Archive 05/28/2021

Type »

The moderation team is working with the threat intelligence team to categorize software that is affected by security vulnerabilities. This helps to illustrate the assignment of these categories to determine the most affected software types.

Product »

Grouping vulnerabilities by products helps to get an overview. This makes it possible to determine an homogeneous landscape or the most important hotspots in heterogeneous landscapes.

Remediation »

Vendors and researchers are eager to find countermeasures to mitigate security vulnerabilities. These can be distinguished between multiple forms and levels of remediation which influence risks differently.

Exploitability »

Researcher and attacker which are looking for security vulnerabilities try to exploit them for academic purposes or personal gain. The level and quality of exploitability can be distinguished to determine simplicity and strength of attacks.

CVSSv3 Base »

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp »

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

Exploit 0-day »

The moderation team is working with the threat intelligence team to determine prices for exploits. Our unique algorithm is used to identify the 0-day prices for an exploit, before it got distributed or became public. Calculated prices are aligned to prices disclosed by vulnerability broker and compared to prices we see on exploit markets.

Exploit Today »

The 0-day prices do not consider time-relevant factors. The today price does reflect price impacts like disclosure of vulnerability details, alternative exploits, availability of countermeasures. These dynamic aspects might decrease the exploit prices over time. Under certain circumstances this happens very fast.

