Exploits 03/20/2020info

Type »

The moderation team is working with the threat intelligence team to categorize software that is affected by security vulnerabilities. This helps to illustrate the assignment of these categories to determine the most affected software types.

Remediation »

Vendors and researchers are eager to find countermeasures to mitigate security vulnerabilities. These can be distinguished between multiple forms and levels of remediation which influence risks differently.

Exploitability »

Researcher and attacker which are looking for security vulnerabilities try to exploit them for academic purposes or personal gain. The level and quality of exploitability can be distinguished to determine simplicity and strength of attacks.

Lang »

The automatization and the exploitation of a security vulnerability is called an exploit. It is possible to determine the popularity and availability of programming languages used for creating such exploits.

CVSSv3 Base »

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp »

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

Exploit 0-day »

The moderation team is working with the threat intelligence team to determine prices for exploits. Our unique algorithm is used to identify the 0-day prices for an exploit, before it got distributed or became public. Calculated prices are aligned to prices disclosed by vulnerability broker and compared to prices we see on exploit markets.

Exploit Today »

The 0-day prices do not consider time-relevant factors. The today price does reflect price impacts like disclosure of vulnerability details, alternative exploits, availability of countermeasures. These dynamic aspects might decrease the exploit prices over time. Under certain circumstances this happens very fast.

Published0dayTodayTrVulnerabilityExpLangURLCTICVE
03/20/2020$5k-$25k$0-$5kSquid Web Proxy cachemgr.cgi injectionNot Defined
 
 
0.00CVE-2019-18860
03/20/2020$5k-$25k$5k-$25kTesla Model 3 Driving Interface privileges managementNot Defined
 
 
0.00CVE-2020-10558
03/20/2020$5k-$25k$5k-$25kHuawei CampusInsight/ManageOne double freeNot Defined
 
 
0.00CVE-2020-1862
03/20/2020$5k-$25k$5k-$25kHuawei Secospace AntiDDoS8000 improper authenticationNot Defined
 
 
0.00CVE-2020-1864
03/20/2020$0-$5k$0-$5kLINBIT csync2 SSL daemon.c csync_daemon_session Remote Code ExecutionNot Defined
 
 
0.03CVE-2019-15522
03/20/2020$0-$5k$0-$5kHuawei Smartphone OxfordS-AN00A improper authenticationNot Defined
 
 
0.06CVE-2020-1878
03/20/2020$0-$5k$0-$5kXmidt cjwt control flowNot Defined
 
 
0.00CVE-2019-19324
03/20/2020$0-$5k$0-$5kHuawei Mate 20/Mate 30 Pro Digital Balance privileges managementNot Defined
 
 
0.00CVE-2020-1795
03/20/2020$0-$5k$0-$5kphpBB CSS injectionNot Defined
 
 
0.00CVE-2019-16108
03/20/2020$0-$5k$0-$5kNETSAS Enigma NMS CGI Script os command injectionNot Defined
 
 
0.00CVE-2019-16072
03/20/2020$0-$5k$0-$5kopenITCOCKPIT DEVELOPMENT default permissionNot Defined
 
 
0.00CVE-2020-10792
03/20/2020$0-$5k$0-$5kBlamer code injectionNot Defined
 
 
0.00CVE-2020-8137
03/20/2020$0-$5k$0-$5kAsus AsusWRT start_apply.htm os command injectionNot Defined
 
 
0.05CVE-2018-20334
03/20/2020$0-$5k$0-$5ksvglib Package svg2rlg xml external entity referenceNot Defined
 
 
0.00CVE-2020-10799
03/20/2020$0-$5k$0-$5kTellabs Optical Line Terminal Telnet/SSH improper authenticationNot Defined
 
 
0.08CVE-2019-19148
03/20/2020$0-$5k$0-$5kuppy Package server-side request forgeryNot Defined
 
 
0.00CVE-2020-8135
03/20/2020$0-$5k$0-$5kLiferay Portal JSONWS deserializationNot Defined
 
 
0.06CVE-2020-7961
03/20/2020$0-$5k$0-$5kRock RMS vCard Access Control REST privileges managementNot Defined
 
 
0.00CVE-2019-18641
03/20/2020$0-$5k$0-$5kSuiteCRM htaccess privileges managementNot Defined
 
 
0.00CVE-2019-18782
03/20/2020$0-$5k$0-$5kSimple Machines Forum Subs-Package.php server-side request forgeryNot Defined
 
 
0.05CVE-2019-11574
03/20/2020$0-$5k$0-$5kWP Live Chat Support REST API authorizationNot Defined
 
