#ExploitObserverAlert
CVE-2009-1151
DESCRIPTION: Exploit Observer has 19 entries related to CVE-2009-1151. Static code injection vulnerability in setup.php in phpMyAdmin 2.11.x before 2.11.9.5 and 3.x before 3.1.3.1 allows remote attackers to inject arbitrary PHP code into a configuration file via the save action.
FIRST-EPSS: 0.792560000
NVD-IS: 6.4
NVD-ES: 10.0
CVE-2009-1151
DESCRIPTION: Exploit Observer has 19 entries related to CVE-2009-1151. Static code injection vulnerability in setup.php in phpMyAdmin 2.11.x before 2.11.9.5 and 3.x before 3.1.3.1 allows remote attackers to inject arbitrary PHP code into a configuration file via the save action.
FIRST-EPSS: 0.792560000
NVD-IS: 6.4
NVD-ES: 10.0
#ExploitObserverAlert
CVE-2022-4886
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2022-4886. Ingress-nginx `path` sanitization can be bypassed with `log_format` directive.
FIRST-EPSS: 0.000750000
NVD-IS: 3.6
NVD-ES: 2.8
CVE-2022-4886
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2022-4886. Ingress-nginx `path` sanitization can be bypassed with `log_format` directive.
FIRST-EPSS: 0.000750000
NVD-IS: 3.6
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2021-20191
DESCRIPTION: Exploit Observer has 5 entries related to CVE-2021-20191. A flaw was found in ansible. Credentials, such as secrets, are being disclosed in console log by default and not protected by no_log feature when using those modules. An attacker can take advantage of this information to steal those credentials. The highest threat from this vulnerability is to data confidentiality. Versions before ansible 2.9.18 are affected.
NVD-IS: 3.6
NVD-ES: 1.8
CVE-2021-20191
DESCRIPTION: Exploit Observer has 5 entries related to CVE-2021-20191. A flaw was found in ansible. Credentials, such as secrets, are being disclosed in console log by default and not protected by no_log feature when using those modules. An attacker can take advantage of this information to steal those credentials. The highest threat from this vulnerability is to data confidentiality. Versions before ansible 2.9.18 are affected.
NVD-IS: 3.6
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2021-22204
DESCRIPTION: Exploit Observer has 84 entries related to CVE-2021-22204. Improper neutralization of user data in the DjVu file format in ExifTool versions 7.44 and up allows arbitrary code execution when parsing the malicious image
FIRST-EPSS: 0.875560000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2021-22204
DESCRIPTION: Exploit Observer has 84 entries related to CVE-2021-22204. Improper neutralization of user data in the DjVu file format in ExifTool versions 7.44 and up allows arbitrary code execution when parsing the malicious image
FIRST-EPSS: 0.875560000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2023-22809
DESCRIPTION: Exploit Observer has 214 entries related to CVE-2023-22809. In Sudo before 1.9.12p2, the sudoedit (aka -e) feature mishandles extra arguments passed in the user-provided environment variables (SUDO_EDITOR, VISUAL, and EDITOR), allowing a local attacker to append arbitrary entries to the list of files to process. This can lead to privilege escalation. Affected versions are 1.8.0 through 1.9.12.p1. The problem exists because a user-specified editor may contain a "--" argument that defeats a protection mechanism, e.g., an EDITOR='vim -- /path/to/extra/file' value.
FIRST-EPSS: 0.000520000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2023-22809
DESCRIPTION: Exploit Observer has 214 entries related to CVE-2023-22809. In Sudo before 1.9.12p2, the sudoedit (aka -e) feature mishandles extra arguments passed in the user-provided environment variables (SUDO_EDITOR, VISUAL, and EDITOR), allowing a local attacker to append arbitrary entries to the list of files to process. This can lead to privilege escalation. Affected versions are 1.8.0 through 1.9.12.p1. The problem exists because a user-specified editor may contain a "--" argument that defeats a protection mechanism, e.g., an EDITOR='vim -- /path/to/extra/file' value.
FIRST-EPSS: 0.000520000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2022-4886
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2022-4886. Ingress-nginx `path` sanitization can be bypassed with `log_format` directive.
