#ExploitObserverAlert
CVE-2020-9273
DESCRIPTION: Exploit Observer has 21 entries related to CVE-2020-9273. In ProFTPD 1.3.7, it is possible to corrupt the memory pool by interrupting the data transfer channel. This triggers a use-after-free in alloc_pool in pool.c, and possible remote code execution.
FIRST-EPSS: 0.070130000
NVD-IS: 5.9
NVD-ES: 2.8
CVE-2020-9273
DESCRIPTION: Exploit Observer has 21 entries related to CVE-2020-9273. In ProFTPD 1.3.7, it is possible to corrupt the memory pool by interrupting the data transfer channel. This triggers a use-after-free in alloc_pool in pool.c, and possible remote code execution.
FIRST-EPSS: 0.070130000
NVD-IS: 5.9
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2023-4863
DESCRIPTION: Exploit Observer has 65 entries related to CVE-2023-4863. Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Critical)
FIRST-EPSS: 0.410100000
NVD-IS: 5.9
NVD-ES: 2.8
CVE-2023-4863
DESCRIPTION: Exploit Observer has 65 entries related to CVE-2023-4863. Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Critical)
FIRST-EPSS: 0.410100000
NVD-IS: 5.9
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2022-30190
DESCRIPTION: Exploit Observer has 317 entries related to CVE-2022-30190. Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability.
FIRST-EPSS: 0.973000000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2022-30190
DESCRIPTION: Exploit Observer has 317 entries related to CVE-2022-30190. Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability.
FIRST-EPSS: 0.973000000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2010-3333
DESCRIPTION: Exploit Observer has 32 entries related to CVE-2010-3333. Stack-based buffer overflow in Microsoft Office XP SP3, Office 2003 SP3, Office 2007 SP2, Office 2010, Office 2004 and 2008 for Mac, Office for Mac 2011, and Open XML File Format Converter for Mac allows remote attackers to execute arbitrary code via crafted RTF data, aka "RTF Stack Buffer Overflow Vulnerability."
FIRST-EPSS: 0.973400000
NVD-IS: 10.0
NVD-ES: 8.6
CVE-2010-3333
DESCRIPTION: Exploit Observer has 32 entries related to CVE-2010-3333. Stack-based buffer overflow in Microsoft Office XP SP3, Office 2003 SP3, Office 2007 SP2, Office 2010, Office 2004 and 2008 for Mac, Office for Mac 2011, and Open XML File Format Converter for Mac allows remote attackers to execute arbitrary code via crafted RTF data, aka "RTF Stack Buffer Overflow Vulnerability."
FIRST-EPSS: 0.973400000
NVD-IS: 10.0
NVD-ES: 8.6
#ExploitObserverAlert
CVE-2003-0352
DESCRIPTION: Exploit Observer has 19 entries related to CVE-2003-0352. Buffer overflow in a certain DCOM interface for RPC in Microsoft Windows NT 4.0, 2000, XP, and Server 2003 allows remote attackers to execute arbitrary code via a malformed message, as exploited by the Blaster/MSblast/LovSAN and Nachi/Welchia worms.
FIRST-EPSS: 0.970560000
NVD-IS: 6.4
NVD-ES: 10.0
CVE-2003-0352
DESCRIPTION: Exploit Observer has 19 entries related to CVE-2003-0352. Buffer overflow in a certain DCOM interface for RPC in Microsoft Windows NT 4.0, 2000, XP, and Server 2003 allows remote attackers to execute arbitrary code via a malformed message, as exploited by the Blaster/MSblast/LovSAN and Nachi/Welchia worms.
FIRST-EPSS: 0.970560000
NVD-IS: 6.4
NVD-ES: 10.0
#ExploitObserverAlert
CVE-2023-34468
DESCRIPTION: Exploit Observer has 5 entries related to CVE-2023-34468. The DBCPConnectionPool and HikariCPConnectionPool Controller Services in Apache NiFi 0.0.2 through 1.21.0 allow an authenticated and authorized user to configure a Database URL with the H2 driver that enables custom code execution. The resolution validates the Database URL and rejects H2 JDBC locations. You are recommended to upgrade to version 1.22.0 or later which fixes this issue.
FIRST-EPSS: 0.857840000
NVD-IS: 5.9
NVD-ES: 2.8
CVE-2023-34468
DESCRIPTION: Exploit Observer has 5 entries related to CVE-2023-34468. The DBCPConnectionPool and HikariCPConnectionPool Controller Services in Apache NiFi 0.0.2 through 1.21.0 allow an authenticated and authorized user to configure a Database URL with the H2 driver that enables custom code execution. The resolution validates the Database URL and rejects H2 JDBC locations. You are recommended to upgrade to version 1.22.0 or later which fixes this issue.
