Exploits 11/14/2019info

Type »

The moderation team is working with the threat intelligence team to categorize software that is affected by security vulnerabilities. This helps to illustrate the assignment of these categories to determine the most affected software types.

Remediation »

Vendors and researchers are eager to find countermeasures to mitigate security vulnerabilities. These can be distinguished between multiple forms and levels of remediation which influence risks differently.

Exploitability »

Researcher and attacker which are looking for security vulnerabilities try to exploit them for academic purposes or personal gain. The level and quality of exploitability can be distinguished to determine simplicity and strength of attacks.

Lang »

The automatization and the exploitation of a security vulnerability is called an exploit. It is possible to determine the popularity and availability of programming languages used for creating such exploits.

CVSSv3 Base »

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp »

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

Exploit 0-day »

The moderation team is working with the threat intelligence team to determine prices for exploits. Our unique algorithm is used to identify the 0-day prices for an exploit, before it got distributed or became public. Calculated prices are aligned to prices disclosed by vulnerability broker and compared to prices we see on exploit markets.

Exploit Today »

The 0-day prices do not consider time-relevant factors. The today price does reflect price impacts like disclosure of vulnerability details, alternative exploits, availability of countermeasures. These dynamic aspects might decrease the exploit prices over time. Under certain circumstances this happens very fast.

Published0dayTodayTrVulnerabilityExpLangURLCVE
11/14/2019$5k-$25k$0-$5kAdobe Illustrator CC Code Execution memory corruptionNot Defined
 
 
CVE-2019-8248
11/14/2019$5k-$25k$0-$5kAdobe Illustrator CC Code Execution memory corruptionNot Defined
 
 
CVE-2019-8247
11/14/2019$5k-$25k$0-$5kAdobe Media Encoder Out-of-Bounds memory corruptionNot Defined
 
 
CVE-2019-8246
11/14/2019$5k-$25k$0-$5kAdobe Media Encoder Out-of-Bounds memory corruptionNot Defined
 
 
CVE-2019-8244
11/14/2019$5k-$25k$0-$5kAdobe Media Encoder Out-of-Bounds memory corruptionNot Defined
 
 
CVE-2019-8243
11/14/2019$5k-$25k$0-$5kAdobe Media Encoder Out-of-Bounds memory corruptionNot Defined
 
 
CVE-2019-8242
11/14/2019$5k-$25k$0-$5kAdobe Media Encoder Out-of-Bounds memory corruptionNot Defined
 
 
CVE-2019-8241
11/14/2019$5k-$25k$0-$5kAdobe Bridge CC memory corruptionNot Defined
 
 
CVE-2019-8240
11/14/2019$5k-$25k$0-$5kAdobe Bridge CC memory corruptionNot Defined
 
 
CVE-2019-8239
11/14/2019$5k-$25k$0-$5kAdobe Illustrator CC Library Loader privilege escalationNot Defined
 
 
CVE-2019-7962
11/14/2019$0-$5k$0-$5kAdobe Animate CC Library Loader privilege escalationNot Defined
 
 
CVE-2019-7960
11/14/2019$0-$5k$0-$5kPhilips Taolight Smart Wi-Fi Wiz Connected LED Bulb API weak authenticationNot Defined
 
 
CVE-2019-18980
11/14/2019$0-$5k$0-$5krack-cors Gem directory traversalNot Defined
 
 
CVE-2019-18978
11/14/2019$0-$5k$0-$5kMicroStrategy Library Reflected cross site scriptingNot Defined
 
 
CVE-2019-18957
11/14/2019$0-$5k$0-$5kSnowHaze cross site scriptingNot Defined
 
 
CVE-2019-18949
11/14/2019$0-$5k$0-$5keQ-3 Homematic CCU2/Homematic CCU3 Web Interface exec.cgi Remote Code ExecutionNot Defined
 
 
CVE-2019-18939
11/14/2019$0-$5k$0-$5keQ-3 Homematic CCU2/Homematic CCU3 Web Interface save.cgi Remote Code ExecutionNot Defined
 
 
CVE-2019-18938
11/14/2019$0-$5k$0-$5keQ-3 Homematic CCU2/Homematic CCU3 Web Interface exec.cgi Remote Code ExecutionNot Defined
 
 
CVE-2019-18937
11/14/2019$0-$5k$0-$5kScanguard privilege escalationNot Defined
 
 
CVE-2019-18895
11/14/2019$0-$5k$0-$5kLinux Kernel volumes.c denial of serviceNot Defined
 
 
CVE-2019-18885
11/14/2019$0-$5k$0-$5k3xLogic Infinias Access Control cross site request forgeryNot Defined
 
 
CVE-2019-18651
11/14/2019$0-$5k$0-$5kUntangle NG Firewall Report Stored cross site scriptingNot Defined
 
 
CVE-2019-18649
11/14/2019$0-$5k$0-$5kUntangle NG Firewall Reflected cross site scriptingNot Defined
 
 
CVE-2019-18648
11/14/2019$0-$5k$0-$5kUntangle NG Firewall command injectionNot Defined
 
 
CVE-2019-18647
11/14/2019$0-$5k$0-$5kWithin Authenticate Firewall sql injectionNot Defined
 
 
CVE-2019-18646
11/14/2019$0-$5k$0-$5kEspressif ESP32 Secure Boot information disclosureNot Defined
 
 
CVE-2019-17391
11/14/2019$5k-$25k$0-$5kSTMicroelectronics ST33TPHF2ESPI TPM Private Key TPM-Fail information disclosureNot Defined
 
 
CVE-2019-16863
11/14/2019$0-$5k$0-$5kBlade Shadow Network Protocol Code Injection privilege escalationNot Defined
 
 
CVE-2019-16110
11/14/2019$5k-$25k$5k-$25kZyXEL GS1900 Password Recovery privilege escalationNot Defined
 
 
CVE-2019-15804
11/14/2019$5k-$25k$0-$5kZyXEL GS1900 libfds.so fds_sys_passDebugPasswd_ret() privilege escalationNot Defined
 
 
CVE-2019-15803
11/14/2019$0-$5k$0-$5kZyXEL GS1900 Configuration Backup libsal.so.0.0 sal_util_str_encrypt() weak encryptionNot Defined
 
 
CVE-2019-15802
11/14/2019$0-$5k$0-$5kZyXEL GS1900 libfds.so.0.0 fds_sys_passDebugPasswd_ret() weak encryptionNot Defined
 
 
CVE-2019-15801
11/14/2019$5k-$25k$0-$5kZyXEL GS1900 libclicmd.so cmd_sys_traceroute_exec() Remote Code ExecutionNot Defined
 
 
CVE-2019-15800
11/14/2019$0-$5k$0-$5kZyXEL GS1900 Web Interface information disclosureNot Defined
 
 
CVE-2019-15799
11/14/2019$5k-$25k$5k-$25kSony Xperia XZs privilege escalationNot Defined
 
 
CVE-2019-15744
11/14/2019$5k-$25k$5k-$25kSony Xperia Touch privilege escalationNot Defined
 
 
CVE-2019-15743
11/14/2019$0-$5k$0-$5kXiaomi Mi A3 privilege escalationNot Defined
 
 
CVE-2019-15475
11/14/2019$0-$5k$0-$5kXiaomi Cepheus privilege escalationNot Defined
 
 
CVE-2019-15474
11/14/2019$0-$5k$0-$5kXiaomi Mi A2 Lite privilege escalationNot Defined
 
 
CVE-2019-15473
11/14/2019$0-$5k$0-$5kXiaomi Mi A2 Lite privilege escalationNot Defined
 
 
CVE-2019-15472

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!