FIRST-EPSS: 0.000750000
NVD-IS: 3.6
NVD-ES: 2.8
CVE-2022-4886
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2022-4886. Ingress-nginx `path` sanitization can be bypassed with `log_format` directive.
FIRST-EPSS: 0.000750000
NVD-IS: 3.6
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2023-22518
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2023-22518. All versions of Confluence Data Center and Server are affected by this unexploited vulnerability. There is no impact to confidentiality as an attacker cannot exfiltrate any instance data.
Atlassian Cloud sites are not affected by this vulnerability. If your Confluence site is accessed via an atlassian.net domain, it is hosted by Atlassian and is not vulnerable to this issue.
FIRST-EPSS: 0.967630000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2023-22518
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2023-22518. All versions of Confluence Data Center and Server are affected by this unexploited vulnerability. There is no impact to confidentiality as an attacker cannot exfiltrate any instance data.
Atlassian Cloud sites are not affected by this vulnerability. If your Confluence site is accessed via an atlassian.net domain, it is hosted by Atlassian and is not vulnerable to this issue.
FIRST-EPSS: 0.967630000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2022-46290
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2022-46290. Multiple out-of-bounds write vulnerabilities exist in the ORCA format nAtoms functionality of Open Babel 3.1.1 and master commit 530dbfa3. A specially-crafted malformed file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.The loop that stores the coordinates does not check its index against nAtoms
FIRST-EPSS: 0.000550000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2022-46290
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2022-46290. Multiple out-of-bounds write vulnerabilities exist in the ORCA format nAtoms functionality of Open Babel 3.1.1 and master commit 530dbfa3. A specially-crafted malformed file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.The loop that stores the coordinates does not check its index against nAtoms
FIRST-EPSS: 0.000550000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2021-20191
DESCRIPTION: Exploit Observer has 5 entries related to CVE-2021-20191. A flaw was found in ansible. Credentials, such as secrets, are being disclosed in console log by default and not protected by no_log feature when using those modules. An attacker can take advantage of this information to steal those credentials. The highest threat from this vulnerability is to data confidentiality. Versions before ansible 2.9.18 are affected.
FIRST-EPSS: 0.000450000
NVD-IS: 3.6
NVD-ES: 1.8
CVE-2021-20191
DESCRIPTION: Exploit Observer has 5 entries related to CVE-2021-20191. A flaw was found in ansible. Credentials, such as secrets, are being disclosed in console log by default and not protected by no_log feature when using those modules. An attacker can take advantage of this information to steal those credentials. The highest threat from this vulnerability is to data confidentiality. Versions before ansible 2.9.18 are affected.
FIRST-EPSS: 0.000450000
NVD-IS: 3.6
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2023-34039
DESCRIPTION: Exploit Observer has 12 entries related to CVE-2023-34039. Aria Operations for Networks contains an Authentication Bypass vulnerability due to a lack of unique cryptographic key generation. A malicious actor with network access to Aria Operations for Networks could bypass SSH authentication to gain access to the Aria Operations for Networks CLI.
FIRST-EPSS: 0.212410000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2023-34039
DESCRIPTION: Exploit Observer has 12 entries related to CVE-2023-34039. Aria Operations for Networks contains an Authentication Bypass vulnerability due to a lack of unique cryptographic key generation. A malicious actor with network access to Aria Operations for Networks could bypass SSH authentication to gain access to the Aria Operations for Networks CLI.
FIRST-EPSS: 0.212410000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2022-48149
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2022-48149. Online Student Admission System in PHP Free Source Code 1.0 was discovered to contain a SQL injection vulnerability via the username parameter.
FIRST-EPSS: 0.000760000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2022-48149
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2022-48149. Online Student Admission System in PHP Free Source Code 1.0 was discovered to contain a SQL injection vulnerability via the username parameter.
FIRST-EPSS: 0.000760000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2022-42100
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2022-42100. KLiK SocialMediaWebsite Version 1.0.1 has XSS vulnerabilities that allow attackers to store XSS via location input reply-form.
