#ExploitObserverAlert
CVE-2022-28069
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2022-28069. A heap buffer overflow in vax_opfunction in radare2 5.4.2 and 5.4.0.
FIRST-EPSS: 0.000460000
NVD-IS: 3.6
NVD-ES: 3.9
CVE-2022-28069
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2022-28069. A heap buffer overflow in vax_opfunction in radare2 5.4.2 and 5.4.0.
FIRST-EPSS: 0.000460000
NVD-IS: 3.6
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2022-28072
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2022-28072. A heap buffer overflow in r_read_le32 function in radare25.4.2 and 5.4.0.
FIRST-EPSS: 0.000460000
NVD-IS: 3.6
NVD-ES: 3.9
CVE-2022-28072
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2022-28072. A heap buffer overflow in r_read_le32 function in radare25.4.2 and 5.4.0.
FIRST-EPSS: 0.000460000
NVD-IS: 3.6
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2017-8464
DESCRIPTION: Exploit Observer has 112 entries related to CVE-2017-8464. Windows Shell in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows local users or remote attackers to execute arbitrary code via a crafted .LNK file, which is not properly handled during icon display in Windows Explorer or any other application that parses the icon of the shortcut. aka "LNK Remote Code Execution Vulnerability."
FIRST-EPSS: 0.974560000
NVD-IS: 5.9
NVD-ES: 2.8
CVE-2017-8464
DESCRIPTION: Exploit Observer has 112 entries related to CVE-2017-8464. Windows Shell in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows local users or remote attackers to execute arbitrary code via a crafted .LNK file, which is not properly handled during icon display in Windows Explorer or any other application that parses the icon of the shortcut. aka "LNK Remote Code Execution Vulnerability."
FIRST-EPSS: 0.974560000
NVD-IS: 5.9
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2016-4073
DESCRIPTION: Exploit Observer has 19 entries related to CVE-2016-4073. Multiple integer overflows in the mbfl_strcut function in ext/mbstring/libmbfl/mbfl/mbfilter.c in PHP before 5.5.34, 5.6.x before 5.6.20, and 7.x before 7.0.5 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted mb_strcut call.
FIRST-EPSS: 0.062500000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2016-4073
DESCRIPTION: Exploit Observer has 19 entries related to CVE-2016-4073. Multiple integer overflows in the mbfl_strcut function in ext/mbstring/libmbfl/mbfl/mbfilter.c in PHP before 5.5.34, 5.6.x before 5.6.20, and 7.x before 7.0.5 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted mb_strcut call.
FIRST-EPSS: 0.062500000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2022-30190
DESCRIPTION: Exploit Observer has 315 entries related to CVE-2022-30190. Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability.
FIRST-EPSS: 0.973000000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2022-30190
DESCRIPTION: Exploit Observer has 315 entries related to CVE-2022-30190. Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability.
FIRST-EPSS: 0.973000000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2023-5871
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-5871.
CVE-2023-5871
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-5871.
#ExploitObserverAlert
CVE-2016-0783
DESCRIPTION: Exploit Observer has 5 entries related to CVE-2016-0783. The sendHashByUser function in Apache OpenMeetings before 3.1.1 generates predictable password reset tokens, which makes it easier for remote attackers to reset arbitrary user passwords by leveraging knowledge of a user name and the current system time.
FIRST-EPSS: 0.002230000
NVD-IS: 3.6
NVD-ES: 3.9
CVE-2016-0783
DESCRIPTION: Exploit Observer has 5 entries related to CVE-2016-0783. The sendHashByUser function in Apache OpenMeetings before 3.1.1 generates predictable password reset tokens, which makes it easier for remote attackers to reset arbitrary user passwords by leveraging knowledge of a user name and the current system time.
FIRST-EPSS: 0.002230000
NVD-IS: 3.6
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2019-19447
DESCRIPTION: Exploit Observer has 6 entries related to CVE-2019-19447. In the Linux kernel 5.0.21, mounting a crafted ext4 filesystem image, performing some operations, and unmounting can lead to a use-after-free in ext4_put_super in fs/ext4/super.c, related to dump_orphan_list in fs/ext4/super.c.
FIRST-EPSS: 0.002780000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2019-19447
DESCRIPTION: Exploit Observer has 6 entries related to CVE-2019-19447. In the Linux kernel 5.0.21, mounting a crafted ext4 filesystem image, performing some operations, and unmounting can lead to a use-after-free in ext4_put_super in fs/ext4/super.c, related to dump_orphan_list in fs/ext4/super.c.
FIRST-EPSS: 0.002780000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2023-36427
DESCRIPTION: Exploit Observer has 6 entries related to CVE-2023-36427. Windows Hyper-V Elevation of Privilege Vulnerability
FIRST-EPSS: 0.001460000
NVD-IS: 5.9
NVD-ES: 1.0
CVE-2023-36427
DESCRIPTION: Exploit Observer has 6 entries related to CVE-2023-36427. Windows Hyper-V Elevation of Privilege Vulnerability
FIRST-EPSS: 0.001460000
NVD-IS: 5.9
NVD-ES: 1.0
#ExploitObserverAlert
CVE-2023-6276
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-6276. A vulnerability classified as critical has been found in Tongda OA 2017 up to 11.9. This affects an unknown part of the file general/wiki/cp/ct/delete.php. The manipulation of the argument PROJ_ID_STR leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 11.10 is able to address this issue. It is recommended to upgrade the affected component. The identifier VDB-246105 was assigned to this vulnerability.
