Exploits 08/20/2020info

Type »

The moderation team is working with the threat intelligence team to categorize software that is affected by security vulnerabilities. This helps to illustrate the assignment of these categories to determine the most affected software types.

Remediation »

Vendors and researchers are eager to find countermeasures to mitigate security vulnerabilities. These can be distinguished between multiple forms and levels of remediation which influence risks differently.

Exploitability »

Researcher and attacker which are looking for security vulnerabilities try to exploit them for academic purposes or personal gain. The level and quality of exploitability can be distinguished to determine simplicity and strength of attacks.

Lang »

The automatization and the exploitation of a security vulnerability is called an exploit. It is possible to determine the popularity and availability of programming languages used for creating such exploits.

CVSSv3 Base »

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp »

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

Exploit 0-day »

The moderation team is working with the threat intelligence team to determine prices for exploits. Our unique algorithm is used to identify the 0-day prices for an exploit, before it got distributed or became public. Calculated prices are aligned to prices disclosed by vulnerability broker and compared to prices we see on exploit markets.

Exploit Today »

The 0-day prices do not consider time-relevant factors. The today price does reflect price impacts like disclosure of vulnerability details, alternative exploits, availability of countermeasures. These dynamic aspects might decrease the exploit prices over time. Under certain circumstances this happens very fast.

Published0dayTodayTrVulnerabilityExpLangURLCTICVE
08/20/2020$0-$5k$0-$5kOX Software OX App Suite/OX Documents cross site scriptingNot Defined
 
 
0.00CVE-2020-12646
08/20/2020$0-$5k$0-$5kNAB Transact WooCommerce Plugin privilege escalationNot Defined
 
 
0.00CVE-2020-11497
08/20/2020$5k-$25k$5k-$25kIBM Content Navigator Cache information disclosureNot Defined
 
 
0.00CVE-2020-4687
08/20/2020$5k-$25k$5k-$25kIBM Content Navigator privilege escalationNot Defined
 
 
0.00CVE-2020-4548
08/20/2020$0-$5k$0-$5kHashicorp vault-ssh-helper SSH OTP privilege escalationNot Defined
 
 
0.00CVE-2020-24359
08/20/2020$0-$5k$0-$5kPHPGurukul Vehicle Parking Management System weak authenticationNot Defined
 
 
0.00CVE-2020-23936
08/20/2020$0-$5k$0-$5kKabir Alhasan Student Management System weak authenticationNot Defined
 
 
0.00CVE-2020-23935
08/20/2020$0-$5k$0-$5kRangee RangeeOS Default Configuration privilege escalationNot Defined
 
 
0.00CVE-2020-16282
08/20/2020$0-$5k$0-$5kRangee RangeeOS Kommbox privilege escalationNot Defined
 
 
0.00CVE-2020-16281
08/20/2020$0-$5k$0-$5kRangee RangeeOS Plaintext weak encryptionNot Defined
 
 
0.00CVE-2020-16280
08/20/2020$0-$5k$0-$5kRangee RangeeOS Kommbox Remote Code ExecutionNot Defined
 
 
0.06CVE-2020-16279
08/20/2020$0-$5k$0-$5kMailMate SMIME Import Man-in-the-Middle privilege escalationNot Defined
 
 
0.06CVE-2020-12619
08/20/2020$0-$5k$0-$5keM Client SMIME Import Man-in-the-Middle privilege escalationNot Defined
 
 
0.00CVE-2020-12618
08/20/2020$0-$5k$0-$5kTreasuryXpress Custom Workflow cross site scriptingNot Defined
 
 
0.17CVE-2019-20152
08/20/2020$0-$5k$0-$5kTreasuryXpress Multi Approval Security cross site scriptingNot Defined
 
 
0.07CVE-2019-20151
08/20/2020$0-$5k$0-$5kTreasuryXpress Editor Credentials information disclosureNot Defined
 
