Archive 11/05/2020

Type »

The moderation team is working with the threat intelligence team to categorize software that is affected by security vulnerabilities. This helps to illustrate the assignment of these categories to determine the most affected software types.

Product »

Grouping vulnerabilities by products helps to get an overview. This makes it possible to determine an homogeneous landscape or the most important hotspots in heterogeneous landscapes.

Remediation »

Vendors and researchers are eager to find countermeasures to mitigate security vulnerabilities. These can be distinguished between multiple forms and levels of remediation which influence risks differently.

Exploitability »

Researcher and attacker which are looking for security vulnerabilities try to exploit them for academic purposes or personal gain. The level and quality of exploitability can be distinguished to determine simplicity and strength of attacks.

CVSSv3 Base »

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp »

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

Exploit 0-day »

The moderation team is working with the threat intelligence team to determine prices for exploits. Our unique algorithm is used to identify the 0-day prices for an exploit, before it got distributed or became public. Calculated prices are aligned to prices disclosed by vulnerability broker and compared to prices we see on exploit markets.

Exploit Today »

The 0-day prices do not consider time-relevant factors. The today price does reflect price impacts like disclosure of vulnerability details, alternative exploits, availability of countermeasures. These dynamic aspects might decrease the exploit prices over time. Under certain circumstances this happens very fast.

IDBaseTempVulnerability0dayTodayExpRemCTICVE
1658994.44.2Apple macOS Kernel information disclosure$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2020-9974
1658354.44.2Apple macOS Kernel initialization$0-$5k$0-$5kNot DefinedOfficial Fix0.05CVE-2020-27950
1658347.06.7Apple macOS FontParser out-of-bounds write$5k-$25k$5k-$25kNot DefinedOfficial Fix0.06CVE-2020-27927
1658317.06.7Apple macOS Audio out-of-bounds write$5k-$25k$5k-$25kNot DefinedOfficial Fix0.00CVE-2020-27916
1658287.06.7Apple macOS Audio out-of-bounds read$5k-$25k$0-$5kNot DefinedOfficial Fix0.00CVE-2020-27910
1657647.06.7Apple macOS CoreAudio out-of-bounds write$5k-$25k$5k-$25kNot DefinedOfficial Fix0.00CVE-2020-10017
1657637.87.5Apple macOS Kernel memory corruption$5k-$25k$0-$5kNot DefinedOfficial Fix0.00CVE-2020-10016
1657587.06.7Apple macOS Model I/O out-of-bounds read$5k-$25k$0-$5kNot DefinedOfficial Fix0.02CVE-2020-10011
1657576.56.3Apple macOS Logging path traversal$5k-$25k$0-$5kNot DefinedOfficial Fix0.00CVE-2020-10010
1657566.86.6Apple macOS Crash Reporter symlink$5k-$25k$0-$5kNot DefinedOfficial Fix0.03CVE-2020-10003
1657554.44.2Apple macOS Foundation behavioral workflow$5k-$25k$0-$5kNot DefinedOfficial Fix0.02CVE-2020-10002
1657517.06.7Apple macOS Model I/O behavioral workflow$5k-$25k$0-$5kNot DefinedOfficial Fix0.05CVE-2020-10004
1644286.36.0Apple watchOS WebKit use after free$5k-$25k$0-$5kNot DefinedOfficial Fix0.05CVE-2020-27918
1644275.35.1Apple watchOS Logging path traversal$0-$5k$0-$5kNot DefinedOfficial Fix0.06CVE-2020-10010
1644266.36.0Apple watchOS libxml2 integer overflow$5k-$25k$0-$5kNot DefinedOfficial Fix0.05CVE-2020-27911
1644256.36.0Apple watchOS libxml2 use after free$5k-$25k$0-$5kNot DefinedOfficial Fix0.00CVE-2020-27917
1644247.87.5Apple watchOS Kernel type confusion$5k-$25k$0-$5kNot DefinedOfficial Fix0.07CVE-2020-27932
1644237.87.5Apple watchOS Kernel memory corruption$5k-$25k$0-$5kNot DefinedOfficial Fix0.05CVE-2020-10016
1644223.33.2Apple watchOS Kernel state issue$0-$5k$0-$5kNot DefinedOfficial Fix0.05CVE-2020-9974
1644213.33.2Apple watchOS Kernel initialization$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2020-27950
1644207.87.5Apple watchOS IOAcceleratorFamily memory corruption$5k-$25k$0-$5kNot DefinedOfficial Fix0.04CVE-2020-27905
1644196.36.0Apple watchOS ImageIO out-of-bounds write$5k-$25k$0-$5kNot DefinedOfficial Fix0.02CVE-2020-27912
1644183.33.2Apple watchOS Foundation state issue$0-$5k$0-$5kNot DefinedOfficial Fix0.05CVE-2020-10002
1644176.36.0Apple watchOS FontParser out-of-bounds write$5k-$25k$0-$5kNot DefinedOfficial Fix0.00CVE-2020-27927
1644166.36.0Apple watchOS FontParser memory corruption$5k-$25k$0-$5kNot DefinedOfficial Fix0.00CVE-2020-27930
1644155.95.7Apple watchOS Crash Reporter symlink$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2020-10003
1644146.36.0Apple watchOS CoreAudio out-of-bounds read$0-$5k$0-$5kNot DefinedOfficial Fix0.02CVE-2020-27909
1644136.36.0Apple watchOS CoreAudio out-of-bounds write$5k-$25k$0-$5kNot DefinedOfficial Fix0.06CVE-2020-10017
1644126.36.0Apple watchOS Audio out-of-bounds write$5k-$25k$0-$5kNot DefinedOfficial Fix0.07CVE-2020-27916
1644116.36.0Apple watchOS Audio out-of-bounds read$0-$5k$0-$5kNot DefinedOfficial Fix0.06CVE-2020-27910
1644103.33.2Apple macOS Kernel initialization$0-$5k$0-$5kHighOfficial Fix0.06CVE-2020-27950
1644097.87.5Apple macOS Kernel type confusion$5k-$25k$0-$5kHighOfficial Fix0.05CVE-2020-27932
1644086.36.0Apple macOS FontParser memory corruption$5k-$25k$5k-$25kHighOfficial Fix0.13CVE-2020-27930
1644076.36.0Apple tvOS WebKit use after free$5k-$25k$0-$5kNot DefinedOfficial Fix0.00CVE-2020-27918
1644065.35.1Apple tvOS Logging path traversal$0-$5k$0-$5kNot DefinedOfficial Fix0.08CVE-2020-10010
1644056.36.0Apple tvOS libxml2 integer overflow$5k-$25k$0-$5kNot DefinedOfficial Fix0.00CVE-2020-27911
1644046.36.0Apple tvOS libxml2 use after free$5k-$25k$0-$5kNot DefinedOfficial Fix0.02CVE-2020-27917
1644037.87.5Apple tvOS Kernel memory corruption$5k-$25k$0-$5kNot DefinedOfficial Fix0.06CVE-2020-10016
1644023.33.2Apple tvOS Kernel information disclosure$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2020-9974
1644017.87.5Apple tvOS IOAcceleratorFamily memory corruption$5k-$25k$0-$5kNot DefinedOfficial Fix0.00CVE-2020-27905

Might our Artificial Intelligence support you?

Check our Alexa App!