Exploits 08/23/2019info

Type »

The moderation team is working with the threat intelligence team to categorize software that is affected by security vulnerabilities. This helps to illustrate the assignment of these categories to determine the most affected software types.

Remediation »

Vendors and researchers are eager to find countermeasures to mitigate security vulnerabilities. These can be distinguished between multiple forms and levels of remediation which influence risks differently.

Exploitability »

Researcher and attacker which are looking for security vulnerabilities try to exploit them for academic purposes or personal gain. The level and quality of exploitability can be distinguished to determine simplicity and strength of attacks.

Lang »

The automatization and the exploitation of a security vulnerability is called an exploit. It is possible to determine the popularity and availability of programming languages used for creating such exploits.

CVSSv3 Base »

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp »

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

Exploit 0-day »

The moderation team is working with the threat intelligence team to determine prices for exploits. Our unique algorithm is used to identify the 0-day prices for an exploit, before it got distributed or became public. Calculated prices are aligned to prices disclosed by vulnerability broker and compared to prices we see on exploit markets.

Exploit Today »

The 0-day prices do not consider time-relevant factors. The today price does reflect price impacts like disclosure of vulnerability details, alternative exploits, availability of countermeasures. These dynamic aspects might decrease the exploit prices over time. Under certain circumstances this happens very fast.

Published0dayTodayTrVulnerabilityExpLangURLCTICVE
08/23/2019$5k-$25k$5k-$25kApache Tapestry HMAC Verification Deserialization privilege escalationNot Defined
 
 
0.00CVE-2019-10071
08/23/2019$0-$5k$0-$5kJIRA ServiceExecutor cross site request forgeryNot Defined
 
 
0.00CVE-2019-8447
08/23/2019$0-$5k$0-$5kJIRA issueTable Username information disclosureNot Defined
 
 
0.00CVE-2019-8446
08/23/2019$0-$5k$0-$5kJIRA Worklog information disclosureNot Defined
 
 
0.00CVE-2019-8445
08/23/2019$0-$5k$0-$5kJIRA wikirenderer cross site scriptingNot Defined
 
 
0.00CVE-2019-8444
08/23/2019$0-$5k$0-$5kAutodesk Autodesk Advanced Steel DLL Loader Remote Code ExecutionNot Defined
 
 
0.00CVE-2019-7364
08/23/2019$0-$5k$0-$5kAutodesk Design Review Use-After-Free memory corruptionNot Defined
 
 
0.00CVE-2019-7363
08/23/2019$0-$5k$0-$5kAutodesk Design Review DLL Loader Remote Code ExecutionNot Defined
 
 
0.00CVE-2019-7362
08/23/2019$0-$5k$0-$5kFortinet FortiRecorder Default Credentials weak authenticationNot Defined
 
 
0.00CVE-2019-6698
08/23/2019$0-$5k$0-$5kFortinet FortiManager VM Integrity Check privilege escalationNot Defined
 
 
0.00CVE-2019-6695
08/23/2019$0-$5k$0-$5kFortinet FortiNAC Web Page Generator Reflected cross site scriptingNot Defined
 
 
0.00CVE-2019-5594
08/23/2019$0-$5k$0-$5kFortinet FortiOS IPS Engine POODLE weak encryptionNot Defined
 
 
0.00CVE-2019-5592
08/23/2019$0-$5k$0-$5kPalo Alto Networks Twistlock privilege escalationNot Defined
 
 
0.00CVE-2019-1583
08/23/2019$0-$5k$0-$5kPalo Alto PAN-OS Session memory corruptionNot Defined
 
 
0.00CVE-2019-1582
08/23/2019$0-$5k$0-$5kPalo Alto PAN-OS memory corruptionNot Defined
 
 
0.06CVE-2019-1581
08/23/2019$0-$5k$0-$5kPalo Alto PAN-OS Secure Shell Daemon memory corruptionNot Defined
 
