#ExploitObserverAlert
CVE-2008-5161
DESCRIPTION: Exploit Observer has 53 entries related to CVE-2008-5161. Error handling in the SSH protocol in (1) SSH Tectia Client and Server and Connector 4.0 through 4.4.11, 5.0 through 5.2.4, and 5.3 through 5.3.8; Client and Server and ConnectSecure 6.0 through 6.0.4; Server for Linux on IBM System z 6.0.4; Server for IBM z/OS 5.5.1 and earlier, 6.0.0, and 6.0.1; and Client 4.0-J through 4.3.3-J and 4.0-K through 4.3.10-K; and (2) OpenSSH 4.7p1 and possibly other versions, when using a block cipher algorithm in Cipher Block Chaining (CBC) mode, makes it easier for remote attackers to recover certain plaintext data from an arbitrary block of ciphertext in an SSH session via unknown vectors.
FIRST-EPSS: 0.010490000
NVD-IS: 2.9
NVD-ES: 4.9
CVE-2008-5161
DESCRIPTION: Exploit Observer has 53 entries related to CVE-2008-5161. Error handling in the SSH protocol in (1) SSH Tectia Client and Server and Connector 4.0 through 4.4.11, 5.0 through 5.2.4, and 5.3 through 5.3.8; Client and Server and ConnectSecure 6.0 through 6.0.4; Server for Linux on IBM System z 6.0.4; Server for IBM z/OS 5.5.1 and earlier, 6.0.0, and 6.0.1; and Client 4.0-J through 4.3.3-J and 4.0-K through 4.3.10-K; and (2) OpenSSH 4.7p1 and possibly other versions, when using a block cipher algorithm in Cipher Block Chaining (CBC) mode, makes it easier for remote attackers to recover certain plaintext data from an arbitrary block of ciphertext in an SSH session via unknown vectors.
FIRST-EPSS: 0.010490000
NVD-IS: 2.9
NVD-ES: 4.9
#ExploitObserverAlert
CVE-2023-36802
DESCRIPTION: Exploit Observer has 13 entries related to CVE-2023-36802. Microsoft Streaming Service Proxy Elevation of Privilege Vulnerability
FIRST-EPSS: 0.000540000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2023-36802
DESCRIPTION: Exploit Observer has 13 entries related to CVE-2023-36802. Microsoft Streaming Service Proxy Elevation of Privilege Vulnerability
FIRST-EPSS: 0.000540000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2023-22515
DESCRIPTION: Exploit Observer has 209 entries related to CVE-2023-22515. Atlassian has been made aware of an issue reported by a handful of customers where external attackers may have exploited a previously unknown vulnerability in publicly accessible Confluence Data Center and Server instances to create unauthorized Confluence administrator accounts and access Confluence instances.
Atlassian Cloud sites are not affected by this vulnerability. If your Confluence site is accessed via an atlassian.net domain, it is hosted by Atlassian and is not vulnerable to this issue.
FIRST-EPSS: 0.955290000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2023-22515
DESCRIPTION: Exploit Observer has 209 entries related to CVE-2023-22515. Atlassian has been made aware of an issue reported by a handful of customers where external attackers may have exploited a previously unknown vulnerability in publicly accessible Confluence Data Center and Server instances to create unauthorized Confluence administrator accounts and access Confluence instances.
Atlassian Cloud sites are not affected by this vulnerability. If your Confluence site is accessed via an atlassian.net domain, it is hosted by Atlassian and is not vulnerable to this issue.
FIRST-EPSS: 0.955290000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2021-32682
DESCRIPTION: Exploit Observer has 8 entries related to CVE-2021-32682. elFinder is an open-source file manager for web, written in JavaScript using jQuery UI. Several vulnerabilities affect elFinder 2.1.58. These vulnerabilities can allow an attacker to execute arbitrary code and commands on the server hosting the elFinder PHP connector, even with minimal configuration. The issues were patched in version 2.1.59. As a workaround, ensure the connector is not exposed without authentication.
