Exploits 06/22/2020info

Type »

The moderation team is working with the threat intelligence team to categorize software that is affected by security vulnerabilities. This helps to illustrate the assignment of these categories to determine the most affected software types.

Remediation »

Vendors and researchers are eager to find countermeasures to mitigate security vulnerabilities. These can be distinguished between multiple forms and levels of remediation which influence risks differently.

Exploitability »

Researcher and attacker which are looking for security vulnerabilities try to exploit them for academic purposes or personal gain. The level and quality of exploitability can be distinguished to determine simplicity and strength of attacks.

Lang »

The automatization and the exploitation of a security vulnerability is called an exploit. It is possible to determine the popularity and availability of programming languages used for creating such exploits.

CVSSv3 Base »

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp »

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

Exploit 0-day »

The moderation team is working with the threat intelligence team to determine prices for exploits. Our unique algorithm is used to identify the 0-day prices for an exploit, before it got distributed or became public. Calculated prices are aligned to prices disclosed by vulnerability broker and compared to prices we see on exploit markets.

Exploit Today »

The 0-day prices do not consider time-relevant factors. The today price does reflect price impacts like disclosure of vulnerability details, alternative exploits, availability of countermeasures. These dynamic aspects might decrease the exploit prices over time. Under certain circumstances this happens very fast.

Published0dayTodayTrVulnerabilityExpLangURLCVE
06/22/2020$0-$5k$0-$5kFortinet FortiWLC ESS Profile/Radius Profile Stored cross site scriptingNot Defined
 
 
CVE-2020-9288
06/22/2020$5k-$25k$5k-$25kGoogle Cloud Platform guest-oslogin compute.osLogin privilege escalationNot Defined
 
 
CVE-2020-8933
06/22/2020$5k-$25k$5k-$25kGoogle Cloud Platform guest-oslogin compute.osLogin privilege escalationNot Defined
 
 
CVE-2020-8907
06/22/2020$5k-$25k$5k-$25kGoogle Cloud Platform guest-oslogin compute.osLogin privilege escalationNot Defined
 
 
CVE-2020-8903
06/22/2020$0-$5k$0-$5kBitDefender Total Security 2020 Safepay Browser privilege escalationNot Defined
 
 
CVE-2020-8102
06/22/2020$0-$5k$0-$5kMcAfee Advanced Threat Defense Access Control information disclosureNot Defined
 
 
CVE-2020-7262
06/22/2020$0-$5k$0-$5kFortinet FortiDeceptor Session Expiration weak authenticationNot Defined
 
 
CVE-2020-6644
06/22/2020$0-$5k$0-$5kW3C CSS Validator URI cross site scriptingNot Defined
 
 
CVE-2020-4070
06/22/2020$0-$5k$0-$5kAPNSwift APNSwiftSigner.sign memory corruptionNot Defined
 
 
CVE-2020-4068
06/22/2020$0-$5k$0-$5kLimdu trainBatch command injectionNot Defined
 
 
CVE-2020-4066
06/22/2020$0-$5k$0-$5kCyberArk Conjur OSS Helm Chart Role-Based Access Control privilege escalationNot Defined
 
 
CVE-2020-4062
06/22/2020$0-$5k$0-$5kLoRa Basics Station Use-After-Free memory corruptionNot Defined
 
 
CVE-2020-4060
06/22/2020$0-$5k$0-$5kFreeRDP Out-of-Bounds memory corruptionNot Defined
 
 
CVE-2020-4033
06/22/2020$0-$5k$0-$5kFreeRDP relax-order-checks update_recv_secondary_order memory corruptionNot Defined
 
 
CVE-2020-4032
06/22/2020$0-$5k$0-$5kFreeRDP Compatibility Mode relax-order-checks gdi_SelectObject memory corruptionNot Defined
 
 
CVE-2020-4031
06/22/2020$0-$5k$0-$5kFreeRDP TrioParse Integer Overflow memory corruptionNot Defined
 
 
CVE-2020-4030
06/22/2020$5k-$25k$5k-$25kQualcomm Snapdragon Auto memory corruptionNot Defined
 
 
CVE-2020-3676
06/22/2020$5k-$25k$5k-$25kQualcomm Snapdragon Auto memory corruptionNot Defined
 
 
CVE-2020-3665
06/22/2020$5k-$25k$5k-$25kQualcomm Snapdragon Auto memory corruptionNot Defined
 
 
CVE-2020-3663
06/22/2020$5k-$25k$5k-$25kQualcomm Snapdragon Auto eac3 Header memory corruptionNot Defined
 
 
CVE-2020-3662
06/22/2020$5k-$25k$5k-$25kQualcomm Snapdragon Auto MP4 File memory corruptionNot Defined
 