FIRST-EPSS: 0.857840000
NVD-IS: 5.9
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2023-4911
DESCRIPTION: Exploit Observer has 238 entries related to CVE-2023-4911. A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBC_TUNABLES environment variables when launching binaries with SUID permission to execute code with elevated privileges.
FIRST-EPSS: 0.018070000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2023-4911
DESCRIPTION: Exploit Observer has 238 entries related to CVE-2023-4911. A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBC_TUNABLES environment variables when launching binaries with SUID permission to execute code with elevated privileges.
FIRST-EPSS: 0.018070000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2023-5678
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2023-5678. Issue summary: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow. Impact summary: Applications that use the functions DH_generate_key() to generate an X9.42 DH key may experience long delays. Likewise, applications that use DH_check_pub_key(), DH_check_pub_key_ex() or EVP_PKEY_public_check() to check an X9.42 DH key or X9.42 DH parameters may experience long delays. Where the key or parameters that are being checked have been obtained from an untrusted source this may lead to a Denial of Service. While DH_check() performs all the necessary checks (as of CVE-2023-3817), DH_check_pub_key() doesn't make any of these checks, and is therefore vulnerable for excessively large P and Q parameters. Likewise, while DH_generate_key() performs a check for an excessively large P, it doesn't check for an excessively large Q. An application that calls DH_generate_key() or DH_check_pub_key() and supplies a key or parameters obtained from an untrusted source could be vulnerable to a Denial of Service attack. DH_generate_key() and DH_check_pub_key() are also called by a number of other OpenSSL functions. An application calling any of those other functions may similarly be affected. The other functions affected by this are DH_check_pub_key_ex(), EVP_PKEY_public_check(), and EVP_PKEY_generate(). Also vulnerable are the OpenSSL pkey command line application when using the "-pubcheck" option, as well as the OpenSSL genpkey command line application. The OpenSSL SSL/TLS implementation is not affected by this issue. The OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue.
FIRST-EPSS: 0.000790000
NVD-IS: 1.4
NVD-ES: 3.9
CVE-2023-5678
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2023-5678. Issue summary: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow. Impact summary: Applications that use the functions DH_generate_key() to generate an X9.42 DH key may experience long delays. Likewise, applications that use DH_check_pub_key(), DH_check_pub_key_ex() or EVP_PKEY_public_check() to check an X9.42 DH key or X9.42 DH parameters may experience long delays. Where the key or parameters that are being checked have been obtained from an untrusted source this may lead to a Denial of Service. While DH_check() performs all the necessary checks (as of CVE-2023-3817), DH_check_pub_key() doesn't make any of these checks, and is therefore vulnerable for excessively large P and Q parameters. Likewise, while DH_generate_key() performs a check for an excessively large P, it doesn't check for an excessively large Q. An application that calls DH_generate_key() or DH_check_pub_key() and supplies a key or parameters obtained from an untrusted source could be vulnerable to a Denial of Service attack. DH_generate_key() and DH_check_pub_key() are also called by a number of other OpenSSL functions. An application calling any of those other functions may similarly be affected. The other functions affected by this are DH_check_pub_key_ex(), EVP_PKEY_public_check(), and EVP_PKEY_generate(). Also vulnerable are the OpenSSL pkey command line application when using the "-pubcheck" option, as well as the OpenSSL genpkey command line application. The OpenSSL SSL/TLS implementation is not affected by this issue. The OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue.
FIRST-EPSS: 0.000790000
NVD-IS: 1.4
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2020-8213
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2020-8213. An information exposure vulnerability exists in UniFi Protect before v1.13.4-beta.5 that allowed unauthenticated attackers access to valid usernames for the UniFi Protect web application via HTTP response code and response timing.
FIRST-EPSS: 0.000890000
NVD-IS: 1.4
NVD-ES: 3.9
CVE-2020-8213
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2020-8213. An information exposure vulnerability exists in UniFi Protect before v1.13.4-beta.5 that allowed unauthenticated attackers access to valid usernames for the UniFi Protect web application via HTTP response code and response timing.
FIRST-EPSS: 0.000890000
NVD-IS: 1.4
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2021-21972
DESCRIPTION: Exploit Observer has 132 entries related to CVE-2021-21972. The vSphere Client (HTML5) contains a remote code execution vulnerability in a vCenter Server plugin. A malicious actor with network access to port 443 may exploit this issue to execute commands with unrestricted privileges on the underlying operating system that hosts vCenter Server. This affects VMware vCenter Server (7.x before 7.0 U1c, 6.7 before 6.7 U3l and 6.5 before 6.5 U3n) and VMware Cloud Foundation (4.x before 4.2 and 3.x before 3.10.1.2).