 
0.00CVE-2019-20150
08/20/2020$0-$5k$0-$5kFoxit Studio Photo tif File GetTIFPalette memory corruptionNot Defined
 
 
0.00CVE-2020-8870
08/20/2020$0-$5k$0-$5kFoxit Studio Photo tif File Stack-based memory corruptionNot Defined
 
 
0.00CVE-2020-8869
08/20/2020$0-$5k$0-$5kSeowon Intech SLC-130/SLR-120S system_log.cgi Remote Code ExecutionNot Defined
 
 
0.00CVE-2020-17456
08/20/2020$25k-$100k$5k-$25knet-snmp Privilege Management privilege escalationNot Defined
 
 
0.00CVE-2020-15862
08/20/2020$5k-$25k$5k-$25knet-snmp Symlink privilege escalationNot Defined
 
 
0.00CVE-2020-15861
08/20/2020$0-$5k$0-$5kFoxit PhantomPDF InferReceiverMapsUnsafe Type Confusion memory corruptionNot Defined
 
 
0.00CVE-2020-15638
08/20/2020$0-$5k$0-$5kFoxit PhantomPDF SetLocalDescription information disclosureNot Defined
 
 
0.00CVE-2020-15637
08/20/2020$5k-$25k$5k-$25kNetgear R6400/R6700/R7000/R7850/R7900/R8000/RS400/XR300 check_ra Service RAE_Policy.json Stack-based memory corruptionNot Defined
 
 
0.09CVE-2020-15636
08/20/2020$5k-$25k$5k-$25kNetgear R6700 Service Port 5916 Stack-based memory corruptionNot Defined
 
 
0.14CVE-2020-15635
08/20/2020$5k-$25k$0-$5kNetgear R6700 String Table File Upload privilege escalationNot Defined
 
 
0.07CVE-2020-15634
08/20/2020$0-$5k$0-$5kFoxit Studio Photo PNG File information disclosureNot Defined
 
 
0.00CVE-2020-15630
08/20/2020$0-$5k$0-$5kFoxit Studio Photo tif File privilege escalationNot Defined
 
 
0.00CVE-2020-15629
08/20/2020$0-$5k$0-$5kSilicon Labs Bluetooth Low Energy SDK memory corruptionNot Defined
 
 
0.00CVE-2020-15532
08/20/2020$0-$5k$0-$5kSilicon Labs Bluetooth Low Energy SDK Code Execution memory corruptionNot Defined
 
 
0.00CVE-2020-15531
08/20/2020$0-$5k$0-$5kOpenMage LTS Admin Interface cross site request forgeryNot Defined
 
 
0.00CVE-2020-15151
08/20/2020$0-$5k$0-$5kNodeBB socket.io Call privilege escalationNot Defined
 
 
0.00CVE-2020-15149
08/20/2020$0-$5k$0-$5kSylius SyliusResourceBundle Expression Remote Code ExecutionNot Defined
 
 
0.00CVE-2020-15146
08/20/2020$0-$5k$0-$5kSylius SyliusResourceBundle Expression Remote Code ExecutionNot Defined
 
 
0.00CVE-2020-15143
08/20/2020$0-$5k$0-$5kauth0-lock dangerouslySetInnerHTML cross site scriptingNot Defined
 
 
0.00CVE-2020-15119
08/20/2020$0-$5k$0-$5ki-doit CSV Export CSV Injection privilege escalationNot Defined
 
 
0.00CVE-2020-13826
08/20/2020$0-$5k$0-$5ki-doit cross site scriptingNot Defined
 
 
0.00CVE-2020-13825
08/20/2020$0-$5k$0-$5kROS Actionlib yaml Loader library.py:132 yaml.safe_load() privilege escalationNot Defined
 
 
0.07CVE-2020-10289
08/20/2020$0-$5k$0-$5kMicro Air Vehicle Link weak authenticationNot Defined
 
 
0.20CVE-2020-10283

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!