#ExploitObserverAlert
CVE-2023-36409
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-36409. Microsoft Edge (Chromium-based) Information Disclosure Vulnerability
FIRST-EPSS: 0.000630000
NVD-IS: 2.5
NVD-ES: 3.9
CVE-2023-36409
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-36409. Microsoft Edge (Chromium-based) Information Disclosure Vulnerability
FIRST-EPSS: 0.000630000
NVD-IS: 2.5
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2023-49103
DESCRIPTION: Exploit Observer has 21 entries related to CVE-2023-49103. An issue was discovered in ownCloud owncloud/graphapi 0.2.x before 0.2.1 and 0.3.x before 0.3.1. The graphapi app relies on a third-party GetPhpInfo.php library that provides a URL. When this URL is accessed, it reveals the configuration details of the PHP environment (phpinfo). This information includes all the environment variables of the webserver. In containerized deployments, these environment variables may include sensitive data such as the ownCloud admin password, mail server credentials, and license key. Simply disabling the graphapi app does not eliminate the vulnerability. Additionally, phpinfo exposes various other potentially sensitive configuration details that could be exploited by an attacker to gather information about the system. Therefore, even if ownCloud is not running in a containerized environment, this vulnerability should still be a cause for concern. Note that Docker containers from before February 2023 are not vulnerable to the credential disclosure.
FIRST-EPSS: 0.163940000
NVD-IS: 3.6
NVD-ES: 3.9
CVE-2023-49103
DESCRIPTION: Exploit Observer has 21 entries related to CVE-2023-49103. An issue was discovered in ownCloud owncloud/graphapi 0.2.x before 0.2.1 and 0.3.x before 0.3.1. The graphapi app relies on a third-party GetPhpInfo.php library that provides a URL. When this URL is accessed, it reveals the configuration details of the PHP environment (phpinfo). This information includes all the environment variables of the webserver. In containerized deployments, these environment variables may include sensitive data such as the ownCloud admin password, mail server credentials, and license key. Simply disabling the graphapi app does not eliminate the vulnerability. Additionally, phpinfo exposes various other potentially sensitive configuration details that could be exploited by an attacker to gather information about the system. Therefore, even if ownCloud is not running in a containerized environment, this vulnerability should still be a cause for concern. Note that Docker containers from before February 2023 are not vulnerable to the credential disclosure.
FIRST-EPSS: 0.163940000
NVD-IS: 3.6
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2020-15103
DESCRIPTION: Exploit Observer has 8 entries related to CVE-2020-15103. In FreeRDP less than or equal to 2.1.2, an integer overflow exists due to missing input sanitation in rdpegfx channel. All FreeRDP clients are affected. The input rectangles from the server are not checked against local surface coordinates and blindly accepted. A malicious server can send data that will crash the client later on (invalid length arguments to a `memcpy`) This has been fixed in 2.2.0. As a workaround, stop using command line arguments /gfx, /gfx-h264 and /network:auto
FIRST-EPSS: 0.001110000
NVD-IS: 1.4
NVD-ES: 2.1
CVE-2020-15103
DESCRIPTION: Exploit Observer has 8 entries related to CVE-2020-15103. In FreeRDP less than or equal to 2.1.2, an integer overflow exists due to missing input sanitation in rdpegfx channel. All FreeRDP clients are affected. The input rectangles from the server are not checked against local surface coordinates and blindly accepted. A malicious server can send data that will crash the client later on (invalid length arguments to a `memcpy`) This has been fixed in 2.2.0. As a workaround, stop using command line arguments /gfx, /gfx-h264 and /network:auto
FIRST-EPSS: 0.001110000
NVD-IS: 1.4
NVD-ES: 2.1
#ExploitObserverAlert
CVE-2022-22965
DESCRIPTION: Exploit Observer has 363 entries related to CVE-2022-22965. A Spring MVC or Spring WebFlux application running on JDK 9 may be vulnerable to remote code execution (RCE) via data binding. The specific exploit requires the application to run on Tomcat as a WAR deployment. If the application is deployed as a Spring Boot executable jar, i.e. the default, it is not vulnerable to the exploit. However, the nature of the vulnerability is more general, and there may be other ways to exploit it.
FIRST-EPSS: 0.974510000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2022-22965
DESCRIPTION: Exploit Observer has 363 entries related to CVE-2022-22965. A Spring MVC or Spring WebFlux application running on JDK 9 may be vulnerable to remote code execution (RCE) via data binding. The specific exploit requires the application to run on Tomcat as a WAR deployment. If the application is deployed as a Spring Boot executable jar, i.e. the default, it is not vulnerable to the exploit. However, the nature of the vulnerability is more general, and there may be other ways to exploit it.
