Exploits 01/16/2019info

Type »

The moderation team is working with the threat intelligence team to categorize software that is affected by security vulnerabilities. This helps to illustrate the assignment of these categories to determine the most affected software types.

Remediation »

Vendors and researchers are eager to find countermeasures to mitigate security vulnerabilities. These can be distinguished between multiple forms and levels of remediation which influence risks differently.

Exploitability »

Researcher and attacker which are looking for security vulnerabilities try to exploit them for academic purposes or personal gain. The level and quality of exploitability can be distinguished to determine simplicity and strength of attacks.

Lang »

The automatization and the exploitation of a security vulnerability is called an exploit. It is possible to determine the popularity and availability of programming languages used for creating such exploits.

CVSSv3 Base »

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp »

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

Exploit 0-day »

The moderation team is working with the threat intelligence team to determine prices for exploits. Our unique algorithm is used to identify the 0-day prices for an exploit, before it got distributed or became public. Calculated prices are aligned to prices disclosed by vulnerability broker and compared to prices we see on exploit markets.

Exploit Today »

The 0-day prices do not consider time-relevant factors. The today price does reflect price impacts like disclosure of vulnerability details, alternative exploits, availability of countermeasures. These dynamic aspects might decrease the exploit prices over time. Under certain circumstances this happens very fast.

Published0dayTodayTrVulnerabilityExpLangURLCTICVE
01/16/2019$0-$5k$0-$5kCairo cairo-arc.c _arc_error_normalized Loop denial of serviceNot Defined
 
 
0.00CVE-2019-6462
01/16/2019$0-$5k$0-$5kCairo cairo-arc.c _cairo_arc_in_direction Assertion privilege escalationNot Defined
 
 
0.00CVE-2019-6461
01/16/2019$0-$5k$0-$5kGNU Recutils rec-field.c rec_field_set_name() NULL Pointer Dereference denial of serviceNot Defined
 
 
0.00CVE-2019-6460
01/16/2019$0-$5k$0-$5kGNU Recutils rec-utils.c rec_extract_type Memory Leak denial of serviceNot Defined
 
 
0.00CVE-2019-6459
01/16/2019$0-$5k$0-$5kGNU Recutils rec-buf.c rec_buf_new Memory Leak denial of serviceNot Defined
 
 
0.00CVE-2019-6458
01/16/2019$0-$5k$0-$5kGNU Recutils rec-aggregate.c rec_aggregate_reg_new Memory Leak denial of serviceNot Defined
 
 
0.00CVE-2019-6457
01/16/2019$0-$5k$0-$5kGNU Recutils rec-fex.c rec_fex_size() NULL Pointer Dereference denial of serviceNot Defined
 
 
0.00CVE-2019-6456
01/16/2019$0-$5k$0-$5kGNU Recutils rec-mset.c rec_mset_elem_destroy() Double-Free memory corruptionNot Defined
 
 
0.00CVE-2019-6455
01/16/2019$0-$5k$0-$5kES File Explorer File Manager Service Port 59777 privilege escalationNot Defined
 
 
0.00CVE-2019-6447
01/16/2019$5k-$25k$0-$5kJoomla CMS mod_banners Stored cross site scriptingNot Defined
 
 
0.00CVE-2019-6264
01/16/2019$0-$5k$0-$5kJoomla CMS Global Configuration Stored cross site scriptingProof-of-Concept
 
Link0.00CVE-2019-6263
01/16/2019$0-$5k$0-$5kJoomla CMS Global Configuration Stored cross site scriptingNot Defined
 
 
0.00CVE-2019-6262
01/16/2019$5k-$25k$0-$5kJoomla CMS com_contact Stored cross site scriptingNot Defined
 
 
0.00CVE-2019-6261
01/16/2019$5k-$25k$0-$5kISC BIND DDNS privilege escalationNot Defined
 
 
0.00CVE-2018-5741
01/16/2019$0-$5k$0-$5kKea Extension Memory Leak denial of serviceNot Defined
 
