: 3.9
CVE-2014-0160
DESCRIPTION: Exploit Observer has 652 entries related to CVE-2014-0160. The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as demonstrated by reading private keys, related to d1_both.c and t1_lib.c, aka the Heartbleed bug.
FIRST-EPSS: 0.975180000
NVD-IS: 3.6
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2023-22518
DESCRIPTION: Exploit Observer has 10 entries related to CVE-2023-22518. All versions of Confluence Data Center and Server are affected by this unexploited vulnerability. This Improper Authorization vulnerability allows an unauthenticated attacker to reset Confluence and create a Confluence instance administrator account. Using this account, an attacker can then perform all administrative actions that are available to Confluence instance administrator leading to - but not limited to - full loss of confidentiality, integrity and availability.
Atlassian Cloud sites are not affected by this vulnerability. If your Confluence site is accessed via an atlassian.net domain, it is hosted by Atlassian and is not vulnerable to this issue.
FIRST-EPSS: 0.967630000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2023-22518
DESCRIPTION: Exploit Observer has 10 entries related to CVE-2023-22518. All versions of Confluence Data Center and Server are affected by this unexploited vulnerability. This Improper Authorization vulnerability allows an unauthenticated attacker to reset Confluence and create a Confluence instance administrator account. Using this account, an attacker can then perform all administrative actions that are available to Confluence instance administrator leading to - but not limited to - full loss of confidentiality, integrity and availability.
Atlassian Cloud sites are not affected by this vulnerability. If your Confluence site is accessed via an atlassian.net domain, it is hosted by Atlassian and is not vulnerable to this issue.
FIRST-EPSS: 0.967630000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2021-24147
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2021-24147. Unvalidated input and lack of output encoding in the Modern Events Calendar Lite WordPress plugin, versions before 5.16.5, did not sanitise the mic_comment field (Notes on time) when adding/editing an event, allowing users with privilege as low as author to add events with a Cross-Site Scripting payload in them, which will be triggered in the frontend when viewing the event.
FIRST-EPSS: 0.000580000
NVD-IS: 2.7
NVD-ES: 2.3
CVE-2021-24147
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2021-24147. Unvalidated input and lack of output encoding in the Modern Events Calendar Lite WordPress plugin, versions before 5.16.5, did not sanitise the mic_comment field (Notes on time) when adding/editing an event, allowing users with privilege as low as author to add events with a Cross-Site Scripting payload in them, which will be triggered in the frontend when viewing the event.
FIRST-EPSS: 0.000580000
NVD-IS: 2.7
NVD-ES: 2.3
#ExploitObserverAlert
CVE-2022-4381
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2022-4381. The Popup Maker WordPress plugin before 1.16.9 does not validate and escape one of its shortcode attributes, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks
FIRST-EPSS: 0.000450000
NVD-IS: 2.7
NVD-ES: 2.3
CVE-2022-4381
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2022-4381. The Popup Maker WordPress plugin before 1.16.9 does not validate and escape one of its shortcode attributes, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks
FIRST-EPSS: 0.000450000
NVD-IS: 2.7
NVD-ES: 2.3
#ExploitObserverAlert
CVE-2023-38646
DESCRIPTION: Exploit Observer has 68 entries related to CVE-2023-38646. Metabase open source before 0.46.6.1 and Metabase Enterprise before 1.46.6.1 allow attackers to execute arbitrary commands on the server, at the server's privilege level. Authentication is not required for exploitation. The other fixed versions are 0.45.4.1, 1.45.4.1, 0.44.7.1, 1.44.7.1, 0.43.7.2, and 1.43.7.2.
FIRST-EPSS: 0.604450000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2023-38646
DESCRIPTION: Exploit Observer has 68 entries related to CVE-2023-38646. Metabase open source before 0.46.6.1 and Metabase Enterprise before 1.46.6.1 allow attackers to execute arbitrary commands on the server, at the server's privilege level. Authentication is not required for exploitation. The other fixed versions are 0.45.4.1, 1.45.4.1, 0.44.7.1, 1.44.7.1, 0.43.7.2, and 1.43.7.2.
FIRST-EPSS: 0.604450000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2018-6574
DESCRIPTION: Exploit Observer has 121 entries related to CVE-2018-6574. Go before 1.8.7, Go 1.9.x before 1.9.4, and Go 1.10 pre-releases before Go 1.10rc2 allow "go get" remote command execution during source code build, by leveraging the gcc or clang plugin feature, because -fplugin= and -plugin= arguments were not blocked.
FIRST-EPSS: 0.007090000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2018-6574
DESCRIPTION: Exploit Observer has 121 entries related to CVE-2018-6574. Go before 1.8.7, Go 1.9.x before 1.9.4, and Go 1.10 pre-releases before Go 1.10rc2 allow "go get" remote command execution during source code build, by leveraging the gcc or clang plugin feature, because -fplugin= and -plugin= arguments were not blocked.
FIRST-EPSS: 0.007090000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2009-1151
DESCRIPTION: Exploit Observer has 19 entries related to CVE-2009-1151. Static code injection vulnerability in setup.php in phpMyAdmin 2.11.x before 2.11.9.5 and 3.x before 3.1.3.1 allows remote attackers to inject arbitrary PHP code into a configuration file via the save action.
