Archive 05/11/2021

Type »

The moderation team is working with the threat intelligence team to categorize software that is affected by security vulnerabilities. This helps to illustrate the assignment of these categories to determine the most affected software types.

Product »

Grouping vulnerabilities by products helps to get an overview. This makes it possible to determine an homogeneous landscape or the most important hotspots in heterogeneous landscapes.

Remediation »

Vendors and researchers are eager to find countermeasures to mitigate security vulnerabilities. These can be distinguished between multiple forms and levels of remediation which influence risks differently.

Exploitability »

Researcher and attacker which are looking for security vulnerabilities try to exploit them for academic purposes or personal gain. The level and quality of exploitability can be distinguished to determine simplicity and strength of attacks.

CVSSv3 Base »

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp »

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

Exploit 0-day »

The moderation team is working with the threat intelligence team to determine prices for exploits. Our unique algorithm is used to identify the 0-day prices for an exploit, before it got distributed or became public. Calculated prices are aligned to prices disclosed by vulnerability broker and compared to prices we see on exploit markets.

Exploit Today »

The 0-day prices do not consider time-relevant factors. The today price does reflect price impacts like disclosure of vulnerability details, alternative exploits, availability of countermeasures. These dynamic aspects might decrease the exploit prices over time. Under certain circumstances this happens very fast.