FIRST-EPSS: 0.974510000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2023-1717
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-1717. Prototype pollution in bitrix/templates/bitrix24/components/bitrix/menu/left_vertical/script.js in Bitrix24 22.0.300 allows remote attackers to execute arbitrary JavaScript code in the victim’s browser, and possibly execute arbitrary PHP code on the server if the victim has administrator privilege, via polluting `__proto__[tag]` and `__proto__[text]`.
FIRST-EPSS: 0.001190000
NVD-IS: 6.0
NVD-ES: 2.8
CVE-2023-1717
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-1717. Prototype pollution in bitrix/templates/bitrix24/components/bitrix/menu/left_vertical/script.js in Bitrix24 22.0.300 allows remote attackers to execute arbitrary JavaScript code in the victim’s browser, and possibly execute arbitrary PHP code on the server if the victim has administrator privilege, via polluting `__proto__[tag]` and `__proto__[text]`.
FIRST-EPSS: 0.001190000
NVD-IS: 6.0
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2017-18019
DESCRIPTION: Exploit Observer has 4 entries related to CVE-2017-18019. In K7 Total Security before 15.1.0.305, user-controlled input to the K7Sentry device is not sufficiently sanitized: the user-controlled input can be used to compare an arbitrary memory address with a fixed value, which in turn can be used to read the contents of arbitrary memory. Similarly, the product crashes upon a \\.\K7Sentry DeviceIoControl call with an invalid kernel pointer.
FIRST-EPSS: 0.000640000
NVD-IS: 5.2
NVD-ES: 1.8
CVE-2017-18019
DESCRIPTION: Exploit Observer has 4 entries related to CVE-2017-18019. In K7 Total Security before 15.1.0.305, user-controlled input to the K7Sentry device is not sufficiently sanitized: the user-controlled input can be used to compare an arbitrary memory address with a fixed value, which in turn can be used to read the contents of arbitrary memory. Similarly, the product crashes upon a \\.\K7Sentry DeviceIoControl call with an invalid kernel pointer.
FIRST-EPSS: 0.000640000
NVD-IS: 5.2
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2023-34034
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2023-34034. Using "**" as a pattern in Spring Security configuration for WebFlux creates a mismatch in pattern matching between Spring Security and Spring WebFlux, and the potential for a security bypass.
FIRST-EPSS: 0.002050000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2023-34034
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2023-34034. Using "**" as a pattern in Spring Security configuration for WebFlux creates a mismatch in pattern matching between Spring Security and Spring WebFlux, and the potential for a security bypass.
FIRST-EPSS: 0.002050000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2023-22518
DESCRIPTION: Exploit Observer has 18 entries related to CVE-2023-22518. All versions of Confluence Data Center and Server are affected by this unexploited vulnerability. This Improper Authorization vulnerability allows an unauthenticated attacker to reset Confluence and create a Confluence instance administrator account. Using this account, an attacker can then perform all administrative actions that are available to Confluence instance administrator leading to - but not limited to - full loss of confidentiality, integrity and availability. Atlassian Cloud sites are not affected by this vulnerability. If your Confluence site is accessed via an atlassian.net domain, it is hosted by Atlassian and is not vulnerable to this issue.
FIRST-EPSS: 0.967630000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2023-22518
DESCRIPTION: Exploit Observer has 18 entries related to CVE-2023-22518. All versions of Confluence Data Center and Server are affected by this unexploited vulnerability. This Improper Authorization vulnerability allows an unauthenticated attacker to reset Confluence and create a Confluence instance administrator account. Using this account, an attacker can then perform all administrative actions that are available to Confluence instance administrator leading to - but not limited to - full loss of confidentiality, integrity and availability. Atlassian Cloud sites are not affected by this vulnerability. If your Confluence site is accessed via an atlassian.net domain, it is hosted by Atlassian and is not vulnerable to this issue.
FIRST-EPSS: 0.967630000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2021-40444
DESCRIPTION: Exploit Observer has 223 entries related to CVE-2021-40444. Microsoft MSHTML Remote Code Execution Vulnerability
FIRST-EPSS: 0.971910000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2021-40444
DESCRIPTION: Exploit Observer has 223 entries related to CVE-2021-40444. Microsoft MSHTML Remote Code Execution Vulnerability
FIRST-EPSS: 0.971910000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2023-4966
DESCRIPTION: Exploit Observer has 337 entries related to CVE-2023-4966. Sensitive information disclosure in NetScaler ADC and NetScaler Gateway when configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA ?virtual?server.
