Exploits 09/05/2019info

Type »

The moderation team is working with the threat intelligence team to categorize software that is affected by security vulnerabilities. This helps to illustrate the assignment of these categories to determine the most affected software types.

Remediation »

Vendors and researchers are eager to find countermeasures to mitigate security vulnerabilities. These can be distinguished between multiple forms and levels of remediation which influence risks differently.

Exploitability »

Researcher and attacker which are looking for security vulnerabilities try to exploit them for academic purposes or personal gain. The level and quality of exploitability can be distinguished to determine simplicity and strength of attacks.

Lang »

The automatization and the exploitation of a security vulnerability is called an exploit. It is possible to determine the popularity and availability of programming languages used for creating such exploits.

CVSSv3 Base »

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp »

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

Exploit 0-day »

The moderation team is working with the threat intelligence team to determine prices for exploits. Our unique algorithm is used to identify the 0-day prices for an exploit, before it got distributed or became public. Calculated prices are aligned to prices disclosed by vulnerability broker and compared to prices we see on exploit markets.

Exploit Today »

The 0-day prices do not consider time-relevant factors. The today price does reflect price impacts like disclosure of vulnerability details, alternative exploits, availability of countermeasures. These dynamic aspects might decrease the exploit prices over time. Under certain circumstances this happens very fast.

Published0dayTodayTrVulnerabilityExpLangURLCVE
09/05/2019$25k-$100k$5k-$25kGoogle Android zygote.java readArgumentList command injectionNot Defined
 
 
CVE-2019-9254
09/05/2019$0-$5k$0-$5keFront LMS Login Page sql injectionNot Defined
 
 
CVE-2019-5070
09/05/2019$0-$5k$0-$5keFront LMS Deserialization PHP Code Execution privilege escalationNot Defined
 
 
CVE-2019-5069
09/05/2019$0-$5k$0-$5kBlynk-Library Packet Parser information disclosureNot Defined
 
 
CVE-2019-5065
09/05/2019$5k-$25k$5k-$25kIBM Intelligent Operations Center Password Policy weak authenticationNot Defined
 
 
CVE-2019-4321
09/05/2019$5k-$25k$5k-$25kIBM Jazz for Service Management Cache Header Injection privilege escalationNot Defined
 
 
CVE-2019-4186
09/05/2019$5k-$25k$0-$5kIBM Business Automation Workflow Web UI cross site scriptingNot Defined
 
 
CVE-2019-4149
09/05/2019$25k-$100k$5k-$25kGoogle Android Kernel binder.c binder_transaction memory corruptionNot Defined
 
 
CVE-2019-2181
09/05/2019$25k-$100k$5k-$25kGoogle Android ipp.c ippSetValueTag memory corruptionNot Defined
 
 
CVE-2019-2180
09/05/2019$25k-$100k$5k-$25kGoogle Android NDEF_MsgValidate memory corruptionNot Defined
 
 
CVE-2019-2179
09/05/2019$25k-$100k$5k-$25kGoogle Android NFC Service rw_t4t_sm_read_ndef memory corruptionNot Defined
 
 
CVE-2019-2178
09/05/2019$25k-$100k$5k-$25kGoogle Android Permission HidProfile.java isPreferred memory corruptionNot Defined
 
 
CVE-2019-2177
09/05/2019$25k-$100k$5k-$25kGoogle Android ihevcd_parse_headers.c ihevcd_parse_buffering_period_sei memory corruptionNot Defined
 
 
CVE-2019-2176
09/05/2019$25k-$100k$5k-$25kGoogle Android Permission SliceManagerService.java checkAccess privilege escalationNot Defined
 
 
CVE-2019-2175
09/05/2019$25k-$100k$5k-$25kGoogle Android SensorManager.cpp assertStateLocked memory corruptionNot Defined
 
 
CVE-2019-2174
09/05/2019$5k-$25k$0-$5kGoogle Android Email Attachment ComposeActivityEmailExternal.java ComposeActivityEmailExternal information disclosureNot Defined
 
