Archive 09/06/2019

Type »

The moderation team is working with the threat intelligence team to categorize software that is affected by security vulnerabilities. This helps to illustrate the assignment of these categories to determine the most affected software types.

Product »

Grouping vulnerabilities by products helps to get an overview. This makes it possible to determine an homogeneous landscape or the most important hotspots in heterogeneous landscapes.

Remediation »

Vendors and researchers are eager to find countermeasures to mitigate security vulnerabilities. These can be distinguished between multiple forms and levels of remediation which influence risks differently.

Exploitability »

Researcher and attacker which are looking for security vulnerabilities try to exploit them for academic purposes or personal gain. The level and quality of exploitability can be distinguished to determine simplicity and strength of attacks.

CVSSv3 Base »

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp »

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

Exploit 0-day »

The moderation team is working with the threat intelligence team to determine prices for exploits. Our unique algorithm is used to identify the 0-day prices for an exploit, before it got distributed or became public. Calculated prices are aligned to prices disclosed by vulnerability broker and compared to prices we see on exploit markets.

Exploit Today »

The 0-day prices do not consider time-relevant factors. The today price does reflect price impacts like disclosure of vulnerability details, alternative exploits, availability of countermeasures. These dynamic aspects might decrease the exploit prices over time. Under certain circumstances this happens very fast.