 
0.06CVE-2019-1580
08/23/2019$0-$5k$0-$5kproxystatistics Module DatabaseCommand.php sql injectionNot Defined
 
 
0.00CVE-2019-15537
08/23/2019$0-$5k$0-$5kAcclaim Block Plugin delete_records sql injectionNot Defined
 
 
0.00CVE-2019-15536
08/23/2019$0-$5k$0-$5kTasking Manager sql injectionNot Defined
 
 
0.00CVE-2019-15535
08/23/2019$0-$5k$0-$5kGNU Libextractor dvi_extractor.c EXTRACTOR_dvi_extract_method Heap-based memory corruptionNot Defined
 
 
0.00CVE-2019-15531
08/23/2019$5k-$25k$5k-$25kD-Link DIR-823G HNAP1 command injectionNot Defined
 
 
0.00CVE-2019-15530
08/23/2019$5k-$25k$5k-$25kD-Link DIR-823G HNAP1 command injectionNot Defined
 
 
0.00CVE-2019-15529
08/23/2019$5k-$25k$5k-$25kD-Link DIR-823G HNAP1 SetStaticRouteSettings command injectionNot Defined
 
 
0.00CVE-2019-15528
08/23/2019$5k-$25k$5k-$25kD-Link DIR-823G HNAP1 SetWanSettings command injectionNot Defined
 
 
0.00CVE-2019-15527
08/23/2019$5k-$25k$5k-$25kD-Link DIR-823G HNAP1 command injectionNot Defined
 
 
0.00CVE-2019-15526
08/23/2019$0-$5k$0-$5kpw3270 Terminal Emulator SSL Certificate Validator weak authenticationNot Defined
 
 
0.00CVE-2019-15525
08/23/2019$0-$5k$0-$5kcomelz Quark directory traversalNot Defined
 
 
0.11CVE-2019-15520
08/23/2019$0-$5k$0-$5kPower-Response Plugin directory traversalNot Defined
 
 
0.00CVE-2019-15519
08/23/2019$0-$5k$0-$5kSwoole swPort_http_static_handler directory traversalNot Defined
 
 
0.00CVE-2019-15518
08/23/2019$0-$5k$0-$5kjc21 Nginx Proxy Manager directory traversalNot Defined
 
 
0.00CVE-2019-15517
08/23/2019$0-$5k$0-$5kCuberite WebAdmin directory traversalNot Defined
 
 
0.00CVE-2019-15516
08/23/2019$0-$5k$0-$5kTelegram App Privacy information disclosureNot Defined
 
 
0.00CVE-2019-15514
08/23/2019$0-$5k$0-$5kopenITCOCKPIT Server-Side Request ForgeryNot Defined
 
 
0.00CVE-2019-15494
08/23/2019$0-$5k$0-$5kopenITCOCKPIT directory traversalNot Defined
 
 
0.00CVE-2019-15493
08/23/2019$0-$5k$0-$5kopenITCOCKPIT Reflected cross site scriptingNot Defined
 
 
0.00CVE-2019-15492
08/23/2019$0-$5k$0-$5kopenITCOCKPIT cross site request forgeryNot Defined
 
 
0.00CVE-2019-15491
08/23/2019$0-$5k$0-$5kopenITCOCKPIT Code Injection privilege escalationNot Defined
 
 
0.00CVE-2019-15490
08/23/2019$0-$5k$0-$5kIgnite Realtime Openfire LDAP Setup Test Reflected cross site scriptingNot Defined
 
 
0.00CVE-2019-15488
08/23/2019$0-$5k$0-$5kDfE School Experience Teacher Training cross site scriptingNot Defined
 
 
0.00CVE-2019-15487
08/23/2019$0-$5k$0-$5kdjango-js-reverse js_reverse_inline cross site scriptingNot Defined
 
 
0.20CVE-2019-15486

Do you want to use VulDB in your project?

Use the official API to access entries easily!