Exploits 10/11/2019info

Type »

The moderation team is working with the threat intelligence team to categorize software that is affected by security vulnerabilities. This helps to illustrate the assignment of these categories to determine the most affected software types.

Remediation »

Vendors and researchers are eager to find countermeasures to mitigate security vulnerabilities. These can be distinguished between multiple forms and levels of remediation which influence risks differently.

Exploitability »

Researcher and attacker which are looking for security vulnerabilities try to exploit them for academic purposes or personal gain. The level and quality of exploitability can be distinguished to determine simplicity and strength of attacks.

Lang »

The automatization and the exploitation of a security vulnerability is called an exploit. It is possible to determine the popularity and availability of programming languages used for creating such exploits.

CVSSv3 Base »

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp »

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

Exploit 0-day »

The moderation team is working with the threat intelligence team to determine prices for exploits. Our unique algorithm is used to identify the 0-day prices for an exploit, before it got distributed or became public. Calculated prices are aligned to prices disclosed by vulnerability broker and compared to prices we see on exploit markets.

Exploit Today »

The 0-day prices do not consider time-relevant factors. The today price does reflect price impacts like disclosure of vulnerability details, alternative exploits, availability of countermeasures. These dynamic aspects might decrease the exploit prices over time. Under certain circumstances this happens very fast.

Published0dayTodayTrVulnerabilityExpLangURLCVE
10/11/2019$0-$5k$0-$5kSamsung Laser Printers denial of serviceNot Defined
 
 
CVE-2019-6335
10/11/2019$5k-$25k$0-$5kHP Touchpoint Analytics System Service privilege escalationNot Defined
 
 
CVE-2019-6333
10/11/2019$5k-$25k$0-$5kGoogle Android nfc_ncif.cc nfc_ncif_decode_rf_params information disclosureNot Defined
 
 
CVE-2019-2187
10/11/2019$25k-$100k$5k-$25kGoogle Android combined_decode.cpp GetMBheader memory corruptionNot Defined
 
 
CVE-2019-2186
10/11/2019$25k-$100k$5k-$25kGoogle Android vlc_dequant.cpp VlcDequantH263IntraBlock_SH memory corruptionNot Defined
 
 
CVE-2019-2185
10/11/2019$25k-$100k$5k-$25kGoogle Android dec_pred_intra_dc.cpp PV_DecodePredictedIntraDC memory corruptionNot Defined
 
 
CVE-2019-2184
10/11/2019$5k-$25k$0-$5kGoogle Android Cache RegisteredServicesCache.java generateServicesMap information disclosureNot Defined
 
 
CVE-2019-2183
10/11/2019$25k-$100k$5k-$25kGoogle Android Permission Check ActivityStarter.java startActivityMayWait privilege escalationNot Defined
 
 
CVE-2019-2173
10/11/2019$25k-$100k$5k-$25kGoogle Android NFC privilege escalationNot Defined
 
 
CVE-2019-2114
10/11/2019$5k-$25k$0-$5kGoogle Android Permission Check ScreenRotationAnimation.java ScreenRotationAnimation information disclosureNot Defined
 
 
CVE-2019-2110
10/11/2019$5k-$25k$5k-$25kD-Link DIR-846 SetWizardConfig.php SetWizardConfig privilege escalationNot Defined
 
 
CVE-2019-17510
10/11/2019$5k-$25k$5k-$25kD-Link DIR-846 SetMasterWLanSettings.php SetMasterWLanSettings privilege escalationNot Defined
 
 
CVE-2019-17509
10/11/2019$5k-$25k$5k-$25kD-Link DIR-850/DIR-859 DEVICE.TIME.php command injectionNot Defined
 
 
CVE-2019-17508
10/11/2019$5k-$25k$5k-$25kD-Link DIR-816 A1 Management Page privilege escalationNot Defined
 
 
CVE-2019-17507
10/11/2019$5k-$25k$5k-$25kD-Link DIR-868L/DIR-817LW Web Interface getcfg.php information disclosureNot Defined
 