FIRST-EPSS: 0.792560000
NVD-IS: 6.4
NVD-ES: 10.0
CVE-2009-1151
DESCRIPTION: Exploit Observer has 19 entries related to CVE-2009-1151. Static code injection vulnerability in setup.php in phpMyAdmin 2.11.x before 2.11.9.5 and 3.x before 3.1.3.1 allows remote attackers to inject arbitrary PHP code into a configuration file via the save action.
FIRST-EPSS: 0.792560000
NVD-IS: 6.4
NVD-ES: 10.0
#ExploitObserverAlert
CVE-2022-4886
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2022-4886. Ingress-nginx `path` sanitization can be bypassed with `log_format` directive.
FIRST-EPSS: 0.000750000
NVD-IS: 3.6
NVD-ES: 2.8
CVE-2022-4886
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2022-4886. Ingress-nginx `path` sanitization can be bypassed with `log_format` directive.
FIRST-EPSS: 0.000750000
NVD-IS: 3.6
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2021-20191
DESCRIPTION: Exploit Observer has 5 entries related to CVE-2021-20191. A flaw was found in ansible. Credentials, such as secrets, are being disclosed in console log by default and not protected by no_log feature when using those modules. An attacker can take advantage of this information to steal those credentials. The highest threat from this vulnerability is to data confidentiality. Versions before ansible 2.9.18 are affected.
NVD-IS: 3.6
NVD-ES: 1.8
CVE-2021-20191
DESCRIPTION: Exploit Observer has 5 entries related to CVE-2021-20191. A flaw was found in ansible. Credentials, such as secrets, are being disclosed in console log by default and not protected by no_log feature when using those modules. An attacker can take advantage of this information to steal those credentials. The highest threat from this vulnerability is to data confidentiality. Versions before ansible 2.9.18 are affected.
NVD-IS: 3.6
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2021-22204
DESCRIPTION: Exploit Observer has 84 entries related to CVE-2021-22204. Improper neutralization of user data in the DjVu file format in ExifTool versions 7.44 and up allows arbitrary code execution when parsing the malicious image
FIRST-EPSS: 0.875560000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2021-22204
DESCRIPTION: Exploit Observer has 84 entries related to CVE-2021-22204. Improper neutralization of user data in the DjVu file format in ExifTool versions 7.44 and up allows arbitrary code execution when parsing the malicious image
FIRST-EPSS: 0.875560000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2023-22809
DESCRIPTION: Exploit Observer has 214 entries related to CVE-2023-22809. In Sudo before 1.9.12p2, the sudoedit (aka -e) feature mishandles extra arguments passed in the user-provided environment variables (SUDO_EDITOR, VISUAL, and EDITOR), allowing a local attacker to append arbitrary entries to the list of files to process. This can lead to privilege escalation. Affected versions are 1.8.0 through 1.9.12.p1. The problem exists because a user-specified editor may contain a "--" argument that defeats a protection mechanism, e.g., an EDITOR='vim -- /path/to/extra/file' value.
FIRST-EPSS: 0.000520000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2023-22809
DESCRIPTION: Exploit Observer has 214 entries related to CVE-2023-22809. In Sudo before 1.9.12p2, the sudoedit (aka -e) feature mishandles extra arguments passed in the user-provided environment variables (SUDO_EDITOR, VISUAL, and EDITOR), allowing a local attacker to append arbitrary entries to the list of files to process. This can lead to privilege escalation. Affected versions are 1.8.0 through 1.9.12.p1. The problem exists because a user-specified editor may contain a "--" argument that defeats a protection mechanism, e.g., an EDITOR='vim -- /path/to/extra/file' value.
FIRST-EPSS: 0.000520000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2022-4886
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2022-4886. Ingress-nginx `path` sanitization can be bypassed with `log_format` directive.
FIRST-EPSS: 0.000750000
NVD-IS: 3.6
NVD-ES: 2.8
CVE-2022-4886
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2022-4886. Ingress-nginx `path` sanitization can be bypassed with `log_format` directive.
FIRST-EPSS: 0.000750000
NVD-IS: 3.6
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2023-22518
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2023-22518. All versions of Confluence Data Center and Server are affected by this unexploited vulnerability. There is no impact to confidentiality as an attacker cannot exfiltrate any instance data.
Atlassian Cloud sites are not affected by this vulnerability. If your Confluence site is accessed via an atlassian.net domain, it is hosted by Atlassian and is not vulnerable to this issue.
FIRST-EPSS: 0.967630000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2023-22518
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2023-22518. All versions of Confluence Data Center and Server are affected by this unexploited vulnerability. There is no impact to confidentiality as an attacker cannot exfiltrate any instance data.
Atlassian Cloud sites are not affected by this vulnerability. If your Confluence site is accessed via an atlassian.net domain, it is hosted by Atlassian and is not vulnerable to this issue.
FIRST-EPSS: 0.967630000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2022-46290
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2022-46290. Multiple out-of-bounds write vulnerabilities exist in the ORCA format nAtoms functionality of Open Babel 3.1.1 and master commit 530dbfa3. A specially-crafted malformed file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.The loop that stores the coordinates does not check its index against nAtoms
FIRST-EPSS: 0.000550000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2022-46290
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2022-46290. Multiple out-of-bounds write vulnerabilities exist in the ORCA format nAtoms functionality of Open Babel 3.1.1 and master commit 530dbfa3. A specially-crafted malformed file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.The loop that stores the coordinates does not check its index against nAtoms
FIRST-EPSS: 0.000550000
NVD-IS: 5.9
NVD-ES: 1.8