Exploits 08/05/2019info

Type »

The moderation team is working with the threat intelligence team to categorize software that is affected by security vulnerabilities. This helps to illustrate the assignment of these categories to determine the most affected software types.

Remediation »

Vendors and researchers are eager to find countermeasures to mitigate security vulnerabilities. These can be distinguished between multiple forms and levels of remediation which influence risks differently.

Exploitability »

Researcher and attacker which are looking for security vulnerabilities try to exploit them for academic purposes or personal gain. The level and quality of exploitability can be distinguished to determine simplicity and strength of attacks.

Lang »

The automatization and the exploitation of a security vulnerability is called an exploit. It is possible to determine the popularity and availability of programming languages used for creating such exploits.

CVSSv3 Base »

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp »

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

Exploit 0-day »

The moderation team is working with the threat intelligence team to determine prices for exploits. Our unique algorithm is used to identify the 0-day prices for an exploit, before it got distributed or became public. Calculated prices are aligned to prices disclosed by vulnerability broker and compared to prices we see on exploit markets.

Exploit Today »

The 0-day prices do not consider time-relevant factors. The today price does reflect price impacts like disclosure of vulnerability details, alternative exploits, availability of countermeasures. These dynamic aspects might decrease the exploit prices over time. Under certain circumstances this happens very fast.

Published0dayTodayTrVulnerabilityExpLangURLCVE
08/05/2019$0-$5k$0-$5kNetApp Data Ontap 7-Mode weak encryptionNot Defined
 
 
CVE-2019-5502
08/05/2019$0-$5k$0-$5kFirefly III Liability Name Field Stored cross site scriptingNot Defined
 
 
CVE-2019-14672
08/05/2019$0-$5k$0-$5kFirefly III Protocol Scheme File information disclosureNot Defined
 
 
CVE-2019-14671
08/05/2019$0-$5k$0-$5kFirefly III Bill Name Field Stored cross site scriptingNot Defined
 
 
CVE-2019-14670
08/05/2019$0-$5k$0-$5kFirefly III Asset Account Name Stored cross site scriptingNot Defined
 
 
CVE-2019-14669
08/05/2019$0-$5k$0-$5kFirefly III Transaction Description Stored cross site scriptingNot Defined
 
 
CVE-2019-14668
08/05/2019$0-$5k$0-$5kFirefly III Transaction Description Stored cross site scriptingNot Defined
 
 
CVE-2019-14667
08/05/2019$0-$5k$0-$5kBrandy Basic Source Code variables.c define_array memory corruptionNot Defined
 
 
CVE-2019-14665
08/05/2019$0-$5k$0-$5kEnigmail Protection Mechanism Plaintext weak encryptionNot Defined
 
 
CVE-2019-14664
08/05/2019$0-$5k$0-$5kEspoCRM Edit Dashboard Stored cross site scriptingNot Defined
 
 
CVE-2019-14550
08/05/2019$0-$5k$0-$5kEspoCRM Entity Stored cross site scriptingNot Defined
 
 
CVE-2019-14549
08/05/2019$0-$5k$0-$5kEspoCRM Article Body Stored cross site scriptingNot Defined
 
 
CVE-2019-14548
08/05/2019$0-$5k$0-$5kEspoCRM Attachment Stored cross site scriptingNot Defined
 
 
CVE-2019-14547
08/05/2019$0-$5k$0-$5kEspoCRM Preferences Page Stored cross site scriptingNot Defined
 
 
CVE-2019-14546
08/05/2019$0-$5k$0-$5keQ-3 Homematic Session privilege escalationNot Defined
 
 
CVE-2019-14475
08/05/2019$0-$5k$0-$5kWind River VxWorks ipdhcpc DHCP Client privilege escalationNot Defined
 
 
CVE-2019-12264
08/05/2019$0-$5k$0-$5kSitecore CMS cross site scriptingNot Defined
 
 
CVE-2019-11198
08/05/2019$0-$5k$0-$5kLAquis SCADA Out-of-Bounds information disclosureNot Defined
 
 
CVE-2019-10994
08/05/2019$0-$5k$0-$5kLAquis SCADA Type Confusion memory corruptionNot Defined
 
 
CVE-2019-10980
08/05/2019$5k-$25k$5k-$25kIBM SDK RPATH privilege escalationNot Defined
 
 
CVE-2019-4473
08/05/2019$0-$5k$0-$5kIBM Cloud Private OIDC Token Log information disclosureNot Defined
 
 
CVE-2019-4284
08/05/2019$5k-$25k$5k-$25kIBM WebSphere MQ Messages denial of serviceNot Defined
 
 
CVE-2019-4261
08/05/2019$0-$5k$0-$5kCF CLI Config File information disclosureNot Defined
 
 
CVE-2019-3800
08/05/2019$0-$5k$0-$5kDell Client Commercial and Consumer Platform Secure Boot privilege escalationNot Defined
 
 
CVE-2019-3717
08/05/2019$0-$5k$0-$5kBrandy Basic Source Code fileio.c fileio_openin memory corruptionNot Defined
 
 
CVE-2019-14663
08/05/2019$0-$5k$0-$5kBrandy Basic Source Code fileio.c fileio_openout memory corruptionNot Defined
 
 
CVE-2019-14662
08/05/2019$0-$5k$0-$5kOctopus Deploy Configuration Page information disclosureNot Defined
 
 
CVE-2019-14525
08/05/2019$0-$5k$0-$5kEMCA Energy Logserver Logo File Upload logoupload directory traversalNot Defined
 
 
CVE-2019-14521
08/05/2019$0-$5k$0-$5kBearDev JoomSport Plugin sql injectionNot Defined
 
 
CVE-2019-14348
08/05/2019$0-$5k$0-$5kCloud Foundry UAA privilege escalationNot Defined
 
 
CVE-2019-11270
08/05/2019$0-$5k$0-$5kcPanel WHM API privilege escalationNot Defined
 
 
CVE-2017-18482
08/05/2019$0-$5k$0-$5kcPanel Account Suspension Stored cross site scriptingNot Defined
 
 
CVE-2017-18481
08/05/2019$0-$5k$0-$5kcPanel WHM API privilege escalationNot Defined
 
 
CVE-2017-18480
08/05/2019$0-$5k$0-$5kcPanel WHM SSL certificate Generation Email privilege escalationNot Defined
 
 
CVE-2017-18479
08/05/2019$0-$5k$0-$5kcPanel XML-API ACL privilege escalationNot Defined
 
 
CVE-2017-18478
08/05/2019$0-$5k$0-$5kcPanel Exim privilege escalationNot Defined
 
 
CVE-2017-18477
08/05/2019$0-$5k$0-$5kcPanel Leech Protect privilege escalationNot Defined
 
 
CVE-2017-18476
08/05/2019$0-$5k$0-$5kcPanel Exim privilege escalationNot Defined
 
 
CVE-2017-18475
08/05/2019$0-$5k$0-$5kcPanel Exim directory traversalNot Defined
 
 
CVE-2017-18474
08/05/2019$0-$5k$0-$5kcPanel WebMail cross site scriptingNot Defined
 
 
CVE-2017-18473

Do you need the next level of professionalism?

Upgrade your account now!