FIRST-EPSS: 0.974020000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2021-21972
DESCRIPTION: Exploit Observer has 132 entries related to CVE-2021-21972. The vSphere Client (HTML5) contains a remote code execution vulnerability in a vCenter Server plugin. A malicious actor with network access to port 443 may exploit this issue to execute commands with unrestricted privileges on the underlying operating system that hosts vCenter Server. This affects VMware vCenter Server (7.x before 7.0 U1c, 6.7 before 6.7 U3l and 6.5 before 6.5 U3n) and VMware Cloud Foundation (4.x before 4.2 and 3.x before 3.10.1.2).
FIRST-EPSS: 0.974020000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2023-34212
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2023-34212. The JndiJmsConnectionFactoryProvider Controller Service, along with the ConsumeJMS and PublishJMS Processors, in Apache NiFi 1.8.0 through 1.21.0 allow an authenticated and authorized user to configure URL and library properties that enable deserialization of untrusted data from a remote location. The resolution validates the JNDI URL and restricts locations to a set of allowed schemes. You are recommended to upgrade to version 1.22.0 or later which fixes this issue.
FIRST-EPSS: 0.000910000
NVD-IS: 3.6
NVD-ES: 2.8
CVE-2023-34212
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2023-34212. The JndiJmsConnectionFactoryProvider Controller Service, along with the ConsumeJMS and PublishJMS Processors, in Apache NiFi 1.8.0 through 1.21.0 allow an authenticated and authorized user to configure URL and library properties that enable deserialization of untrusted data from a remote location. The resolution validates the JNDI URL and restricts locations to a set of allowed schemes. You are recommended to upgrade to version 1.22.0 or later which fixes this issue.
FIRST-EPSS: 0.000910000
NVD-IS: 3.6
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2020-1472
DESCRIPTION: Exploit Observer has 412 entries related to CVE-2020-1472. An elevation of privilege vulnerability exists when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol (MS-NRPC), aka 'Netlogon Elevation of Privilege Vulnerability'.
FIRST-EPSS: 0.974580000
NVD-IS: 6.0
NVD-ES: 3.9
CVE-2020-1472
DESCRIPTION: Exploit Observer has 412 entries related to CVE-2020-1472. An elevation of privilege vulnerability exists when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol (MS-NRPC), aka 'Netlogon Elevation of Privilege Vulnerability'.
FIRST-EPSS: 0.974580000
NVD-IS: 6.0
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2021-26908
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2021-26908. Automox Agent prior to version 31 logs potentially sensitive information in local log files, which could be used by a locally-authenticated attacker to subvert an organization's security program. The issue has since been fixed in version 31 of the Automox Agent.
FIRST-EPSS: 0.000440000
NVD-IS: 1.4
NVD-ES: 1.8
CVE-2021-26908
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2021-26908. Automox Agent prior to version 31 logs potentially sensitive information in local log files, which could be used by a locally-authenticated attacker to subvert an organization's security program. The issue has since been fixed in version 31 of the Automox Agent.
FIRST-EPSS: 0.000440000
NVD-IS: 1.4
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2023-1718
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-1718. Improper file stream access in /desktop_app/file.ajax.php?action=uploadfile in Bitrix24 22.0.300 allows unauthenticated remote attackers to cause denial-of-service via a crafted "tmp_url".
FIRST-EPSS: 0.001480000
NVD-IS: 3.6
NVD-ES: 3.9
CVE-2023-1718
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-1718. Improper file stream access in /desktop_app/file.ajax.php?action=uploadfile in Bitrix24 22.0.300 allows unauthenticated remote attackers to cause denial-of-service via a crafted "tmp_url".
FIRST-EPSS: 0.001480000
NVD-IS: 3.6
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2023-2612
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2023-2612. Jean-Baptiste Cayrou discovered that the shiftfs file system in the Ubuntu Linux kernel contained a race condition when handling inode locking in some situations. A local attacker could use this to cause a denial of service (kernel deadlock).
FIRST-EPSS: 0.000420000
NVD-IS: 3.6
NVD-ES: 1.0
CVE-2023-2612
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2023-2612. Jean-Baptiste Cayrou discovered that the shiftfs file system in the Ubuntu Linux kernel contained a race condition when handling inode locking in some situations. A local attacker could use this to cause a denial of service (kernel deadlock).
FIRST-EPSS: 0.000420000
NVD-IS: 3.6
NVD-ES: 1.0
#ExploitObserverAlert
CVE-2020-17083
DESCRIPTION: Exploit Observer has 9 entries related to CVE-2020-17083. Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2020-17084.
FIRST-EPSS: 0.023220000
NVD-IS: 2.7
NVD-ES: 2.3
CVE-2020-17083
DESCRIPTION: Exploit Observer has 9 entries related to CVE-2020-17083. Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2020-17084.