FIRST-EPSS: 0.000450000
CVE-2023-6276
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-6276. A vulnerability classified as critical has been found in Tongda OA 2017 up to 11.9. This affects an unknown part of the file general/wiki/cp/ct/delete.php. The manipulation of the argument PROJ_ID_STR leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 11.10 is able to address this issue. It is recommended to upgrade the affected component. The identifier VDB-246105 was assigned to this vulnerability.
FIRST-EPSS: 0.000450000
#AwesomeIntelligenceAlert
Explore 3 additional OSINT resources now included in our collection.
https://x.com/arpsyndicate/status/1729367713351671987
Explore 3 additional OSINT resources now included in our collection.
https://x.com/arpsyndicate/status/1729367713351671987
#ExploitObserverAlert
CVE-2023-5958
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-5958.
CVE-2023-5958
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-5958.
#ExploitObserverAlert
CVE-2023-46604
DESCRIPTION: Exploit Observer has 97 entries related to CVE-2023-46604. The Java OpenWire protocol marshaller is vulnerable to Remote Code Execution. This vulnerability may allow a remote attacker with network access to either a Java-based OpenWire broker or client to run arbitrary shell commands by manipulating serialized class types in the OpenWire protocol to cause either the client or the broker (respectively) to instantiate any class on the classpath. Users are recommended to upgrade both brokers and clients to version 5.15.16, 5.16.7, 5.17.6, or 5.18.3 which fixes this issue.
FIRST-EPSS: 0.966470000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2023-46604
DESCRIPTION: Exploit Observer has 97 entries related to CVE-2023-46604. The Java OpenWire protocol marshaller is vulnerable to Remote Code Execution. This vulnerability may allow a remote attacker with network access to either a Java-based OpenWire broker or client to run arbitrary shell commands by manipulating serialized class types in the OpenWire protocol to cause either the client or the broker (respectively) to instantiate any class on the classpath. Users are recommended to upgrade both brokers and clients to version 5.15.16, 5.16.7, 5.17.6, or 5.18.3 which fixes this issue.
FIRST-EPSS: 0.966470000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2015-8835
DESCRIPTION: Exploit Observer has 11 entries related to CVE-2015-8835. The make_http_soap_request function in ext/soap/php_http.c in PHP before 5.4.44, 5.5.x before 5.5.28, and 5.6.x before 5.6.12 does not properly retrieve keys, which allows remote attackers to cause a denial of service (NULL pointer dereference, type confusion, and application crash) or possibly execute arbitrary code via crafted serialized data representing a numerically indexed _cookies array, related to the SoapClient::__call method in ext/soap/soap.c.
FIRST-EPSS: 0.101390000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2015-8835
DESCRIPTION: Exploit Observer has 11 entries related to CVE-2015-8835. The make_http_soap_request function in ext/soap/php_http.c in PHP before 5.4.44, 5.5.x before 5.5.28, and 5.6.x before 5.6.12 does not properly retrieve keys, which allows remote attackers to cause a denial of service (NULL pointer dereference, type confusion, and application crash) or possibly execute arbitrary code via crafted serialized data representing a numerically indexed _cookies array, related to the SoapClient::__call method in ext/soap/soap.c.
FIRST-EPSS: 0.101390000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
GHSA-8p63-mwfp-hjrv
DESCRIPTION: Exploit Observer has 1 entries related to GHSA-8P63-MWFP-HJRV.
GHSA-8p63-mwfp-hjrv
DESCRIPTION: Exploit Observer has 1 entries related to GHSA-8P63-MWFP-HJRV.
#ExploitObserverAlert
CVE-2016-4655
DESCRIPTION: Exploit Observer has 41 entries related to CVE-2016-4655. The kernel in Apple iOS before 9.3.5 allows attackers to obtain sensitive information from memory via a crafted app.
FIRST-EPSS: 0.865630000
NVD-IS: 3.6
NVD-ES: 1.8
CVE-2016-4655
DESCRIPTION: Exploit Observer has 41 entries related to CVE-2016-4655. The kernel in Apple iOS before 9.3.5 allows attackers to obtain sensitive information from memory via a crafted app.
FIRST-EPSS: 0.865630000
NVD-IS: 3.6
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2023-4252
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-4252.
CVE-2023-4252
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-4252.
#ExploitObserverAlert
CVE-2023-4911
DESCRIPTION: Exploit Observer has 238 entries related to CVE-2023-4911. A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBC_TUNABLES environment variables when launching binaries with SUID permission to execute code with elevated privileges.
FIRST-EPSS: 0.018070000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2023-4911
DESCRIPTION: Exploit Observer has 238 entries related to CVE-2023-4911. A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBC_TUNABLES environment variables when launching binaries with SUID permission to execute code with elevated privileges.
FIRST-EPSS: 0.018070000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2023-48034
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-48034. An issue discovered in Acer Wireless Keyboard SK-9662 allows attacker in physical proximity to both decrypt wireless keystrokes and inject arbitrary keystrokes via use of weak encryption.
CVE-2023-48034
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-48034. An issue discovered in Acer Wireless Keyboard SK-9662 allows attacker in physical proximity to both decrypt wireless keystrokes and inject arbitrary keystrokes via use of weak encryption.
#ExploitObserverAlert
CVE-2023-5620
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-5620.
CVE-2023-5620
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-5620.
#ExploitObserverAlert
CVE-2021-33771
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2021-33771. Windows Kernel Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-31979, CVE-2021-34514.
FIRST-EPSS: 0.000430000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2021-33771
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2021-33771. Windows Kernel Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-31979, CVE-2021-34514.
FIRST-EPSS: 0.000430000
NVD-IS: 5.9
NVD-ES: 1.8