IDBaseTempVulnerability0dayTodayExpRemCTICVE
1760573.53.4FreeBSD libradius denial of service$0-$5k$0-$5kNot DefinedOfficial Fix0.03CVE-2021-29629
1760565.55.3FreeBSD System Call Privilege Escalation$5k-$25k$0-$5kNot DefinedOfficial Fix0.04CVE-2021-29628
1760553.53.5pki-core POST Request cross site scripting$0-$5k$0-$5kNot DefinedNot Defined0.00CVE-2020-25715
1760543.53.4Keycloak cross site scripting$0-$5k$0-$5kNot DefinedOfficial Fix0.05CVE-2021-20195
1760536.36.0Kiali OpenID authentication spoofing$0-$5k$0-$5kNot DefinedOfficial Fix0.06CVE-2021-20278
1760525.55.3gdk-pixbuf GIF Image out-of-bounds write$0-$5k$0-$5kNot DefinedOfficial Fix0.14CVE-2021-20240
1760515.55.3ZeroMQ Topic Subscription stack-based overflow$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2021-20236
1760503.53.4QEMU am53c974 SCSI Host Bus Adapter Emulation denial of service$0-$5k$0-$5kNot DefinedOfficial Fix0.05CVE-2020-35505
1760493.53.4QEMU SCSI Emulation Support null pointer dereference$0-$5k$0-$5kNot DefinedOfficial Fix0.03CVE-2020-35504
1760486.36.0dex SAML Connector authentication spoofing$0-$5k$0-$5kNot DefinedOfficial Fix0.03CVE-2020-27847
1760474.64.4KeyCloak Account REST API unnecessary privileges$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2020-27826
1760466.36.0Naver Comic Viewer HTML Page Privilege Escalation$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2021-33591
1760454.34.1Spice Renegotiation resource consumption$0-$5k$0-$5kNot DefinedOfficial Fix0.04CVE-2021-20201
1760445.55.3QEMU am53c974 SCSI Host Bus Adapter Emulation CMD_TI denial of service$0-$5k$0-$5kNot DefinedOfficial Fix0.04CVE-2020-35506
1760435.95.6OpenLDAP Packet csnNormalize23 assertion$0-$5k$0-$5kNot DefinedOfficial Fix0.03CVE-2020-25710
1760425.35.1ZeroMQ PUB Message xpub.cpp resource consumption$0-$5k$0-$5kNot DefinedOfficial Fix0.03CVE-2021-20237
1760414.34.1Linux Kernel BPF information disclosure$5k-$25k$0-$5kNot DefinedOfficial Fix0.05CVE-2021-20239
1760407.26.9Linux Kernel Nouveau DRM Subsystem nouveau_sgdma.c nouveau_sgdma_create_ttm use after free$5k-$25k$5k-$25kNot DefinedOfficial Fix0.00CVE-2021-20292
1760393.53.5Baijia 101EIP System Announcement cross site scripting$0-$5k$0-$5kNot DefinedNot Defined0.00CVE-2021-32540
1760384.34.3Harvest Information CTS Web Trading System cross site scripting$0-$5k$0-$5kNot DefinedNot Defined0.03CVE-2021-32542
1760373.53.5Baijia 101EIP System cross site scripting$0-$5k$0-$5kNot DefinedNot Defined0.00CVE-2021-32539
1760366.36.3Harvest Information CTS Web Transaction System improper authentication$0-$5k$0-$5kNot DefinedNot Defined0.03CVE-2021-32543
1760355.35.1Harvest Information CTS Web Trading System user session$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2021-32541
1760345.55.3OpenShift Web Console security check for standard$0-$5k$0-$5kNot DefinedOfficial Fix0.04CVE-2020-1761
1760333.53.4RESTEasy RESTEASY003870 Exception cross site scripting$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2020-10688
1760325.35.1Spring Framework Multipart Request privileges management$0-$5k$0-$5kNot DefinedOfficial Fix0.06CVE-2021-22118
1760315.55.3Ansible Tower server-side request forgery$0-$5k$0-$5kNot DefinedOfficial Fix0.04CVE-2020-14328
1760305.55.3Ansible Tower server-side request forgery$0-$5k$0-$5kNot DefinedOfficial Fix0.04CVE-2020-14327
1760293.33.2please search_path information disclosure$0-$5k$0-$5kNot DefinedOfficial Fix0.05CVE-2021-31153
1760285.55.3Citrix Workspace App access control$5k-$25k$0-$5kNot DefinedOfficial Fix0.03CVE-2021-22907
1760276.35.7CubeCart Session Cookie session fixiation$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.00CVE-2021-33394
1760265.55.5Siemens Luxion KeyShot STP File Parser stack-based overflow$5k-$25k$5k-$25kNot DefinedNot Defined0.03CVE-2021-27494
1760255.55.5Siemens Luxion KeyShot Datakit Software Libraries out-of-bounds read$5k-$25k$0-$5kNot DefinedNot Defined0.03CVE-2021-27490
1760245.55.5Siemens Luxion KeyShot CATPart File Parser out-of-bounds write$5k-$25k$5k-$25kNot DefinedNot Defined0.00CVE-2021-27488
1760235.55.5SonicWall NSM On-Prem HTTP Request os command injection$0-$5k$0-$5kNot DefinedNot Defined0.09CVE-2021-20026
1760226.36.3FFmpeg vf_edgedetect.c gaussian_blur heap-based overflow$0-$5k$0-$5kNot DefinedNot Defined0.03CVE-2020-22025
1760213.53.4Kubevirt virt-handler permission assignment$0-$5k$0-$5kNot DefinedOfficial Fix0.08CVE-2020-1701
1760203.53.4Mozilla Network Security Services CHACHA20-POLY1305 out-of-bounds read$0-$5k$0-$5kNot DefinedOfficial Fix0.06CVE-2020-12403
1760193.53.4Ansible Engine Template Caching random values$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2020-10729
1760186.36.0Ansible Tower OAuth2 Authentication improper authentication$0-$5k$0-$5kNot DefinedOfficial Fix0.05CVE-2020-10709
1760175.55.3libvirt API authorization$0-$5k$0-$5kNot DefinedOfficial Fix0.04CVE-2020-10701
1760163.53.4Ansible Tower Openshift resource consumption$0-$5k$0-$5kNot DefinedOfficial Fix0.05CVE-2020-10697
1760155.55.3runc Configuration pathname traversal$0-$5k$0-$5kNot DefinedOfficial Fix0.04CVE-2021-30465
1760144.74.5Pulse Secure Pulse Connect Secure Administrator Web Interface unrestricted upload$0-$5k$0-$5kNot DefinedOfficial Fix0.04CVE-2021-22900
1760135.55.5Huawei Secospace USG9500 out-of-bounds write$5k-$25k$5k-$25kNot DefinedNot Defined0.04CVE-2021-22411
1760123.53.5Huawei Mate 30 denial of service$0-$5k$0-$5kNot DefinedNot Defined0.08CVE-2021-22364
1760115.55.5Huawei CloudEngine 12800 out-of-bounds write$5k-$25k$5k-$25kNot DefinedNot Defined0.00CVE-2021-22362
1760103.53.5Huawei S5700/S6700 Message denial of service$0-$5k$0-$5kNot DefinedNot Defined0.03CVE-2021-22359
1760095.55.5Huawei FusionCompute input validation$5k-$25k$5k-$25kNot DefinedNot Defined0.05CVE-2021-22358
1760084.34.1Ab Initio Control Center file inclusion$0-$5k$0-$5kNot DefinedOfficial Fix0.03CVE-2021-33408

Interested in the pricing of exploits?

See the underground prices here!