Archive 03/18/2020

IDBaseTempVulnerability0dayTodayExpRemCTICVE
1518428.58.2LogicalDOC File Upload unrestricted upload$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2020-9423
1518416.46.1BeyondTrust Privilege Management DefendpointService.exe input validation$0-$5k$0-$5kNot DefinedOfficial Fix0.06CVE-2020-9326
1518406.46.4Aquaforest TIFF Server input validation$0-$5k$0-$5kNot DefinedNot Defined0.01CVE-2020-9325
1518396.46.4Aquaforest TIFF Server UNC insufficiently protected credentials$0-$5k$0-$5kNot DefinedNot Defined0.00CVE-2020-9324
1518385.35.3Aquaforest TIFF Server tssp.aspx information disclosure$0-$5k$0-$5kNot DefinedNot Defined0.06CVE-2020-9323
1518374.13.9McAfee Network Security Management cross site scripting$0-$5k$0-$5kNot DefinedOfficial Fix0.03CVE-2020-7258
1518364.13.9McAfee Network Security Management cross site scripting$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2020-7256
1518355.45.4Delta Industrial Automation CNCSoft ScreenEditor out-of-bounds read$0-$5k$0-$5kNot DefinedNot Defined0.05CVE-2020-6976
1518344.34.3IBM Tivoli Netcool/OMNIbus cross-site request forgery$5k-$25k$0-$5kNot DefinedNot Defined0.06CVE-2020-4199
1518338.58.5PerlSpeak os command injection$0-$5k$0-$5kNot DefinedNot Defined0.00CVE-2020-10674
1518328.88.4FasterXML jackson-databind Gadget Serialized Remote Code Execution$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2020-10673
1518318.88.4FasterXML jackson-databind Gadget Serialized Remote Code Execution$0-$5k$0-$5kNot DefinedOfficial Fix0.06CVE-2020-10672
1518305.45.2Docker Desktop Diagnostic Data privileges management$0-$5k$0-$5kNot DefinedOfficial Fix0.09CVE-2020-10665
1518296.46.1LogicalDOC sql injection$0-$5k$0-$5kNot DefinedOfficial Fix0.05CVE-2020-10365
1518287.47.4Data Protection Central Certificate Remote Code Execution$0-$5k$0-$5kNot DefinedNot Defined0.04CVE-2019-3762
1518276.46.4Frappe Prepared Report prepared_report.py information disclosure$0-$5k$0-$5kNot DefinedNot Defined0.00CVE-2019-20529
1518265.25.2Ignite Realtime Openfire setup-datasource-standard.jsp cross site scripting$0-$5k$0-$5kNot DefinedNot Defined0.00CVE-2019-20528
1518255.25.2Open edX Ironwood.1 certificates Reflected cross site scripting$0-$5k$0-$5kNot DefinedNot Defined0.04CVE-2019-20512
1518245.95.9ERPNext injection$0-$5k$0-$5kNot DefinedNot Defined0.02CVE-2019-20511
1518224.34.3arxes-tolina User information disclosure$0-$5k$0-$5kNot DefinedNot Defined0.00CVE-2019-19677
1518218.38.3arxes-tolina injection$0-$5k$0-$5kNot DefinedNot Defined0.00CVE-2019-19676
1518205.75.7openshift ocp-release-operator-sdk passwd privileges assignment$0-$5k$0-$5kNot DefinedNot Defined0.03CVE-2019-19355
1518195.75.7openshift passwd privileges assignment$0-$5k$0-$5kNot DefinedNot Defined0.00CVE-2019-19351
1518183.33.3openshift openshift-install permission assignment$0-$5k$0-$5kNot DefinedNot Defined0.00CVE-2019-19335
1518176.56.5Adaware Antivirus Quarantine privileges management$5k-$25k$5k-$25kNot DefinedNot Defined0.04CVE-2019-18979
1518167.77.3Dell EMC Data Protection Advisor REST API code injection$5k-$25k$0-$5kNot DefinedOfficial Fix0.04CVE-2019-18582
1518157.77.3Dell EMC Data Protection Advisor REST API authorization$5k-$25k$0-$5kNot DefinedOfficial Fix0.00CVE-2019-18581
1518145.45.1newlib Debug reent.h) null pointer dereference$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2019-14871
1518135.95.6GraphicsMagick Text Filename information disclosure$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2019-12921
1518126.56.2SolarWinds Serv-U Managed File Transfer Web Client cross-site request forgery$0-$5k$0-$5kNot DefinedOfficial Fix0.06CVE-2019-12769
1518115.25.2Spark App Event Attribute cross site scripting$0-$5k$0-$5kNot DefinedNot Defined0.00CVE-2019-12370
1518105.25.2TypeApp Event Attribute cross site scripting$0-$5k$0-$5kNot DefinedNot Defined0.01CVE-2019-12369
1518095.25.2Edison Mail App Event Attribute cross site scripting$0-$5k$0-$5kNot DefinedNot Defined0.07CVE-2019-12368
1518085.25.2BlueMail App Event Attribute cross site scripting$0-$5k$0-$5kNot DefinedNot Defined0.05CVE-2019-12367
1518075.25.2Nine App Event Attribute cross site scripting$0-$5k$0-$5kNot DefinedNot Defined0.00CVE-2019-12366
1518065.25.2Newton App Event Attribute cross site scripting$0-$5k$0-$5kNot DefinedNot Defined0.03CVE-2019-12365
1518058.58.2ONAP SDNC dgUpload os command injection$0-$5k$0-$5kNot DefinedOfficial Fix0.05CVE-2019-12132
1518048.28.2ONAP APPC/SDC authentication spoofing$0-$5k$0-$5kNot DefinedNot Defined0.08CVE-2019-12131
1518038.27.8ONAP APPC Jolokia Interface insufficiently protected credentials$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2019-12124
1518027.57.2ONAP SDNC printAsXml os command injection$0-$5k$0-$5kNot DefinedOfficial Fix0.05CVE-2019-12123

Interested in the pricing of exploits?

See the underground prices here!