FIRST-EPSS: 0.000510000
NVD-IS: 2.7
NVD-ES: 2.3
CVE-2022-42100
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2022-42100. KLiK SocialMediaWebsite Version 1.0.1 has XSS vulnerabilities that allow attackers to store XSS via location input reply-form.
FIRST-EPSS: 0.000510000
NVD-IS: 2.7
NVD-ES: 2.3
#ExploitObserverAlert
CVE-2020-0681
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2020-0681. A remote code execution vulnerability exists in the Windows Remote Desktop Client when a user connects to a malicious server, aka 'Remote Desktop Client Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0734.
FIRST-EPSS: 0.013620000
NVD-IS: 5.9
NVD-ES: 1.6
CVE-2020-0681
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2020-0681. A remote code execution vulnerability exists in the Windows Remote Desktop Client when a user connects to a malicious server, aka 'Remote Desktop Client Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0734.
FIRST-EPSS: 0.013620000
NVD-IS: 5.9
NVD-ES: 1.6
#ExploitObserverAlert
CVE-2023-22515
DESCRIPTION: Exploit Observer has 209 entries related to CVE-2023-22515. Atlassian has been made aware of an issue reported by a handful of customers where external attackers may have exploited a previously unknown vulnerability in publicly accessible Confluence Data Center and Server instances to create unauthorized Confluence administrator accounts and access Confluence instances.
Atlassian Cloud sites are not affected by this vulnerability. If your Confluence site is accessed via an atlassian.net domain, it is hosted by Atlassian and is not vulnerable to this issue.
FIRST-EPSS: 0.955290000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2023-22515
DESCRIPTION: Exploit Observer has 209 entries related to CVE-2023-22515. Atlassian has been made aware of an issue reported by a handful of customers where external attackers may have exploited a previously unknown vulnerability in publicly accessible Confluence Data Center and Server instances to create unauthorized Confluence administrator accounts and access Confluence instances.
Atlassian Cloud sites are not affected by this vulnerability. If your Confluence site is accessed via an atlassian.net domain, it is hosted by Atlassian and is not vulnerable to this issue.
FIRST-EPSS: 0.955290000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2021-34527
DESCRIPTION: Exploit Observer has 193 entries related to CVE-2021-34527. Windows Print Spooler Remote Code Execution Vulnerability
FIRST-EPSS: 0.967920000
NVD-IS: 5.9
NVD-ES: 2.8
CVE-2021-34527
DESCRIPTION: Exploit Observer has 193 entries related to CVE-2021-34527. Windows Print Spooler Remote Code Execution Vulnerability
FIRST-EPSS: 0.967920000
NVD-IS: 5.9
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2023-36054
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-36054. lib/kadm5/kadm_rpc_xdr.c in MIT Kerberos 5 (aka krb5) before 1.20.2 and 1.21.x before 1.21.1 frees an uninitialized pointer. A remote authenticated user can trigger a kadmind crash. This occurs because _xdr_kadm5_principal_ent_rec does not validate the relationship between n_key_data and the key_data array count.
FIRST-EPSS: 0.002320000
NVD-IS: 3.6
NVD-ES: 2.8
CVE-2023-36054
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-36054. lib/kadm5/kadm_rpc_xdr.c in MIT Kerberos 5 (aka krb5) before 1.20.2 and 1.21.x before 1.21.1 frees an uninitialized pointer. A remote authenticated user can trigger a kadmind crash. This occurs because _xdr_kadm5_principal_ent_rec does not validate the relationship between n_key_data and the key_data array count.
FIRST-EPSS: 0.002320000
NVD-IS: 3.6
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2023-20198
DESCRIPTION: Exploit Observer has 153 entries related to CVE-2023-20198. Cisco is aware of active exploitation of a previously unknown vulnerability in the web UI feature of Cisco IOS XE Software when exposed to the internet or to untrusted networks. This vulnerability allows a remote, unauthenticated attacker to create an account on an affected system with privilege level 15 access. The attacker can then use that account to gain control of the affected system.