 
CVE-2019-2124
09/05/2019$25k-$100k$5k-$25kGoogle Android Binder.java execTransact memory corruptionNot Defined
 
 
CVE-2019-2123
09/05/2019$25k-$100k$5k-$25kGoogle Android gatekeeper.cpp MintAuthToken memory corruptionNot Defined
 
 
CVE-2019-2115
09/05/2019$25k-$100k$25k-$100kGoogle Android ihevcd_ref_list.c ihevcd_ref_list memory corruptionNot Defined
 
 
CVE-2019-2108
09/05/2019$0-$5k$0-$5kGoogle Assistant Permission information disclosureNot Defined
 
 
CVE-2019-2103
09/05/2019$0-$5k$0-$5kTotal.js CMS Cookie weak authenticationNot Defined
 
 
CVE-2019-15955
09/05/2019$0-$5k$0-$5kTotal.js CMS Widget privilege escalationNot Defined
 
 
CVE-2019-15954
09/05/2019$0-$5k$0-$5kTotal.js CMS API privilege escalationNot Defined
 
 
CVE-2019-15953
09/05/2019$0-$5k$0-$5kTotal.js CMS directory traversalNot Defined
 
 
CVE-2019-15952
09/05/2019$0-$5k$0-$5kNagios XI Web Interface privilege escalationNot Defined
 
 
CVE-2019-15949
09/05/2019$0-$5k$0-$5kBitcoin Core bitcoin-qt wallet.dat weak encryptionNot Defined
 
 
CVE-2019-15947
09/05/2019$0-$5k$0-$5kOpenSC asn1.c asn1_decode_entry memory corruptionNot Defined
 
 
CVE-2019-15946
09/05/2019$0-$5k$0-$5kOpenSC ASN.1 asn1.c decode_bit_string memory corruptionNot Defined
 
 
CVE-2019-15945
09/05/2019$0-$5k$0-$5kCounter-Strike: Global Offensive Community Game Server HTML Injection cross site scriptingNot Defined
 
 
CVE-2019-15944
09/05/2019$0-$5k$0-$5kFFmpeg h2645_parse.c h2645_parse memory corruptionNot Defined
 
 
CVE-2019-15942
09/05/2019$0-$5k$0-$5kOpenCV hog.cpp getDescriptorSize denial of serviceNot Defined
 
 
CVE-2019-15939
09/05/2019$0-$5k$0-$5kPengutronix Barebox nfs.c nfs_readlink_req memory corruptionNot Defined
 
 
CVE-2019-15938
09/05/2019$0-$5k$0-$5kPengutronix Barebox nfs.c nfs_readlink_reply memory corruptionNot Defined
 
 
CVE-2019-15937
09/05/2019$0-$5k$0-$5kJetBrains TeamCity cross site scriptingNot Defined
 
 
CVE-2019-15848
09/05/2019$0-$5k$0-$5kFusionPBX service_edit.php privilege escalationNot Defined
 
 
CVE-2019-15029
09/05/2019$0-$5k$0-$5kCanon PRINT jp.co.canon.bsd.ad.pixmaprint Administrator Web Interface information disclosureNot Defined
 
 
CVE-2019-14339
09/05/2019$0-$5k$0-$5kKnowage ChangePwdServlet Page Username information disclosureNot Defined
 
 
CVE-2019-14278
09/05/2019$0-$5k$0-$5kAlfresco Community Edition Solr Configuration File Remote Code ExecutionNot Defined
 
 
CVE-2019-14224
09/05/2019$0-$5k$0-$5kAlfresco Community Edition Web Admin Interface Default Key weak authenticationNot Defined
 
 
CVE-2019-14222
09/05/2019$0-$5k$0-$5kSmanos W100 privilege escalationNot Defined
 
 
CVE-2019-13361

Do you know our Splunk app?

Download it now for free!