FIRST-EPSS: 0.972800000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2021-32682
DESCRIPTION: Exploit Observer has 8 entries related to CVE-2021-32682. elFinder is an open-source file manager for web, written in JavaScript using jQuery UI. Several vulnerabilities affect elFinder 2.1.58. These vulnerabilities can allow an attacker to execute arbitrary code and commands on the server hosting the elFinder PHP connector, even with minimal configuration. The issues were patched in version 2.1.59. As a workaround, ensure the connector is not exposed without authentication.
FIRST-EPSS: 0.972800000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2023-22518
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2023-22518. All versions of Confluence Data Center and Server are affected by this unexploited vulnerability. There is no impact to confidentiality as an attacker cannot exfiltrate any instance data.
Atlassian Cloud sites are not affected by this vulnerability. If your Confluence site is accessed via an atlassian.net domain, it is hosted by Atlassian and is not vulnerable to this issue.
FIRST-EPSS: 0.967630000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2023-22518
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2023-22518. All versions of Confluence Data Center and Server are affected by this unexploited vulnerability. There is no impact to confidentiality as an attacker cannot exfiltrate any instance data.
Atlassian Cloud sites are not affected by this vulnerability. If your Confluence site is accessed via an atlassian.net domain, it is hosted by Atlassian and is not vulnerable to this issue.
FIRST-EPSS: 0.967630000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2023-36563
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-36563. Microsoft WordPad Information Disclosure Vulnerability
FIRST-EPSS: 0.003320000
NVD-IS: 3.6
NVD-ES: 2.8
CVE-2023-36563
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-36563. Microsoft WordPad Information Disclosure Vulnerability
FIRST-EPSS: 0.003320000
NVD-IS: 3.6
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2022-31777
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2022-31777. A stored cross-site scripting (XSS) vulnerability in Apache Spark 3.2.1 and earlier, and 3.3.0, allows remote attackers to execute arbitrary JavaScript in the web browser of a user, by including a malicious payload into the logs which would be returned in logs rendered in the UI.
FIRST-EPSS: 0.000680000
NVD-IS: 2.7
NVD-ES: 2.3
CVE-2022-31777
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2022-31777. A stored cross-site scripting (XSS) vulnerability in Apache Spark 3.2.1 and earlier, and 3.3.0, allows remote attackers to execute arbitrary JavaScript in the web browser of a user, by including a malicious payload into the logs which would be returned in logs rendered in the UI.
FIRST-EPSS: 0.000680000
NVD-IS: 2.7
NVD-ES: 2.3
#ExploitObserverAlert
CVE-2022-3832
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2022-3832. The External Media WordPress plugin before 1.0.36 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).
FIRST-EPSS: 0.000450000
NVD-IS: 2.7
NVD-ES: 1.7
CVE-2022-3832
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2022-3832. The External Media WordPress plugin before 1.0.36 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).
FIRST-EPSS: 0.000450000
NVD-IS: 2.7
NVD-ES: 1.7
#ExploitObserverAlert
CVE-2014-6271
DESCRIPTION: Exploit Observer has 740 entries related to CVE-2014-6271. GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution, aka "ShellShock." NOTE: the original fix for this issue was incorrect; CVE-2014-7169 has been assigned to cover the vulnerability that is still present after the incorrect fix.
FIRST-EPSS: 0.975680000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2014-6271
DESCRIPTION: Exploit Observer has 740 entries related to CVE-2014-6271. GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution, aka "ShellShock." NOTE: the original fix for this issue was incorrect; CVE-2014-7169 has been assigned to cover the vulnerability that is still present after the incorrect fix.
FIRST-EPSS: 0.975680000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2020-9484
DESCRIPTION: Exploit Observer has 112 entries related to CVE-2020-9484. When using Apache Tomcat versions 10.0.0-M1 to 10.0.0-M4, 9.0.0.M1 to 9.0.34, 8.5.0 to 8.5.54 and 7.0.0 to 7.0.103 if a) an attacker is able to control the contents and name of a file on the server; and b) the server is configured to use the PersistenceManager with a FileStore; and c) the PersistenceManager is configured with sessionAttributeValueClassNameFilter="null" (the default unless a SecurityManager is used) or a sufficiently lax filter to allow the attacker provided object to be deserialized; and d) the attacker knows the relative file path from the storage location used by FileStore to the file the attacker has control over; then, using a specifically crafted request, the attacker will be able to trigger remote code execution via deserialization of the file under their control. Note that all of conditions a) to d) must be true for the attack to succeed.