 
0.00CVE-2018-5739
01/16/2019$5k-$25k$5k-$25kISC BIND badcache.c Assertion privilege escalationNot Defined
 
 
0.00CVE-2018-5734
01/16/2019$0-$5k$0-$5kISC DHCP Reference Counter Crash denial of serviceNot Defined
 
 
0.00CVE-2018-5733
01/16/2019$0-$5k$0-$5kCacti host.php cross site scriptingNot Defined
 
 
0.00CVE-2018-20726
01/16/2019$0-$5k$0-$5kCacti Graph Vertical Label graph_templates.php cross site scriptingNot Defined
 
 
0.00CVE-2018-20725
01/16/2019$0-$5k$0-$5kCacti pollers.php cross site scriptingNot Defined
 
 
0.00CVE-2018-20724
01/16/2019$0-$5k$0-$5kCacti color_templates.php cross site scriptingNot Defined
 
 
0.00CVE-2018-20723
01/16/2019$0-$5k$0-$5kuriparser UriParse.c URI_FUNC() Out-of-Bounds memory corruptionNot Defined
 
 
0.00CVE-2018-20721
01/16/2019$0-$5k$0-$5kTIBCO Spotfire Server Spotfire Authentication privilege escalationNot Defined
 
 
0.00CVE-2018-18814
01/16/2019$0-$5k$0-$5kTIBCO Spotfire Server Web Server Persistent cross site scriptingNot Defined
 
 
0.00CVE-2018-18813
01/16/2019$0-$5k$0-$5kTIBCO Spotfire Server Spotfire Library privilege escalationNot Defined
 
 
0.00CVE-2018-18812
01/16/2019$5k-$25k$0-$5kDell EMC RSA Authentication Manager Quick Setup directory traversalNot Defined
 
 
0.00CVE-2018-15782
01/16/2019$5k-$25k$0-$5kISC BIND Cleanup Assertion denial of serviceNot Defined
 
 
0.00CVE-2017-3145
01/16/2019$5k-$25k$0-$5kISC BIND Installer privilege escalationProof-of-Concept
 
Link0.00CVE-2017-3141
01/16/2019$5k-$25k$0-$5kISC BIND Response Policy Zone Loop denial of serviceNot Defined
 
 
0.00CVE-2017-3140
01/16/2019$5k-$25k$0-$5kISC BIND nxdomain-redirect Assertion denial of serviceNot Defined
 
 
0.00CVE-2016-9778
01/16/2019$0-$5k$0-$5kMailEnable XML Document request.aspx XML External EntityNot Defined
 
 
0.00CVE-2015-9280
01/16/2019$0-$5k$0-$5kMailEnable Email Body Stored cross site scriptingNot Defined
 
 
0.00CVE-2015-9279
01/16/2019$0-$5k$0-$5kMailEnable Password Change privilege escalationNot Defined
 
 
0.00CVE-2015-9278
01/16/2019$0-$5k$0-$5kMailEnable Message directory traversalNot Defined
 
 
0.00CVE-2015-9277
01/16/2019$0-$5k$0-$5kSmarterTools SmarterMail Password Reset Page Stored cross site scriptingNot Defined
 
 
0.00CVE-2015-9276
01/16/2019$0-$5k$0-$5kNumpy Pickle Python Module privilege escalationNot Defined
 
 
0.00CVE-2019-6446
01/16/2019$0-$5k$0-$5kNTPsec ntpd ntp_control.c NULL Pointer Dereference denial of serviceProof-of-Concept
 
Link0.00CVE-2019-6445
01/16/2019$0-$5k$0-$5kNTPsec ntp_control.c process_control() Stack-based memory corruptionProof-of-Concept
 
Link0.00CVE-2019-6444
01/16/2019$0-$5k$0-$5kNTPsec ntp_control.c read_sysvars Stack-based memory corruptionProof-of-Concept
 
Link0.00CVE-2019-6443
01/16/2019$0-$5k$0-$5kNTPsec ntpd ntp_config.c Out-of-Bounds memory corruptionProof-of-Concept
 
Link0.00CVE-2019-6442

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!