Archive 10/29/2019

Type »

The moderation team is working with the threat intelligence team to categorize software that is affected by security vulnerabilities. This helps to illustrate the assignment of these categories to determine the most affected software types.

Product »

Grouping vulnerabilities by products helps to get an overview. This makes it possible to determine an homogeneous landscape or the most important hotspots in heterogeneous landscapes.

Remediation »

Vendors and researchers are eager to find countermeasures to mitigate security vulnerabilities. These can be distinguished between multiple forms and levels of remediation which influence risks differently.

Exploitability »

Researcher and attacker which are looking for security vulnerabilities try to exploit them for academic purposes or personal gain. The level and quality of exploitability can be distinguished to determine simplicity and strength of attacks.

CVSSv3 Base »

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp »

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

Exploit 0-day »

The moderation team is working with the threat intelligence team to determine prices for exploits. Our unique algorithm is used to identify the 0-day prices for an exploit, before it got distributed or became public. Calculated prices are aligned to prices disclosed by vulnerability broker and compared to prices we see on exploit markets.

Exploit Today »

The 0-day prices do not consider time-relevant factors. The today price does reflect price impacts like disclosure of vulnerability details, alternative exploits, availability of countermeasures. These dynamic aspects might decrease the exploit prices over time. Under certain circumstances this happens very fast.

IDBaseTempVulnerability0dayTodayExpRemCVE
1507666.46.1Apple iCloud CoreCrypto denial of service$5k-$25k$0-$5kNot DefinedOfficial FixCVE-2019-8741
1507656.46.1Apple iCloud CoreCrypto denial of service$5k-$25k$0-$5kNot DefinedOfficial FixCVE-2019-8741
1507646.46.1Apple iTunes CoreCrypto denial of service$5k-$25k$0-$5kNot DefinedOfficial FixCVE-2019-8741
1507636.46.1Apple macOS CoreCrypto denial of service$5k-$25k$0-$5kNot DefinedOfficial FixCVE-2019-8741
1507626.46.1Apple watchOS CoreCrypto denial of service$0-$5k$0-$5kNot DefinedOfficial FixCVE-2019-8741
1507616.46.1Apple iOS CoreCrypto denial of service$25k-$100k$5k-$25kNot DefinedOfficial FixCVE-2019-8741
1507376.46.1Apple tvOS CoreCrypto denial of service$0-$5k$0-$5kNot DefinedOfficial FixCVE-2019-8741
1446223.53.4Apple macOS UIFoundation information disclosure$5k-$25k$0-$5kNot DefinedOfficial FixCVE-2019-8761
1446218.38.0Apple macOS System Extensions memory corruption$5k-$25k$0-$5kNot DefinedOfficial FixCVE-2019-8805
1446205.55.3Apple macOS PluginKit memory corruption$5k-$25k$5k-$25kNot DefinedOfficial FixCVE-2019-8715
1446193.33.2Apple macOS PluginKit information disclosure$0-$5k$0-$5kNot DefinedOfficial FixCVE-2019-8708
1446187.87.5Apple macOS manpages privilege escalation$5k-$25k$0-$5kNot DefinedOfficial FixCVE-2019-8802
1446178.58.2Apple macOS libxslt memory corruption$5k-$25k$5k-$25kNot DefinedOfficial FixCVE-2019-8750
1446165.55.3Apple macOS libxml2 memory corruption$5k-$25k$5k-$25kNot DefinedOfficial FixCVE-2019-8756
1446155.55.3Apple macOS libxml2 memory corruption$5k-$25k$5k-$25kNot DefinedOfficial FixCVE-2019-8749
1446145.35.1Apple macOS Kernel memory corruption$5k-$25k$0-$5kNot DefinedOfficial FixCVE-2019-8744
1446138.38.0Apple macOS Kernel memory corruption$5k-$25k$0-$5kNot DefinedOfficial FixCVE-2019-8786
1446124.44.2Apple macOS Kernel Memory information disclosure$0-$5k$0-$5kNot DefinedOfficial FixCVE-2019-8794
1446115.35.1Apple macOS iTunes privilege escalation$5k-$25k$0-$5kNot DefinedOfficial FixCVE-2019-8801
1446105.55.3Apple macOS IOGraphics denial of service$0-$5k$0-$5kNot DefinedOfficial FixCVE-2019-8759
1446098.38.0Apple macOS Intel Graphics Driver memory corruption$5k-$25k$0-$5kNot DefinedOfficial FixCVE-2019-8807
1446088.38.0Apple macOS Graphics Driver memory corruption$5k-$25k$0-$5kNot DefinedOfficial FixCVE-2019-8784
1446077.57.2Apple macOS Graphics memory corruption$5k-$25k$0-$5kNot DefinedOfficial FixCVE-2018-1215
1446067.57.2Apple macOS Graphics memory corruption$5k-$25k$0-$5kNot DefinedOfficial FixCVE-2018-1215
1446057.57.2Apple macOS Graphics memory corruption$5k-$25k$0-$5kNot DefinedOfficial FixCVE-2018-1215
1446047.26.9Apple macOS File System Events memory corruption$5k-$25k$0-$5kNot DefinedOfficial FixCVE-2019-8798
1446035.35.1Apple macOS File Quarantine privilege escalation$5k-$25k$0-$5kNot DefinedOfficial FixCVE-2019-8509
1446023.53.4Apple macOS CUPS denial of service$0-$5k$0-$5kNot DefinedOfficial FixCVE-2019-8737
1446016.36.0Apple macOS CUPS Heap-based memory corruption$5k-$25k$0-$5kNot DefinedOfficial FixCVE-2019-8767
1446003.53.4Apple macOS CUPS information disclosure$5k-$25k$0-$5kNot DefinedOfficial FixCVE-2019-8736
1445995.35.1Apple macOS Contacts spoofing$5k-$25k$0-$5kNot DefinedOfficial FixCVE-2017-7152
1445984.94.7Apple macOS Books information disclosure$5k-$25k$0-$5kNot DefinedOfficial FixCVE-2019-8789
1445978.17.8Apple macOS Audio memory corruption$5k-$25k$0-$5kNot DefinedOfficial FixCVE-2019-8797
1445968.17.8Apple macOS Audio memory corruption$5k-$25k$5k-$25kNot DefinedOfficial FixCVE-2019-8785
1445956.36.0Apple macOS Audio memory corruption$5k-$25k$5k-$25kNot DefinedOfficial FixCVE-2019-8706
1445946.46.1Apple macOS Associated Domains information disclosure$5k-$25k$0-$5kNot DefinedOfficial FixCVE-2019-8788
1445938.88.4Apple macOS AppleGraphicsControl memory corruption$5k-$25k$0-$5kNot DefinedOfficial FixCVE-2019-8716
1445924.44.2Apple macOS AppleGraphicsControl Memory information disclosure$0-$5k$0-$5kNot DefinedOfficial FixCVE-2019-8817
1445916.86.5Apple macOS App Store weak authentication$0-$5k$0-$5kNot DefinedOfficial FixCVE-2019-8803
1445906.36.0Apple macOS Accounts Out-of-Bounds memory corruption$5k-$25k$5k-$25kNot DefinedOfficial FixCVE-2019-8787

Do you need the next level of professionalism?

Upgrade your account now!