IDBaseTempVulnerability0dayTodayExpRemCTICVE
1748745.44.7Microsoft Windows Wireless Networking unknown vulnerability$25k-$100k$5k-$25kUnprovenOfficial Fix0.03CVE-2020-24588
1748735.44.7Microsoft Windows Wireless Networking information disclosure$25k-$100k$5k-$25kUnprovenOfficial Fix0.07CVE-2020-24587
1748726.96.0Microsoft Visual Studio Remote Code Execution$5k-$25k$0-$5kUnprovenOfficial Fix0.03CVE-2021-27068
1748715.44.7Microsoft Windows Wireless Networking unknown vulnerability$25k-$100k$5k-$25kUnprovenOfficial Fix0.02CVE-2020-26144
1748708.87.7Microsoft Windows Privilege Escalation$100k and more$25k-$100kUnprovenOfficial Fix0.00CVE-2021-28455
1748694.74.3Microsoft Dynamics 365 for Finance and Operations unknown vulnerability$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.05CVE-2021-28461
1748684.94.3Microsoft Windows CSC Service information disclosure$25k-$100k$5k-$25kUnprovenOfficial Fix0.00CVE-2021-28479
1748676.35.7Microsoft Internet Explorer Scripting Engine memory corruption$25k-$100k$5k-$25kProof-of-ConceptOfficial Fix0.05CVE-2021-26419
1748668.37.3Microsoft Windows Container Manager Service Privilege Escalation$100k and more$25k-$100kUnprovenOfficial Fix0.00CVE-2021-31165
1748659.88.5Microsoft Windows HTTP Protocol Stack Remote Code Execution$100k and more$0-$5kProof-of-ConceptOfficial Fix0.00CVE-2021-31166
1748648.37.3Microsoft Windows Container Manager Service Privilege Escalation$100k and more$25k-$100kUnprovenOfficial Fix0.05CVE-2021-31167
1748638.37.3Microsoft Windows Container Manager Service Privilege Escalation$100k and more$25k-$100kUnprovenOfficial Fix0.03CVE-2021-31168
1748628.37.3Microsoft Windows Container Manager Service Privilege Escalation$100k and more$25k-$100kUnprovenOfficial Fix0.03CVE-2021-31169
1748618.37.3Microsoft Windows Graphics Privilege Escalation$100k and more$25k-$100kUnprovenOfficial Fix0.03CVE-2021-31170
1748603.12.8Microsoft SharePoint Server information disclosure$0-$5k$0-$5kUnprovenOfficial Fix0.02CVE-2021-31171
1748596.25.4Microsoft SharePoint Server unknown vulnerability$5k-$25k$0-$5kUnprovenOfficial Fix0.02CVE-2021-31172
1748584.23.8Microsoft SharePoint Server information disclosure$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.03CVE-2021-31173
1748574.94.3Microsoft Office/Excel information disclosure$5k-$25k$0-$5kUnprovenOfficial Fix0.04CVE-2021-31174
1748567.06.1Microsoft Office/Excel Remote Code Execution$5k-$25k$5k-$25kUnprovenOfficial Fix0.00CVE-2021-31175
1748557.06.1Microsoft Office Remote Code Execution$5k-$25k$5k-$25kUnprovenOfficial Fix0.05CVE-2021-31176
1748547.06.1Microsoft Office/Excel Remote Code Execution$5k-$25k$5k-$25kUnprovenOfficial Fix0.00CVE-2021-31177
1748534.94.3Microsoft Office/Excel information disclosure$5k-$25k$0-$5kUnprovenOfficial Fix0.00CVE-2021-31178
1748527.06.1Microsoft Office/Excel Remote Code Execution$5k-$25k$5k-$25kUnprovenOfficial Fix0.04CVE-2021-31179
1748517.06.1Microsoft Office/Word Graphics Remote Code Execution$5k-$25k$5k-$25kUnprovenOfficial Fix0.05CVE-2021-31180
1748508.87.7Microsoft SharePoint Server Privilege Escalation$25k-$100k$5k-$25kUnprovenOfficial Fix0.05CVE-2021-31181
1748496.25.4Microsoft Windows Bluetooth Driver unknown vulnerability$25k-$100k$5k-$25kUnprovenOfficial Fix0.04CVE-2021-31182
1748484.94.3Microsoft Windows Infrared Data Association information disclosure$25k-$100k$5k-$25kUnprovenOfficial Fix0.03CVE-2021-31184
1748476.05.3Microsoft Windows Desktop Bridge denial of service$5k-$25k$0-$5kUnprovenOfficial Fix0.02CVE-2021-31185
1748466.05.2Microsoft Windows RDP information disclosure$25k-$100k$5k-$25kUnprovenOfficial Fix0.05CVE-2021-31186
1748458.37.3Microsoft Windows WalletService Privilege Escalation$100k and more$25k-$100kUnprovenOfficial Fix0.04CVE-2021-31187
1748448.37.3Microsoft Windows Graphics Privilege Escalation$100k and more$25k-$100kUnprovenOfficial Fix0.04CVE-2021-31188
1748438.37.3Microsoft Windows Container Isolation FS Filter Driver Privilege Escalation$100k and more$25k-$100kUnprovenOfficial Fix0.05CVE-2021-31190
1748424.94.3Microsoft Windows Projected File System FS Filter Driver information disclosure$25k-$100k$5k-$25kUnprovenOfficial Fix0.00CVE-2021-31191
1748416.85.9Microsoft Windows Media Foundation Core Remote Code Execution$25k-$100k$5k-$25kUnprovenOfficial Fix0.06CVE-2021-31192
1748408.37.3Microsoft Windows Privilege Escalation$100k and more$25k-$100kUnprovenOfficial Fix0.03CVE-2021-31193
1748398.87.7Microsoft Windows OLE Automation Privilege Escalation$100k and more$25k-$100kUnprovenOfficial Fix0.03CVE-2021-31194
1748385.44.7Microsoft Exchange Server information disclosure$5k-$25k$0-$5kUnprovenOfficial Fix0.03CVE-2021-31195
1748378.37.3Microsoft Exchange Server Remote Code Execution$25k-$100k$5k-$25kUnprovenOfficial Fix0.03CVE-2021-31198
1748367.76.7Microsoft .NET/Visual Studio Privilege Escalation$25k-$100k$5k-$25kUnprovenOfficial Fix0.05CVE-2021-31204
1748354.33.8Microsoft Windows SMB Client Security Feature information disclosure$25k-$100k$5k-$25kUnprovenOfficial Fix0.03CVE-2021-31205
1748346.65.8Microsoft Exchange Server Privilege Escalation$25k-$100k$5k-$25kUnprovenOfficial Fix0.00CVE-2021-31207
1748337.86.8Microsoft Windows Container Manager Service Local Privilege Escalation$25k-$100k$5k-$25kUnprovenOfficial Fix0.05CVE-2021-31208
1748326.05.3Microsoft Exchange Server Remote Code Execution$25k-$100k$5k-$25kUnprovenOfficial Fix0.03CVE-2021-31209
1748316.45.6Microsoft Visual Studio Code Remote Code Execution$5k-$25k$0-$5kUnprovenOfficial Fix0.03CVE-2021-31211
1748306.45.6Microsoft Visual Studio Code Remote Containers Extension Remote Code Execution$5k-$25k$0-$5kUnprovenOfficial Fix0.02CVE-2021-31213
1748296.45.6Microsoft Visual Studio Code Remote Code Execution$5k-$25k$0-$5kUnprovenOfficial Fix0.02CVE-2021-31214
1748286.05.2Microsoft Lync Server/Skype for Business Server Privilege Escalation$25k-$100k$5k-$25kUnprovenOfficial Fix0.05CVE-2021-26421
1748277.26.3Microsoft Lync/Skype for Business Server Privilege Escalation$25k-$100k$5k-$25kUnprovenOfficial Fix0.03CVE-2021-26422
1748267.06.1Microsoft Web Media Extensions Remote Code Execution$5k-$25k$5k-$25kUnprovenOfficial Fix0.03CVE-2021-28465
1748258.87.7Microsoft SharePoint Server Privilege Escalation$25k-$100k$5k-$25kUnprovenOfficial Fix0.04CVE-2021-28474

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!