 
CVE-2020-3661
06/22/2020$5k-$25k$0-$5kQualcomm Snapdragon Auto MP4 File NULL Pointer Dereference denial of serviceNot Defined
 
 
CVE-2020-3660
06/22/2020$5k-$25k$0-$5kQualcomm Snapdragon Auto MP4 File NULL Pointer Dereference denial of serviceNot Defined
 
 
CVE-2020-3658
06/22/2020$5k-$25k$5k-$25kQualcomm Snapdragon Consumer IOT/Snapdragon Mobile Use-After-Free memory corruptionNot Defined
 
 
CVE-2020-3642
06/22/2020$5k-$25k$5k-$25kQualcomm Snapdragon Auto Stack-based memory corruptionNot Defined
 
 
CVE-2020-3635
06/22/2020$5k-$25k$0-$5kQualcomm Snapdragon Consumer IOT/Snapdragon Mobile Logging Application privilege escalationNot Defined
 
 
CVE-2020-3628
06/22/2020$25k-$100k$5k-$25kQualcomm Snapdragon Auto API privilege escalationNot Defined
 
 
CVE-2020-3626
06/22/2020$5k-$25k$5k-$25kQualcomm Snapdragon Compute memory corruptionNot Defined
 
 
CVE-2020-3614
06/22/2020$5k-$25k$5k-$25kQualcomm Snapdragon Compute Protection Mechanism Double-Free memory corruptionNot Defined
 
 
CVE-2020-3613
06/22/2020$0-$5k$0-$5kKeyCloak Authorization URL privilege escalationNot Defined
 
 
CVE-2020-1727
06/22/2020$0-$5k$0-$5kIObit Advanced SystemCare Free Clean & Optimize denial of serviceNot Defined
 
 
CVE-2020-14990
06/22/2020$0-$5k$0-$5kChocolate Doom/Crispy Doom Stack-based memory corruptionNot Defined
 
 
CVE-2020-14983
06/22/2020$0-$5k$0-$5kThreatTrack VIPRE Password Vault App SSL Certificate Validator weak authenticationNot Defined
 
 
CVE-2020-14981
06/22/2020$0-$5k$0-$5kSophos Secure Email App SSL Certificate Validator weak authenticationNot Defined
 
 
CVE-2020-14980
06/22/2020$0-$5k$0-$5kwebTareas login.php loginForm cross site scriptingNot Defined
 
 
CVE-2020-14973
06/22/2020$0-$5k$0-$5kSourcecodester Pisay Online E-Learning System Admin Login-Portal Code Execution sql injectionNot Defined
 
 
CVE-2020-14972
06/22/2020$0-$5k$0-$5kMISP ACL Lookup Attribute.php information disclosureNot Defined
 
 
CVE-2020-14969
06/22/2020$0-$5k$0-$5kjsrsasign Package RSASSA-PSS weak authenticationNot Defined
 
 
CVE-2020-14968
06/22/2020$0-$5k$0-$5kjsrsasign Package RSA PKCS1 weak authenticationNot Defined
 
 
CVE-2020-14967
06/22/2020$0-$5k$0-$5kjsrsasign Package ECDSA Signature Integer memory corruptionNot Defined
 
 
CVE-2020-14966
06/22/2020$0-$5k$0-$5kFinal Tiles Gallery Plugin admin-ajax.php cross site scriptingNot Defined
 
 
CVE-2020-14962
06/22/2020$0-$5k$0-$5kconcrete5 Sort unknown vulnerabilityNot Defined
 
 
CVE-2020-14961
06/22/2020$0-$5k$0-$5kphp-fusion comments.php sql injectionNot Defined
 
 
CVE-2020-14960
06/22/2020$0-$5k$0-$5kEasy Testimonials Plugin post.php cross site scriptingNot Defined
 
 
CVE-2020-14959
06/22/2020$0-$5k$0-$5kGlobal RADAR BSA Radar Surveillance Module downloadFile.ashx directory traversalNot Defined
 
 
CVE-2020-14946
06/22/2020$0-$5k$0-$5kGlobal RADAR BSA Radar privilege escalationNot Defined
 
 
CVE-2020-14945
06/22/2020$0-$5k$0-$5kGlobal RADAR BSA Radar privilege escalationNot Defined
 
 
CVE-2020-14944
06/22/2020$0-$5k$0-$5kGlobal RADAR BSA Radar Update User Profile Stored cross site scriptingNot Defined
 
 
CVE-2020-14943
06/22/2020$5k-$25k$0-$5kZyXEL Armor X1 WAP6806 directory traversalNot Defined
 
 
CVE-2020-14461
06/22/2020$0-$5k$0-$5kWebFOCUS Business Intelligence WFServlet.cfg XML External EntityNot Defined
 
 
CVE-2020-14204

Do you need the next level of professionalism?

Upgrade your account now!