FIRST-EPSS: 0.922670000
NVD-IS: 3.6
NVD-ES: 3.9
CVE-2023-4966
DESCRIPTION: Exploit Observer has 337 entries related to CVE-2023-4966. Sensitive information disclosure in NetScaler ADC and NetScaler Gateway when configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA ?virtual?server.
FIRST-EPSS: 0.922670000
NVD-IS: 3.6
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2021-34473
DESCRIPTION: Exploit Observer has 81 entries related to CVE-2021-34473. Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-31196, CVE-2021-31206.
FIRST-EPSS: 0.973440000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2021-34473
DESCRIPTION: Exploit Observer has 81 entries related to CVE-2021-34473. Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-31196, CVE-2021-31206.
FIRST-EPSS: 0.973440000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2015-2291
DESCRIPTION: Exploit Observer has 14 entries related to CVE-2015-2291. (1) IQVW32.sys before 1.3.1.0 and (2) IQVW64.sys before 1.3.1.0 in the Intel Ethernet diagnostics driver for Windows allows local users to cause a denial of service or possibly execute arbitrary code with kernel privileges via a crafted (a) 0x80862013, (b) 0x8086200B, (c) 0x8086200F, or (d) 0x80862007 IOCTL call.
FIRST-EPSS: 0.000650000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2015-2291
DESCRIPTION: Exploit Observer has 14 entries related to CVE-2015-2291. (1) IQVW32.sys before 1.3.1.0 and (2) IQVW64.sys before 1.3.1.0 in the Intel Ethernet diagnostics driver for Windows allows local users to cause a denial of service or possibly execute arbitrary code with kernel privileges via a crafted (a) 0x80862013, (b) 0x8086200B, (c) 0x8086200F, or (d) 0x80862007 IOCTL call.
FIRST-EPSS: 0.000650000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2020-17087
DESCRIPTION: Exploit Observer has 18 entries related to CVE-2020-17087. Windows Kernel Local Elevation of Privilege Vulnerability
FIRST-EPSS: 0.001040000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2020-17087
DESCRIPTION: Exploit Observer has 18 entries related to CVE-2020-17087. Windows Kernel Local Elevation of Privilege Vulnerability
FIRST-EPSS: 0.001040000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2015-0313
DESCRIPTION: Exploit Observer has 28 entries related to CVE-2015-0313. Use-after-free vulnerability in Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows remote attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in February 2015, a different vulnerability than CVE-2015-0315, CVE-2015-0320, and CVE-2015-0322.
FIRST-EPSS: 0.972920000
NVD-IS: 10.0
NVD-ES: 10.0
CVE-2015-0313
DESCRIPTION: Exploit Observer has 28 entries related to CVE-2015-0313. Use-after-free vulnerability in Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows remote attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in February 2015, a different vulnerability than CVE-2015-0315, CVE-2015-0320, and CVE-2015-0322.
FIRST-EPSS: 0.972920000
NVD-IS: 10.0
NVD-ES: 10.0
#ExploitObserverAlert
CVE-2016-0165
DESCRIPTION: Exploit Observer has 7 entries related to CVE-2016-0165. The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability," a different vulnerability than CVE-2016-0143 and CVE-2016-0167.
FIRST-EPSS: 0.004360000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2016-0165
DESCRIPTION: Exploit Observer has 7 entries related to CVE-2016-0165. The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability," a different vulnerability than CVE-2016-0143 and CVE-2016-0167.
FIRST-EPSS: 0.004360000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2020-12812
DESCRIPTION: Exploit Observer has 6 entries related to CVE-2020-12812. An improper authentication vulnerability in SSL VPN in FortiOS 6.4.0, 6.2.0 to 6.2.3, 6.0.9 and below may result in a user being able to log in successfully without being prompted for the second factor of authentication (FortiToken) if they changed the case of their username.
FIRST-EPSS: 0.005550000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2020-12812
DESCRIPTION: Exploit Observer has 6 entries related to CVE-2020-12812. An improper authentication vulnerability in SSL VPN in FortiOS 6.4.0, 6.2.0 to 6.2.3, 6.0.9 and below may result in a user being able to log in successfully without being prompted for the second factor of authentication (FortiToken) if they changed the case of their username.
