Exploits 07/03/2019info

Type »

The moderation team is working with the threat intelligence team to categorize software that is affected by security vulnerabilities. This helps to illustrate the assignment of these categories to determine the most affected software types.

Remediation »

Vendors and researchers are eager to find countermeasures to mitigate security vulnerabilities. These can be distinguished between multiple forms and levels of remediation which influence risks differently.

Exploitability »

Researcher and attacker which are looking for security vulnerabilities try to exploit them for academic purposes or personal gain. The level and quality of exploitability can be distinguished to determine simplicity and strength of attacks.

Lang »

The automatization and the exploitation of a security vulnerability is called an exploit. It is possible to determine the popularity and availability of programming languages used for creating such exploits.

CVSSv3 Base »

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp »

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

Exploit 0-day »

The moderation team is working with the threat intelligence team to determine prices for exploits. Our unique algorithm is used to identify the 0-day prices for an exploit, before it got distributed or became public. Calculated prices are aligned to prices disclosed by vulnerability broker and compared to prices we see on exploit markets.

Exploit Today »

The 0-day prices do not consider time-relevant factors. The today price does reflect price impacts like disclosure of vulnerability details, alternative exploits, availability of countermeasures. These dynamic aspects might decrease the exploit prices over time. Under certain circumstances this happens very fast.

Published0dayTodayTrVulnerabilityExpLangURLCTICVE
07/03/2019$25k-$100k$0-$5kFreeBSD CD-ROM Driver Kernel Memory access controlNot Defined
 
 
0.00CVE-2019-5602
07/03/2019$5k-$25k$0-$5kFreeBSD iconv memory corruptionNot Defined
 
 
0.00CVE-2019-5600
07/03/2019$5k-$25k$0-$5kFreeBSD FFS information disclosureNot Defined
 
 
0.00CVE-2019-5601
07/03/2019$5k-$25k$5k-$25kF5 BIG-IP SNMP information disclosureNot Defined
 
 
0.00CVE-2019-6640
07/03/2019$5k-$25k$5k-$25kQEMU ACL qemu-bridge-helper.c 7pk securityNot Defined
 
 
0.00CVE-2019-13164
07/03/2019$5k-$25k$5k-$25kF5 BIG-IP Appliance Mode access controlNot Defined
 
 
0.07CVE-2019-6635
07/03/2019$5k-$25k$0-$5kF5 BIG-IP AFM/BIG-IP Analytics/BIG-IP ASM Traffic Management User Interface Reflected cross site scriptingNot Defined
 
 
0.00CVE-2019-6626
07/03/2019$5k-$25k$0-$5kF5 BIG-IP AFM/BIG-IP ASM AFM Feed List Stored cross site scriptingNot Defined
 
 
0.00CVE-2019-6636
07/03/2019$5k-$25k$0-$5kMcAfee ePolicy Orchestrator Agent Sniffing information disclosureNot Defined
 
 
0.00CVE-2019-3619
07/03/2019$5k-$25k$0-$5kF5 BIG-IP Traffic Management User Interface Reflected cross site scriptingNot Defined
 
 
0.00CVE-2019-6625
07/03/2019$5k-$25k$5k-$25kF5 BIG-IP PEM TMM input validationNot Defined
 
 
0.00CVE-2019-6628
07/03/2019$5k-$25k$5k-$25kF5 BIG-IP TMM input validationNot Defined
 
 
0.00CVE-2019-6629
07/03/2019$5k-$25k$5k-$25kF5 BIG-IP iRules input validationNot Defined
 
 
0.09CVE-2019-6631
07/03/2019$0-$5k$0-$5kF5 BIG-IP Appliance Mode access controlNot Defined
 
 
0.00CVE-2019-6633
07/03/2019$0-$5k$5k-$25kF5 BIG-IP Analytics Report input validationNot Defined
 
 
0.00CVE-2019-6634
07/03/2019$0-$5k$5k-$25kF5 BIG-IP iControl REST input validationNot Defined
 