FIRST-EPSS: 0.023220000
NVD-IS: 2.7
NVD-ES: 2.3
#ExploitObserverAlert
CVE-2023-45657
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2023-45657. Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in POSIMYTH Nexter allows SQL Injection.This issue affects Nexter: from n/a through 2.0.3.
FIRST-EPSS: 0.000760000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2023-45657
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2023-45657. Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in POSIMYTH Nexter allows SQL Injection.This issue affects Nexter: from n/a through 2.0.3.
FIRST-EPSS: 0.000760000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
GHSA-3w9r-2mqj-cf5c
DESCRIPTION: Exploit Observer has 2 entries related to GHSA-3W9R-2MQJ-CF5C. Integer Overflow vulnerability in qsvghandler.cpp in Qt qtsvg versions 5.15.1, 6.0.0, 6.0.2, and 6.2, allows local attackers to cause a denial of service (DoS).
GHSS: 5.5
GHSA-3w9r-2mqj-cf5c
DESCRIPTION: Exploit Observer has 2 entries related to GHSA-3W9R-2MQJ-CF5C. Integer Overflow vulnerability in qsvghandler.cpp in Qt qtsvg versions 5.15.1, 6.0.0, 6.0.2, and 6.2, allows local attackers to cause a denial of service (DoS).
GHSS: 5.5
#ExploitObserverAlert
GHSA-2gqh-f22g-jh9g
DESCRIPTION: Exploit Observer has 1 entries related to GHSA-2GQH-F22G-JH9G. A post-authentication command injection vulnerability in the WSGI server of the Zyxel NAS326 firmware version V5.21(AAZF.14)C0 and NAS542 firmware version V5.21(ABAG.11)C0 could allow an authenticated attacker to execute some operating system (OS) commands by sending a crafted URL to a vulnerable device.
GHSS: 8.8
GHSA-2gqh-f22g-jh9g
DESCRIPTION: Exploit Observer has 1 entries related to GHSA-2GQH-F22G-JH9G. A post-authentication command injection vulnerability in the WSGI server of the Zyxel NAS326 firmware version V5.21(AAZF.14)C0 and NAS542 firmware version V5.21(ABAG.11)C0 could allow an authenticated attacker to execute some operating system (OS) commands by sending a crafted URL to a vulnerable device.
GHSS: 8.8
#ExploitObserverAlert
CVE-2023-36409
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-36409. Microsoft Edge (Chromium-based) Information Disclosure Vulnerability
FIRST-EPSS: 0.000630000
NVD-IS: 2.5
NVD-ES: 3.9
CVE-2023-36409
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-36409. Microsoft Edge (Chromium-based) Information Disclosure Vulnerability
FIRST-EPSS: 0.000630000
NVD-IS: 2.5
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2023-49103
DESCRIPTION: Exploit Observer has 21 entries related to CVE-2023-49103. An issue was discovered in ownCloud owncloud/graphapi 0.2.x before 0.2.1 and 0.3.x before 0.3.1. The graphapi app relies on a third-party GetPhpInfo.php library that provides a URL. When this URL is accessed, it reveals the configuration details of the PHP environment (phpinfo). This information includes all the environment variables of the webserver. In containerized deployments, these environment variables may include sensitive data such as the ownCloud admin password, mail server credentials, and license key. Simply disabling the graphapi app does not eliminate the vulnerability. Additionally, phpinfo exposes various other potentially sensitive configuration details that could be exploited by an attacker to gather information about the system. Therefore, even if ownCloud is not running in a containerized environment, this vulnerability should still be a cause for concern. Note that Docker containers from before February 2023 are not vulnerable to the credential disclosure.
FIRST-EPSS: 0.163940000
NVD-IS: 3.6
NVD-ES: 3.9
CVE-2023-49103
DESCRIPTION: Exploit Observer has 21 entries related to CVE-2023-49103. An issue was discovered in ownCloud owncloud/graphapi 0.2.x before 0.2.1 and 0.3.x before 0.3.1. The graphapi app relies on a third-party GetPhpInfo.php library that provides a URL. When this URL is accessed, it reveals the configuration details of the PHP environment (phpinfo). This information includes all the environment variables of the webserver. In containerized deployments, these environment variables may include sensitive data such as the ownCloud admin password, mail server credentials, and license key. Simply disabling the graphapi app does not eliminate the vulnerability. Additionally, phpinfo exposes various other potentially sensitive configuration details that could be exploited by an attacker to gather information about the system. Therefore, even if ownCloud is not running in a containerized environment, this vulnerability should still be a cause for concern. Note that Docker containers from before February 2023 are not vulnerable to the credential disclosure.
FIRST-EPSS: 0.163940000
NVD-IS: 3.6
NVD-ES: 3.9