Exploits 09/17/2020info

Type »

The moderation team is working with the threat intelligence team to categorize software that is affected by security vulnerabilities. This helps to illustrate the assignment of these categories to determine the most affected software types.

Remediation »

Vendors and researchers are eager to find countermeasures to mitigate security vulnerabilities. These can be distinguished between multiple forms and levels of remediation which influence risks differently.

Exploitability »

Researcher and attacker which are looking for security vulnerabilities try to exploit them for academic purposes or personal gain. The level and quality of exploitability can be distinguished to determine simplicity and strength of attacks.

Lang »

The automatization and the exploitation of a security vulnerability is called an exploit. It is possible to determine the popularity and availability of programming languages used for creating such exploits.

CVSSv3 Base »

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp »

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

Exploit 0-day »

The moderation team is working with the threat intelligence team to determine prices for exploits. Our unique algorithm is used to identify the 0-day prices for an exploit, before it got distributed or became public. Calculated prices are aligned to prices disclosed by vulnerability broker and compared to prices we see on exploit markets.

Exploit Today »

The 0-day prices do not consider time-relevant factors. The today price does reflect price impacts like disclosure of vulnerability details, alternative exploits, availability of countermeasures. These dynamic aspects might decrease the exploit prices over time. Under certain circumstances this happens very fast.

Published0dayTodayTrVulnerabilityExpLangURLCTICVE
09/17/2020$25k-$100k$5k-$25kGoogle Android out-of-bounds writeNot Defined
 
 
0.08CVE-2020-0342
09/17/2020$25k-$100k$5k-$25kGoogle Android out-of-bounds writeNot Defined
 
 
0.06CVE-2020-0278
09/17/2020$25k-$100k$5k-$25kGoogle Android out-of-bounds writeNot Defined
 
 
0.05CVE-2020-0123
09/17/2020$25k-$100k$5k-$25kGoogle Android out-of-bounds writeNot Defined
 
 
0.07CVE-2020-0229
09/17/2020$25k-$100k$5k-$25kGoogle Android bitalloc.c allocExcessBits out-of-bounds writeNot Defined
 
 
0.07CVE-2020-0380
09/17/2020$25k-$100k$5k-$25kGoogle Android combined_decode.cpp DecodeFrameCombinedMode out-of-bounds writeNot Defined
 
 
0.06CVE-2020-0245
09/17/2020$25k-$100k$5k-$25kGoogle Android libstagefright integer overflowNot Defined
 
 
0.05CVE-2020-0264
09/17/2020$25k-$100k$5k-$25kGoogle Android mp3 Extractor missing initialization of resourceNot Defined
 
 
0.00CVE-2020-0321
09/17/2020$25k-$100k$5k-$25kGoogle Android Media Extractor use after freeNot Defined
 
 
0.00CVE-2020-0303
09/17/2020$25k-$100k$5k-$25kGoogle Android UrlQuerySanitizer input validationNot Defined
 
 
0.06CVE-2020-0333
09/17/2020$25k-$100k$5k-$25kGoogle Android iorap use after freeNot Defined
 
 
0.06CVE-2020-0330
09/17/2020$25k-$100k$5k-$25kGoogle Android PackageManagerService.java applyPolicy privileges managementNot Defined
 
 
0.05CVE-2020-0391
09/17/2020$25k-$100k$5k-$25kGoogle Android uvc_driver.c uvc_scan_chain_forward privileges managementNot Defined
 
 
0.07CVE-2020-0404
09/17/2020$25k-$100k$5k-$25kGoogle Android Factory Reset Protection authorizationNot Defined
 
 
0.00CVE-2020-0266
09/17/2020$25k-$100k$5k-$25kGoogle Android Mediaserver integer overflowNot Defined
 
 
0.00CVE-2020-0346
09/17/2020$25k-$100k$5k-$25kGoogle Android networking.c skb_to_mamac integer overflowNot Defined
 
 
0.00CVE-2020-0432
09/17/2020$25k-$100k$5k-$25kGoogle Android keyboard.c kbd_keycode out-of-bounds writeNot Defined
 
 
0.05CVE-2020-0431
09/17/2020$25k-$100k$5k-$25kGoogle Android libmpeg2dec out-of-bounds writeNot Defined
 
 
0.00CVE-2020-0406
09/17/2020$25k-$100k$5k-$25kGoogle Android blk-mq-tag.c blk_mq_queue_tag_busy_iter use after freeNot Defined
 
 
0.09CVE-2020-0433
09/17/2020$25k-$100k$5k-$25kGoogle Android SurfaceFlinger.cpp getLayerDebugInfo double freeNot Defined
 
 
0.05CVE-2020-0392
09/17/2020$25k-$100k$5k-$25kGoogle Android Catpipe Library use after freeNot Defined
 
