Exploits 03/21/2019info

Type »

The moderation team is working with the threat intelligence team to categorize software that is affected by security vulnerabilities. This helps to illustrate the assignment of these categories to determine the most affected software types.

Remediation »

Vendors and researchers are eager to find countermeasures to mitigate security vulnerabilities. These can be distinguished between multiple forms and levels of remediation which influence risks differently.

Exploitability »

Researcher and attacker which are looking for security vulnerabilities try to exploit them for academic purposes or personal gain. The level and quality of exploitability can be distinguished to determine simplicity and strength of attacks.

Lang »

The automatization and the exploitation of a security vulnerability is called an exploit. It is possible to determine the popularity and availability of programming languages used for creating such exploits.

CVSSv3 Base »

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp »

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

Exploit 0-day »

The moderation team is working with the threat intelligence team to determine prices for exploits. Our unique algorithm is used to identify the 0-day prices for an exploit, before it got distributed or became public. Calculated prices are aligned to prices disclosed by vulnerability broker and compared to prices we see on exploit markets.

Exploit Today »

The 0-day prices do not consider time-relevant factors. The today price does reflect price impacts like disclosure of vulnerability details, alternative exploits, availability of countermeasures. These dynamic aspects might decrease the exploit prices over time. Under certain circumstances this happens very fast.

Published0dayTodayTrVulnerabilityExpLangURLCTICVE
03/21/2019$5k-$25k$5k-$25kApache Hadoop access controlNot Defined
 
 
0.07CVE-2018-11767
03/21/2019$5k-$25k$0-$5kOpera Web Browser DLL shcore.dll untrusted search pathNot Defined
 
 
0.00CVE-2018-18913
03/21/2019$5k-$25k$0-$5kBlackBerry AtHoc Management System xml external entity referenceNot Defined
 
 
0.00CVE-2019-8997
03/21/2019$5k-$25k$5k-$25kLinux Kernel i915_gem_execbuffer.c access_ok Kernel Memory input validationNot Defined
 
 
0.00CVE-2018-20669
03/21/2019$5k-$25k$0-$5kLinux Kernel USB Device hso.c hso_get_config_data out-of-bounds readNot Defined
 
 
0.00CVE-2018-19985
03/21/2019$5k-$25k$0-$5kMoodle server-side request forgeryNot Defined
 
 
0.00CVE-2019-6970
03/21/2019$5k-$25k$5k-$25kIBM DB2 Shared Libraries access controlNot Defined
 
 
0.00CVE-2019-4094
03/21/2019$5k-$25k$0-$5kApache Karaf kar Deployer path traversalNot Defined
 
 
0.07CVE-2019-0191
03/21/2019$5k-$25k$5k-$25kIBM WebSphere MQ Web UI cross site scriptingNot Defined
 
 
0.00CVE-2018-1836
03/21/2019$5k-$25k$0-$5kQEMU lsi53c895a.c msg_len out-of-bounds readNot Defined
 
 
0.00CVE-2018-18849
03/21/2019$5k-$25k$5k-$25kQEMU tcp_subr.c tcp_emu memory corruptionNot Defined
 
 
0.00CVE-2019-6778
03/21/2019$5k-$25k$5k-$25kLinux Kernel KVM use after freeNot Defined
 
 
0.00CVE-2019-7221
03/21/2019$5k-$25k$0-$5kQEMU scsi-generic.c scsi_handle_inquiry_reply out-of-bounds readNot Defined
 
 
0.00CVE-2019-6501
03/21/2019$5k-$25k$0-$5kIBM InfoSphere Streams inadequate encryptionNot Defined
 
 
0.00CVE-2017-1713
03/21/2019$5k-$25k$5k-$25kSiemens SICAM A8000 CP-8050 Web Server input validationNot Defined
 
 
0.07CVE-2018-13798
03/21/2019$5k-$25k$0-$5kSiemens EN100 Ethernet Module Security Vulnerability resource managementNot Defined
 