FIRST-EPSS: 0.883600000
NVD-IS: 5.9
NVD-ES: 1.0
CVE-2020-9484
DESCRIPTION: Exploit Observer has 112 entries related to CVE-2020-9484. When using Apache Tomcat versions 10.0.0-M1 to 10.0.0-M4, 9.0.0.M1 to 9.0.34, 8.5.0 to 8.5.54 and 7.0.0 to 7.0.103 if a) an attacker is able to control the contents and name of a file on the server; and b) the server is configured to use the PersistenceManager with a FileStore; and c) the PersistenceManager is configured with sessionAttributeValueClassNameFilter="null" (the default unless a SecurityManager is used) or a sufficiently lax filter to allow the attacker provided object to be deserialized; and d) the attacker knows the relative file path from the storage location used by FileStore to the file the attacker has control over; then, using a specifically crafted request, the attacker will be able to trigger remote code execution via deserialization of the file under their control. Note that all of conditions a) to d) must be true for the attack to succeed.
FIRST-EPSS: 0.883600000
NVD-IS: 5.9
NVD-ES: 1.0
#ExploitObserverAlert
CVE-2023-27953
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-27953. The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.4, macOS Big Sur 11.7.5. A remote user may be able to cause unexpected system termination or corrupt kernel memory.
FIRST-EPSS: 0.000970000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2023-27953
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-27953. The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.4, macOS Big Sur 11.7.5. A remote user may be able to cause unexpected system termination or corrupt kernel memory.
FIRST-EPSS: 0.000970000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2023-4966
DESCRIPTION: Exploit Observer has 257 entries related to CVE-2023-4966. Sensitive information disclosure in NetScaler ADC and NetScaler Gateway when configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA ?virtual?server.
FIRST-EPSS: 0.922670000
NVD-IS: 3.6
NVD-ES: 3.9
CVE-2023-4966
DESCRIPTION: Exploit Observer has 257 entries related to CVE-2023-4966. Sensitive information disclosure in NetScaler ADC and NetScaler Gateway when configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA ?virtual?server.
FIRST-EPSS: 0.922670000
NVD-IS: 3.6
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2023-23397
DESCRIPTION: Exploit Observer has 152 entries related to CVE-2023-23397. Microsoft Outlook Elevation of Privilege Vulnerability
FIRST-EPSS: 0.891780000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2023-23397
DESCRIPTION: Exploit Observer has 152 entries related to CVE-2023-23397. Microsoft Outlook Elevation of Privilege Vulnerability
FIRST-EPSS: 0.891780000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2023-4113
DESCRIPTION: Exploit Observer has 4 entries related to CVE-2023-4113. A vulnerability was found in PHP Jabbers Service Booking Script 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file /index.php. The manipulation of the argument index leads to cross site scripting. The attack can be initiated remotely. The identifier of this vulnerability is VDB-235960. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
FIRST-EPSS: 0.003010000
NVD-IS: 2.7
NVD-ES: 2.8
CVE-2023-4113
DESCRIPTION: Exploit Observer has 4 entries related to CVE-2023-4113. A vulnerability was found in PHP Jabbers Service Booking Script 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file /index.php. The manipulation of the argument index leads to cross site scripting. The attack can be initiated remotely. The identifier of this vulnerability is VDB-235960. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
FIRST-EPSS: 0.003010000
NVD-IS: 2.7
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2022-45143
DESCRIPTION: Exploit Observer has 8 entries related to CVE-2022-45143. The JsonErrorReportValve in Apache Tomcat 8.5.83, 9.0.40 to 9.0.68 and 10.1.0-M1 to 10.1.1 did not escape the type, message or description values. In some circumstances these are constructed from user provided data and it was therefore possible for users to supply values that invalidated or manipulated the JSON output.
FIRST-EPSS: 0.002540000
NVD-IS: 3.6
NVD-ES: 3.9
CVE-2022-45143
DESCRIPTION: Exploit Observer has 8 entries related to CVE-2022-45143. The JsonErrorReportValve in Apache Tomcat 8.5.83, 9.0.40 to 9.0.68 and 10.1.0-M1 to 10.1.1 did not escape the type, message or description values. In some circumstances these are constructed from user provided data and it was therefore possible for users to supply values that invalidated or manipulated the JSON output.