 
0.07CVE-2020-0434
09/17/2020$25k-$100k$5k-$25kGoogle Android Surfaceflinger lockingNot Defined
 
 
0.00CVE-2020-0357
09/17/2020$25k-$100k$5k-$25kGoogle Android libavb integer overflowNot Defined
 
 
0.09CVE-2020-0369
09/17/2020$25k-$100k$0-$5kGoogle Android skbuff.h skb_headlen out-of-bounds readNot Defined
 
 
0.04CVE-2020-0430
09/17/2020$25k-$100k$5k-$25kGoogle Android Audio HAL memory corruptionNot Defined
 
 
0.08CVE-2020-0356
09/17/2020$25k-$100k$5k-$25kGoogle Android l2tp_core.c l2tp_session_delete use after freeNot Defined
 
 
0.05CVE-2020-0429
09/17/2020$25k-$100k$5k-$25kGoogle Android f2fs.h inline_data_addr integer overflowNot Defined
 
 
0.05CVE-2020-0435
09/17/2020$25k-$100k$5k-$25kGoogle Android Surfaceflinger type confusionNot Defined
 
 
0.00CVE-2020-0336
09/17/2020$25k-$100k$0-$5kGoogle Android CamX race conditionNot Defined
 
 
0.00CVE-2020-0428
09/17/2020$25k-$100k$0-$5kGoogle Android Surfaceflinger toctouNot Defined
 
 
0.00CVE-2020-0358
09/17/2020$25k-$100k$5k-$25kGoogle Android eas_mdls.c Parse_wave integer overflowNot Defined
 
 
0.00CVE-2020-0381
09/17/2020$25k-$100k$5k-$25kGoogle Android Media Extractor eas_mdls.c Parse_art out-of-bounds writeNot Defined
 
 
0.08CVE-2020-0384
09/17/2020$25k-$100k$5k-$25kGoogle Android eas_mdls.c Parse_ins out-of-bounds writeNot Defined
 
 
0.05CVE-2020-0383
09/17/2020$25k-$100k$5k-$25kGoogle Android Media Extractor eas_mdls.c Parse_insh out-of-bounds writeNot Defined
 
 
0.07CVE-2020-0385
09/17/2020$25k-$100k$5k-$25kGoogle Android libsonivox out-of-bounds readNot Defined
 
 
0.06CVE-2020-0324
09/17/2020$25k-$100k$5k-$25kGoogle Android libFraunhoferAAC out-of-bounds readNot Defined
 
 
0.06CVE-2020-0355
09/17/2020$25k-$100k$5k-$25kGoogle Android libDRCdec out-of-bounds readNot Defined
 
 
0.00CVE-2020-0364
09/17/2020$25k-$100k$5k-$25kGoogle Android libAACdec out-of-bounds readNot Defined
 
 
0.00CVE-2020-0370
09/17/2020$25k-$100k$5k-$25kGoogle Android AAC Parser out-of-bounds readNot Defined
 
 
0.05CVE-2020-0279
09/17/2020$25k-$100k$5k-$25kGoogle Android tremolo out-of-bounds readNot Defined
 
 
0.42CVE-2020-0270
09/17/2020$25k-$100k$5k-$25kGoogle Android libcodec2_soft_mp3dec missing initialization of resourceNot Defined
 
 
0.50CVE-2020-0340
09/17/2020$25k-$100k$5k-$25kGoogle Android libDRCdec uninitialized resourceNot Defined
 
 
0.82CVE-2020-0361
09/17/2020$25k-$100k$5k-$25kGoogle Android MediaProvider default permissionNot Defined
 
 
0.05CVE-2020-0275
09/17/2020$25k-$100k$5k-$25kGoogle Android Telephony authorizationNot Defined
 
 
1.75CVE-2020-0375
09/17/2020$25k-$100k$5k-$25kGoogle Android GnssVisibilityControl.java createEmergencyLocationUserNotification default permissionNot Defined
 
 
0.05CVE-2020-0388
09/17/2020$25k-$100k$5k-$25kGoogle Android LLVM privileges managementNot Defined
 
 
0.10CVE-2020-0306
09/17/2020$25k-$100k$5k-$25kGoogle Android screencap input validationNot Defined
 
 
0.00CVE-2020-0130
09/17/2020$25k-$100k$5k-$25kGoogle Android RequestPermissionActivity.java onCreate privileges managementNot Defined
 
 
0.09CVE-2020-0386
09/17/2020$25k-$100k$5k-$25kGoogle Android NetworkPolicyManagerService authorizationNot Defined
 
 
0.04CVE-2020-0277
09/17/2020$25k-$100k$5k-$25kGoogle Android DisplayManager authorizationNot Defined
 
 
0.00CVE-2020-0341

Do you need the next level of professionalism?

Upgrade your account now!