 
0.00CVE-2018-16563
03/21/2019$0-$5k$0-$5kIBM Power 9 OP910/Power 9 OP920/Power 9 FW910 memory corruptionNot Defined
 
 
0.00CVE-2018-1992
03/21/2019$0-$5k$0-$5kw8tcha oEmbed Plugin plugin.js data processingNot Defined
 
 
0.07CVE-2019-9870
03/21/2019$0-$5k$0-$5kSamsung Galaxy S6 bcmdhd4358 Wi-Fi Driver prot_get_ring_space Kernel Memory memory corruptionNot Defined
 
 
0.08CVE-2018-14745
03/21/2019$0-$5k$0-$5kWifi-soft UniBox controller Diagnostic Tools Controller diagnostic_tools_controller command injectionNot Defined
 
 
0.00CVE-2019-3496
03/21/2019$0-$5k$0-$5kWifi-soft UniBox Diagnostic Tools command injectionNot Defined
 
 
0.05CVE-2019-3497
03/21/2019$0-$5k$0-$5kFatek Automation PM Designer V3/Automation FV Designer Communication Server memory corruptionNot Defined
 
 
0.00CVE-2016-5800
03/21/2019$0-$5k$0-$5kDiGi TransPort LR54 CLI input validationNot Defined
 
 
0.00CVE-2018-20162
03/21/2019$0-$5k$0-$5kCUJO Smart Firewall mdnscap double freeNot Defined
 
 
0.00CVE-2018-3985
03/21/2019$0-$5k$0-$5kCUJO Smart Firewall mdnscap memory corruptionNot Defined
 
 
0.00CVE-2018-4003
03/21/2019$0-$5k$0-$5kLibssh2 _libssh2_packet_requirev out-of-bounds readNot Defined
 
 
0.00CVE-2019-3859
03/21/2019$0-$5k$0-$5kLibssh2 out-of-bounds readNot Defined
 
 
0.00CVE-2019-3862
03/21/2019$0-$5k$0-$5kPuTTY Host Key Verification key managementNot Defined
 
 
0.00CVE-2019-9894
03/21/2019$0-$5k$0-$5kPuTTY Server-to-Client Forwarding memory corruptionNot Defined
 
 
0.00CVE-2019-9895
03/21/2019$0-$5k$0-$5kLibssh2 SSH Server integer overflowNot Defined
 
 
0.07CVE-2019-3855
03/21/2019$0-$5k$0-$5kLibssh2 SSH Server out-of-bounds readNot Defined
 
 
0.08CVE-2019-3858
03/21/2019$0-$5k$0-$5kFoxit Reader use after freeNot Defined
 
 
0.00CVE-2019-6730
03/21/2019$0-$5k$0-$5kFoo Labs Xpdf TextOutputDev.c findGaps memory corruptionNot Defined
 
 
0.00CVE-2019-9877
03/21/2019$0-$5k$0-$5kFoo Labs Xpdf GfxState.cc mapColorToBase memory corruptionNot Defined
 
 
0.00CVE-2019-9878
03/21/2019$0-$5k$0-$5kFoxit Reader input validationNot Defined
 
 
0.00CVE-2019-6729
03/21/2019$0-$5k$0-$5kFoxit PhantomPDF input validationNot Defined
 
 
0.00CVE-2019-6731
03/21/2019$0-$5k$0-$5kArtifex Ghostscript zdevice2.c input validationNot Defined
 
 
0.00CVE-2019-6116
03/21/2019$0-$5k$0-$5kFoxit Reader XFA use after freeNot Defined
 
 
0.00CVE-2019-6727
03/21/2019$0-$5k$0-$5kMoxa SoftCMS memory corruptionNot Defined
 
 
0.00CVE-2015-6457
03/21/2019$0-$5k$0-$5kMoxa SoftCMS memory corruptionNot Defined
 
 
0.00CVE-2015-6458

Might our Artificial Intelligence support you?

Check our Alexa App!