IDBaseTempVulnerability0dayTodayExpRemCVE
1417404.33.8Microsoft Windows NTFS Bruteforce information disclosure$25k-$100k$0-$5kProof-of-ConceptNot Defined
1413828.07.7LibreOffice LibreLogo privilege escalation$0-$5k$0-$5kNot DefinedOfficial FixCVE-2019-9855
1413818.07.7LibreOffice URL Encoding python directory traversal$0-$5k$0-$5kNot DefinedOfficial FixCVE-2019-9854
1413805.45.1Google Android VPN Routing information disclosure$25k-$100k$5k-$25kNot DefinedOfficial FixCVE-2019-9461
1413796.15.9Google Android Video Driver Use-After-Free memory corruption$25k-$100k$5k-$25kNot DefinedOfficial FixCVE-2019-9458
1413785.35.1Google Android ELF File Loader Integer Overflow memory corruption$25k-$100k$5k-$25kNot DefinedOfficial FixCVE-2019-9457
1413777.87.4Google Android USB Monitor Driver memory corruption$25k-$100k$5k-$25kNot DefinedOfficial FixCVE-2019-9456
1413763.83.7Google Android Video Driver information disclosure$5k-$25k$0-$5kNot DefinedOfficial FixCVE-2019-9455
1413757.87.4Google Android i2c Driver Out-of-Bounds memory corruption$25k-$100k$5k-$25kNot DefinedOfficial FixCVE-2019-9454
1413743.83.7Google Android F2FS Touch Driver Out-of-Bounds information disclosure$5k-$25k$0-$5kNot DefinedOfficial FixCVE-2019-9453
1413733.83.7Google Android SEC_TS touch Driver Out-of-Bounds information disclosure$5k-$25k$0-$5kNot DefinedOfficial FixCVE-2019-9452
1413727.87.4Google Android Touchscreen Driver Out-of-Bounds memory corruption$25k-$100k$5k-$25kNot DefinedOfficial FixCVE-2019-9451
1413717.67.3Google Android FingerTipS Touchscreen Driver race condition memory corruption$25k-$100k$5k-$25kNot DefinedOfficial FixCVE-2019-9450
1413703.83.7Google Android FingerTipS Touchscreen Driver Out-of-Bounds information disclosure$5k-$25k$0-$5kNot DefinedOfficial FixCVE-2019-9449
1413697.37.0Google Android FingerTipS Touchscreen Driver Out-of-Bounds memory corruption$25k-$100k$5k-$25kNot DefinedOfficial FixCVE-2019-9448
1413687.37.0Google Android FingerTipS Touchscreen Driver Use-After-Free memory corruption$25k-$100k$5k-$25kNot DefinedOfficial FixCVE-2019-9447
1413677.37.0Google Android Touchscreen Driver Out-of-Bounds memory corruption$25k-$100k$5k-$25kNot DefinedOfficial FixCVE-2019-9446
1413663.83.7Google Android F2FS Driver Out-of-Bounds information disclosure$5k-$25k$0-$5kNot DefinedOfficial FixCVE-2019-9445
1413653.83.7Google Android Sync Debug fs Driver information disclosure$5k-$25k$0-$5kNot DefinedOfficial FixCVE-2019-9444
1413647.87.4Google Android vl53L0 Driver set_fs() memory corruption$25k-$100k$5k-$25kNot DefinedOfficial FixCVE-2019-9443
1413637.87.4Google Android mnh Driver Use-After-Free memory corruption$25k-$100k$5k-$25kNot DefinedOfficial FixCVE-2019-9442
1413627.87.4Google Anroid mnh Driver Out-of-Bounds memory corruption$5k-$25k$0-$5kNot DefinedOfficial FixCVE-2019-9441
1413617.37.0Google Android Secure Boot privilege escalation$25k-$100k$5k-$25kNot DefinedOfficial FixCVE-2019-9436
1413607.87.4Google Anroid Bluetooth Out-of-Bounds memory corruption$5k-$25k$0-$5kNot DefinedOfficial FixCVE-2019-9426
1413597.87.5Google Android sdcardfs privilege escalation$25k-$100k$5k-$25kNot DefinedOfficial FixCVE-2019-9345
1413587.37.0Google Android HTC Touchscreen Driver Use-After-Free memory corruption$25k-$100k$5k-$25kNot DefinedOfficial FixCVE-2019-9276
1413577.87.5Google Android mnh Driver Use-After-Free memory corruption$25k-$100k$5k-$25kNot DefinedOfficial FixCVE-2019-9275
1413567.37.0Google Android mnh Driver Out-of-Bounds memory corruption$25k-$100k$5k-$25kNot DefinedOfficial FixCVE-2019-9274
1413557.87.4Google Android HTC Touchscreen Driver Use-After-Free memory corruption$25k-$100k$5k-$25kNot DefinedOfficial FixCVE-2019-9273
1413547.67.3Google Android mnh Driver Use-After-Free memory corruption$25k-$100k$5k-$25kNot DefinedOfficial FixCVE-2019-9271
1413536.56.3Google Android WiFi Driver Out-of-Bounds memory corruption$25k-$100k$5k-$25kNot DefinedOfficial FixCVE-2019-9270
1413527.87.4Google Android FingerTipS Touchscreen Driver Out-of-Bounds memory corruption$25k-$100k$5k-$25kNot DefinedOfficial FixCVE-2019-9248
1413514.34.1Google Android f2fs Driver Out-of-Bounds memory corruption$5k-$25k$5k-$25kNot DefinedOfficial FixCVE-2019-9245
1413506.56.3Google Android Kernel MMU privilege escalation$25k-$100k$5k-$25kNot DefinedOfficial FixCVE-2019-2182
1413499.89.4Linux Kernel nbd.c nbd_genl_status denial of service$5k-$25k$0-$5kNot DefinedOfficial FixCVE-2019-16089
1413485.45.4Xpdf XRef.cc fetch memory corruption$0-$5k$0-$5kNot DefinedNot DefinedCVE-2019-16088
1413477.57.2Airbrake Ruby Notifier Configuration Password information disclosure$0-$5k$0-$5kNot DefinedOfficial FixCVE-2019-16060
1413466.56.5Sentrifugo viewprofile cross site request forgery$0-$5k$0-$5kNot DefinedNot DefinedCVE-2019-16059
1413455.55.5OpenSC pam_p11 Component memory corruption$0-$5k$0-$5kNot DefinedNot DefinedCVE-2019-16058
1413447.47.4Python Email Module Bypass privilege escalation$0-$5k$0-$5kNot DefinedNot DefinedCVE-2019-16056

Might our Artificial Intelligence support you?

Check our Alexa App!