 
0.00CVE-2019-6641
07/03/2019$0-$5k$0-$5kF5 BIG-IP ASM REST Endpoint resource consumptionNot Defined
 
 
0.00CVE-2019-6637
07/03/2019$0-$5k$0-$5kF5 BIG-IP iControl REST Endpoint resource consumptionNot Defined
 
 
0.00CVE-2019-6638
07/03/2019$0-$5k$0-$5kF5 BIG-IP vCMP Configuration cryptographic issuesNot Defined
 
 
0.00CVE-2019-6632
07/03/2019$0-$5k$0-$5kJetBrains Spring Boot Configuration input validationNot Defined
 
 
0.04CVE-2019-9186
07/03/2019$0-$5k$0-$5kF5 BIG-IP AFM/BIG-IP PEM Subscriber Management Stored cross site scriptingNot Defined
 
 
0.00CVE-2019-6639
07/03/2019$0-$5k$0-$5kMoxa OnCell G3100-HSPA Web Interface memory corruptionNot Defined
 
 
0.00CVE-2018-11423
07/03/2019$0-$5k$0-$5kMoxa OnCell G3470A-LTE memory corruptionNot Defined
 
 
0.00CVE-2018-11425
07/03/2019$0-$5k$0-$5kNlnet Labs nsd nsd-checkzone dname.c dname_concatenate memory corruptionNot Defined
 
 
0.00CVE-2019-13207
07/03/2019$0-$5k$0-$5kDOSBox memory corruptionNot Defined
 
 
0.07CVE-2019-7165
07/03/2019$0-$5k$0-$5kAmcrest IPM-721S HTTP API memory corruptionNot Defined
 
 
0.00CVE-2017-13719
07/03/2019$0-$5k$0-$5kMoxa OnCell G3100-HSPA Web Interface resource consumptionNot Defined
 
 
0.00CVE-2018-11420
07/03/2019$0-$5k$0-$5kMoxa OnCell G3470A-LTE Web Interface null pointer dereferenceNot Defined
 
 
0.00CVE-2018-11424
07/03/2019$0-$5k$0-$5kSDL2_image Error memory corruptionNot Defined
 
 
0.00CVE-2019-5051
07/03/2019$0-$5k$0-$5kSDL2_image integer overflowNot Defined
 
 
0.09CVE-2019-5052
07/03/2019$0-$5k$0-$5kJetBrains YouTrack Plugin Query sql injectionNot Defined
 
 
0.00CVE-2019-12850
07/03/2019$0-$5k$0-$5kCloudera Search Sample Configuration solrconfig.xml improper authorizationNot Defined
 
 
0.00CVE-2017-9325
07/03/2019$0-$5k$0-$5kJetBrains TeamCity Zip Extraction input validationNot Defined
 
 
0.00CVE-2019-12841
07/03/2019$0-$5k$0-$5kCloudera Data Science Workbench configNot Defined
 
 
0.00CVE-2018-11215
07/03/2019$0-$5k$0-$5kHawt Hawtio server-side request forgeryNot Defined
 
 
0.09CVE-2019-9827
07/03/2019$0-$5k$0-$5kCodeIgniter Rest Server XML Data xml external entity referenceNot Defined
 
 
0.05CVE-2015-3907
07/03/2019$0-$5k$0-$5kJetBrains YouTrack Plugin Template injectionNot Defined
 
 
0.00CVE-2019-10100
07/03/2019$0-$5k$0-$5kJetBrains IntelliJ IDEA Ultimate Application Server access controlNot Defined
 
 
0.00CVE-2019-10104
07/03/2019$0-$5k$0-$5kJetBrains YouTrack Server server-side request forgeryNot Defined
 
 
0.08CVE-2019-12852
07/03/2019$0-$5k$0-$5kJetBrains YouTrack Authorization improper authorizationNot Defined
 
 
0.06CVE-2019-12866

Interested in the pricing of exploits?

See the underground prices here!