For steps to close the attack vector for this vulnerability, see the Recommendations section of this advisory
Cisco will provide updates on the status of this investigation and when a software patch is available.
FIRST-EPSS: 0.925950000
NVD-IS: 6.0
NVD-ES: 3.9
CVE-2023-20198
DESCRIPTION: Exploit Observer has 153 entries related to CVE-2023-20198. Cisco is aware of active exploitation of a previously unknown vulnerability in the web UI feature of Cisco IOS XE Software when exposed to the internet or to untrusted networks. This vulnerability allows a remote, unauthenticated attacker to create an account on an affected system with privilege level 15 access. The attacker can then use that account to gain control of the affected system.
For steps to close the attack vector for this vulnerability, see the Recommendations section of this advisory
Cisco will provide updates on the status of this investigation and when a software patch is available.
FIRST-EPSS: 0.925950000
NVD-IS: 6.0
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2021-36934
DESCRIPTION: Exploit Observer has 100 entries related to CVE-2021-36934. Windows Elevation of Privilege Vulnerability
FIRST-EPSS: 0.000870000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2021-36934
DESCRIPTION: Exploit Observer has 100 entries related to CVE-2021-36934. Windows Elevation of Privilege Vulnerability
FIRST-EPSS: 0.000870000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2021-45382
DESCRIPTION: Exploit Observer has 5 entries related to CVE-2021-45382. A Remote Command Execution (RCE) vulnerability exists in all series H/W revisions D-link DIR-810L, DIR-820L/LW, DIR-826L, DIR-830L, and DIR-836L routers via the DDNS function in ncc2 binary file. Note: DIR-810L, DIR-820L, DIR-830L, DIR-826L, DIR-836L, all hardware revisions, have reached their End of Life ("EOL") /End of Service Life ("EOS") Life-Cycle and as such this issue will not be patched.
FIRST-EPSS: 0.946040000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2021-45382
DESCRIPTION: Exploit Observer has 5 entries related to CVE-2021-45382. A Remote Command Execution (RCE) vulnerability exists in all series H/W revisions D-link DIR-810L, DIR-820L/LW, DIR-826L, DIR-830L, and DIR-836L routers via the DDNS function in ncc2 binary file. Note: DIR-810L, DIR-820L, DIR-830L, DIR-826L, DIR-836L, all hardware revisions, have reached their End of Life ("EOL") /End of Service Life ("EOS") Life-Cycle and as such this issue will not be patched.
FIRST-EPSS: 0.946040000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2018-6574
DESCRIPTION: Exploit Observer has 121 entries related to CVE-2018-6574. Go before 1.8.7, Go 1.9.x before 1.9.4, and Go 1.10 pre-releases before Go 1.10rc2 allow "go get" remote command execution during source code build, by leveraging the gcc or clang plugin feature, because -fplugin= and -plugin= arguments were not blocked.
FIRST-EPSS: 0.007090000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2018-6574
DESCRIPTION: Exploit Observer has 121 entries related to CVE-2018-6574. Go before 1.8.7, Go 1.9.x before 1.9.4, and Go 1.10 pre-releases before Go 1.10rc2 allow "go get" remote command execution during source code build, by leveraging the gcc or clang plugin feature, because -fplugin= and -plugin= arguments were not blocked.
FIRST-EPSS: 0.007090000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2023-4528
DESCRIPTION: Exploit Observer has 5 entries related to CVE-2023-4528. Unsafe deserialization in JSCAPE MFT Server versions prior to 2023.1.9 (Windows, Linux, and MacOS) permits an attacker to run arbitrary Java code (including OS commands) via its management interface
FIRST-EPSS: 0.000520000
NVD-IS: 5.9
NVD-ES: 1.2
CVE-2023-4528
DESCRIPTION: Exploit Observer has 5 entries related to CVE-2023-4528. Unsafe deserialization in JSCAPE MFT Server versions prior to 2023.1.9 (Windows, Linux, and MacOS) permits an attacker to run arbitrary Java code (including OS commands) via its management interface
FIRST-EPSS: 0.000520000
NVD-IS: 5.9
NVD-ES: 1.2