 
0.00CVE-2019-12498
03/20/2020$0-$5k$0-$5kCentreon login.php redirectNot Defined
 
 
0.00CVE-2019-19484
03/20/2020$0-$5k$0-$5kFoxit Studio Photo PSD File out-of-bounds writeNot Defined
 
 
0.00CVE-2020-8878
03/20/2020$0-$5k$0-$5kFoxit Studio Photo tif File use after freeNot Defined
 
 
0.00CVE-2020-8881
03/20/2020$0-$5k$0-$5kFoxit Studio Photo PSD File uninitialized pointerNot Defined
 
 
0.08CVE-2020-8882
03/20/2020$0-$5k$0-$5kFoxit Studio Photo tif File out-of-bounds readNot Defined
 
 
0.00CVE-2020-8880
03/20/2020$0-$5k$0-$5kNETSAS Enigma NMS authorizationNot Defined
 
 
0.00CVE-2019-16071
03/20/2020$0-$5k$0-$5kCentreon Plugin Test minPlayCommand.php os command injectionNot Defined
 
 
0.00CVE-2019-19487
03/20/2020$0-$5k$0-$5kCloud Native Computing Foundation Harbor VMware Harbor Container Registry privileges managementNot Defined
 
 
0.00CVE-2019-19023
03/20/2020$0-$5k$0-$5kGhost CMS server-side request forgeryNot Defined
 
 
0.09CVE-2020-8134
03/20/2020$0-$5k$0-$5kNextcloud Server IPv6 server-side request forgeryNot Defined
 
 
0.00CVE-2020-8138
03/20/2020$0-$5k$0-$5kRivet Killer Control Center KfeCo10X64.sys out-of-bounds writeNot Defined
 
 
0.00CVE-2019-15665
03/20/2020$0-$5k$0-$5kRivet Killer Control Center KfeCo10X64.sys out-of-bounds readNot Defined
 
 
0.07CVE-2019-15663
03/20/2020$0-$5k$0-$5kRivet Killer Control Center KfeCo10X64.sys out-of-bounds writeNot Defined
 
 
0.06CVE-2019-15661
03/20/2020$0-$5k$0-$5kRivet Killer Control Center KfeCo10X64.sys out-of-bounds readNot Defined
 
 
0.03CVE-2019-15664
03/20/2020$0-$5k$0-$5kHuawei Mate 20/Mate 30 Pro Applock improper authenticationNot Defined
 
 
0.00CVE-2020-1793
03/20/2020$0-$5k$0-$5kHuawei Mate 20/Mate 30 Pro improper authenticationNot Defined
 
 
0.00CVE-2020-1794
03/20/2020$0-$5k$0-$5kCentreon Plugin Test minPlayCommand.php path traversalNot Defined
 
 
0.00CVE-2019-19486
03/20/2020$0-$5k$0-$5kGnuPG SHA1 risky encryptionNot Defined
 
 
0.00CVE-2019-14855
03/20/2020$0-$5k$0-$5kCloud Native Computing Foundation Harbor VMware Harbor Container Registry sql injectionNot Defined
 
 
0.00CVE-2019-19026
03/20/2020$0-$5k$0-$5kCloud Native Computing Foundation Harbor VMware Harbor Container Registry sql injectionNot Defined
 
 
0.00CVE-2019-19029
03/20/2020$0-$5k$0-$5kCMS Made Simple Filemanager php.jpegd unrestricted uploadNot Defined
 
 
0.09CVE-2020-10682
03/20/2020$0-$5k$0-$5khomee Brain Cube UART Interface missing authenticationNot Defined
 
 
0.06CVE-2019-16258
03/20/2020$0-$5k$0-$5kSuiteCRM API insufficiently protected credentialsNot Defined
 
 
0.00CVE-2019-18785
03/20/2020$0-$5k$0-$5kAbuseFilter Extension SpecialAbuseLog.php information disclosureNot Defined
 
 
0.00CVE-2019-16528
03/20/2020$0-$5k$0-$5kAsus AsusWRT USB Device update_applist.asp information disclosureNot Defined
 
 
0.05CVE-2018-20333
03/20/2020$0-$5k$0-$5krConfig head.inc.php Credentials insufficiently protected credentialsNot Defined
 
 
0.00CVE-2020-9425
03/20/2020$0-$5k$0-$5kFoxit Studio Photo EPS File out-of-bounds readNot Defined
 
 
0.00CVE-2020-8883
03/20/2020$0-$5k$0-$5kFoxit Studio Photo PSD File out-of-bounds readNot Defined
 
 
0.00CVE-2020-8877
03/20/2020$0-$5k$0-$5kFoxit Studio Photo PSD File out-of-bounds readNot Defined
 
 
0.00CVE-2020-8879

Do you know our Splunk app?

Download it now for free!