FIRST-EPSS: 0.002540000
NVD-IS: 3.6
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2022-48503
DESCRIPTION: Exploit Observer has 7 entries related to CVE-2022-48503. The issue was addressed with improved bounds checks. This issue is fixed in tvOS 15.6, watchOS 8.7, iOS 15.6 and iPadOS 15.6, macOS Monterey 12.5, Safari 15.6. Processing web content may lead to arbitrary code execution.
FIRST-EPSS: 0.000850000
NVD-IS: 5.9
NVD-ES: 2.8
CVE-2022-48503
DESCRIPTION: Exploit Observer has 7 entries related to CVE-2022-48503. The issue was addressed with improved bounds checks. This issue is fixed in tvOS 15.6, watchOS 8.7, iOS 15.6 and iPadOS 15.6, macOS Monterey 12.5, Safari 15.6. Processing web content may lead to arbitrary code execution.
FIRST-EPSS: 0.000850000
NVD-IS: 5.9
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2020-9757
DESCRIPTION: Exploit Observer has 10 entries related to CVE-2020-9757. The SEOmatic component before 3.3.0 for Craft CMS allows Server-Side Template Injection that leads to RCE via malformed data to the metacontainers controller.
FIRST-EPSS: 0.970310000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2020-9757
DESCRIPTION: Exploit Observer has 10 entries related to CVE-2020-9757. The SEOmatic component before 3.3.0 for Craft CMS allows Server-Side Template Injection that leads to RCE via malformed data to the metacontainers controller.
FIRST-EPSS: 0.970310000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2014-0546
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2014-0546. Adobe Reader and Acrobat 10.x before 10.1.11 and 11.x before 11.0.08 on Windows allow attackers to bypass a sandbox protection mechanism, and consequently execute native code in a privileged context, via unspecified vectors.
FIRST-EPSS: 0.012630000
NVD-IS: 10.0
NVD-ES: 10.0
CVE-2014-0546
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2014-0546. Adobe Reader and Acrobat 10.x before 10.1.11 and 11.x before 11.0.08 on Windows allow attackers to bypass a sandbox protection mechanism, and consequently execute native code in a privileged context, via unspecified vectors.
FIRST-EPSS: 0.012630000
NVD-IS: 10.0
NVD-ES: 10.0
#ExploitObserverAlert
CVE-2018-0802
DESCRIPTION: Exploit Observer has 78 entries related to CVE-2018-0802. Equation Editor in Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allow a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Office Memory Corruption Vulnerability". This CVE is unique from CVE-2018-0797 and CVE-2018-0812.
FIRST-EPSS: 0.973170000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2018-0802
DESCRIPTION: Exploit Observer has 78 entries related to CVE-2018-0802. Equation Editor in Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allow a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Office Memory Corruption Vulnerability". This CVE is unique from CVE-2018-0797 and CVE-2018-0812.
FIRST-EPSS: 0.973170000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2023-32031
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2023-32031. Microsoft Exchange Server Remote Code Execution Vulnerability
FIRST-EPSS: 0.143360000
NVD-IS: 5.9
NVD-ES: 2.8
CVE-2023-32031
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2023-32031. Microsoft Exchange Server Remote Code Execution Vulnerability
FIRST-EPSS: 0.143360000
NVD-IS: 5.9
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2018-0982
DESCRIPTION: Exploit Observer has 36 entries related to CVE-2018-0982. An elevation of privilege vulnerability exists in the way that the Windows Kernel API enforces permissions, aka "Windows Elevation of Privilege Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers.
FIRST-EPSS: 0.001400000
NVD-IS: 5.9
NVD-ES: 1.0
CVE-2018-0982
DESCRIPTION: Exploit Observer has 36 entries related to CVE-2018-0982. An elevation of privilege vulnerability exists in the way that the Windows Kernel API enforces permissions, aka "Windows Elevation of Privilege Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers.
FIRST-EPSS: 0.001400000
NVD-IS: 5.9
NVD-ES: 1.0