 
CVE-2019-17506
10/11/2019$5k-$25k$5k-$25kD-Link DAP-1320 Web Interface weak authenticationNot Defined
 
 
CVE-2019-17505
10/11/2019$0-$5k$0-$5kKirona Dynamic Resource Scheduling cross site scriptingProof-of-ConceptPHPLinkCVE-2019-17504
10/11/2019$0-$5k$0-$5kKirona Dynamic Resource Scheduling REGISTER.cmd information disclosureProof-of-ConceptPHPLinkCVE-2019-17503
10/11/2019$0-$5k$0-$5kCompal CH7465LG Common Gateway Interface setter.xml command injectionNot Defined
 
 
CVE-2019-17499
10/11/2019$0-$5k$0-$5kGenesys PureEngage Digital HtmlChatPanel.jsp cross site scriptingNot Defined
 
 
CVE-2019-17176
10/11/2019$0-$5k$0-$5kSophos Cyberoam Firewall SSL VPN Console Shell privilege escalationNot Defined
 
 
CVE-2019-17059
10/11/2019$5k-$25k$5k-$25kIntel NUC System Firmware memory corruptionNot Defined
 
 
CVE-2019-14570
10/11/2019$5k-$25k$5k-$25kIntel NUC System Firmware Pointer memory corruptionNot Defined
 
 
CVE-2019-14569
10/11/2019$0-$5k$0-$5kKaseya VSA RMM LAN Cache weak authenticationNot Defined
 
 
CVE-2019-14510
10/11/2019$5k-$25k$5k-$25kIntel Smart Connect Technology for Intel NUC File Permission privilege escalationNot Defined
 
 
CVE-2019-11167
10/11/2019$5k-$25k$0-$5kIntel Active System Console Installer privilege escalationNot Defined
 
 
CVE-2019-11120
10/11/2019$0-$5k$0-$5kBoa free denial of serviceNot Defined
 
 
CVE-2018-21028
10/11/2019$0-$5k$0-$5kBoa Out-of-Bounds memory corruptionNot Defined
 
 
CVE-2018-21027
10/11/2019$0-$5k$0-$5kGREE+ cross site request forgeryNot Defined
 
 
CVE-2018-20582
10/11/2019$0-$5k$0-$5kGraphite views.py send_email Server-Side Request ForgeryNot Defined
 
 
CVE-2017-18638
10/11/2019$0-$5k$0-$5kThemeMakers SmartIT Premium Responsive Theme wp_users.dat information disclosureNot Defined
 
 
CVE-2015-9492
10/11/2019$0-$5k$0-$5kThemeMakers Blessing Premium Responsive Theme wp_users.dat information disclosureNot Defined
 
 
CVE-2015-9491
10/11/2019$0-$5k$0-$5kThemeMakers GamesTheme Premium Theme wp_users.dat information disclosureNot Defined
 
 
CVE-2015-9490
10/11/2019$0-$5k$0-$5kThemeMakers Goodnex Premium Responsive Theme wp_users.dat information disclosureNot Defined
 
 
CVE-2015-9489
10/11/2019$0-$5k$0-$5kwp_users.dat information disclosureNot Defined
 
 
CVE-2015-9488
10/11/2019$0-$5k$0-$5kThemeMakers Almera Responsive Portfolio Theme wp_users.dat information disclosureNot Defined
 
 
CVE-2015-9487
10/11/2019$0-$5k$0-$5kThemeMakers Axioma Premium Responsive Theme wp_users.dat information disclosureNot Defined
 
 
CVE-2015-9486
10/11/2019$0-$5k$0-$5kwp_users.dat information disclosureNot Defined
 
 
CVE-2015-9485
10/11/2019$0-$5k$0-$5kwp_users.dat information disclosureNot Defined
 
 
CVE-2015-9484
10/11/2019$0-$5k$0-$5kThemeMakers Invento Responsive Gallery wp_users.dat information disclosureNot Defined
 
 
CVE-2015-9483

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!