FIRST-EPSS: 0.005550000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2015-2590
DESCRIPTION: Exploit Observer has 25 entries related to CVE-2015-2590. Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2015-4732.
FIRST-EPSS: 0.023800000
NVD-IS: 10.0
NVD-ES: 10.0
CVE-2015-2590
DESCRIPTION: Exploit Observer has 25 entries related to CVE-2015-2590. Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2015-4732.
FIRST-EPSS: 0.023800000
NVD-IS: 10.0
NVD-ES: 10.0
#ExploitObserverAlert
CVE-2015-2425
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2015-2425. Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-2383 and CVE-2015-2384.
FIRST-EPSS: 0.963400000
NVD-IS: 10.0
NVD-ES: 8.6
CVE-2015-2425
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2015-2425. Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-2383 and CVE-2015-2384.
FIRST-EPSS: 0.963400000
NVD-IS: 10.0
NVD-ES: 8.6
#ExploitObserverAlert
CVE-2023-46604
DESCRIPTION: Exploit Observer has 96 entries related to CVE-2023-46604. The Java OpenWire protocol marshaller is vulnerable to Remote Code Execution. This vulnerability may allow a remote attacker with network access to either a Java-based OpenWire broker or client to run arbitrary shell commands by manipulating serialized class types in the OpenWire protocol to cause either the client or the broker (respectively) to instantiate any class on the classpath. Users are recommended to upgrade both brokers and clients to version 5.15.16, 5.16.7, 5.17.6, or 5.18.3 which fixes this issue.
FIRST-EPSS: 0.968050000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2023-46604
DESCRIPTION: Exploit Observer has 96 entries related to CVE-2023-46604. The Java OpenWire protocol marshaller is vulnerable to Remote Code Execution. This vulnerability may allow a remote attacker with network access to either a Java-based OpenWire broker or client to run arbitrary shell commands by manipulating serialized class types in the OpenWire protocol to cause either the client or the broker (respectively) to instantiate any class on the classpath. Users are recommended to upgrade both brokers and clients to version 5.15.16, 5.16.7, 5.17.6, or 5.18.3 which fixes this issue.
FIRST-EPSS: 0.968050000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2023-38205
DESCRIPTION: Exploit Observer has 11 entries related to CVE-2023-38205. Adobe ColdFusion versions 2018u18 (and earlier), 2021u8 (and earlier) and 2023u2 (and earlier) are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to access the administration CFM and CFC endpoints. Exploitation of this issue does not require user interaction.
FIRST-EPSS: 0.835160000
NVD-IS: 3.6
NVD-ES: 3.9
CVE-2023-38205
DESCRIPTION: Exploit Observer has 11 entries related to CVE-2023-38205. Adobe ColdFusion versions 2018u18 (and earlier), 2021u8 (and earlier) and 2023u2 (and earlier) are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to access the administration CFM and CFC endpoints. Exploitation of this issue does not require user interaction.
FIRST-EPSS: 0.835160000
NVD-IS: 3.6
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2021-22991
DESCRIPTION: Exploit Observer has 7 entries related to CVE-2021-22991. On BIG-IP versions 16.0.x before 16.0.1.1, 15.1.x before 15.1.2.1, 14.1.x before 14.1.4, 13.1.x before 13.1.3.6, and 12.1.x before 12.1.5.3, undisclosed requests to a virtual server may be incorrectly handled by the Traffic Management Microkernel (TMM) URI normalization, which may trigger a buffer overflow, resulting in a DoS attack. In certain situations, it may theoretically allow bypass of URL based access control or remote code execution (RCE). Note: Software versions which have reached End of Software Development (EoSD) are not evaluated.
FIRST-EPSS: 0.791400000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2021-22991
DESCRIPTION: Exploit Observer has 7 entries related to CVE-2021-22991. On BIG-IP versions 16.0.x before 16.0.1.1, 15.1.x before 15.1.2.1, 14.1.x before 14.1.4, 13.1.x before 13.1.3.6, and 12.1.x before 12.1.5.3, undisclosed requests to a virtual server may be incorrectly handled by the Traffic Management Microkernel (TMM) URI normalization, which may trigger a buffer overflow, resulting in a DoS attack. In certain situations, it may theoretically allow bypass of URL based access control or remote code execution (RCE). Note: Software versions which have reached End of Software Development (EoSD) are not evaluated.
FIRST-EPSS: 0.791400000
NVD-IS: 5.9
NVD-ES: 3.9