Exploits 10/13/2020info

Type »

The moderation team is working with the threat intelligence team to categorize software that is affected by security vulnerabilities. This helps to illustrate the assignment of these categories to determine the most affected software types.

Remediation »

Vendors and researchers are eager to find countermeasures to mitigate security vulnerabilities. These can be distinguished between multiple forms and levels of remediation which influence risks differently.

Exploitability »

Researcher and attacker which are looking for security vulnerabilities try to exploit them for academic purposes or personal gain. The level and quality of exploitability can be distinguished to determine simplicity and strength of attacks.

Lang »

The automatization and the exploitation of a security vulnerability is called an exploit. It is possible to determine the popularity and availability of programming languages used for creating such exploits.

CVSSv3 Base »

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp »

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

Exploit 0-day »

The moderation team is working with the threat intelligence team to determine prices for exploits. Our unique algorithm is used to identify the 0-day prices for an exploit, before it got distributed or became public. Calculated prices are aligned to prices disclosed by vulnerability broker and compared to prices we see on exploit markets.

Exploit Today »

The 0-day prices do not consider time-relevant factors. The today price does reflect price impacts like disclosure of vulnerability details, alternative exploits, availability of countermeasures. These dynamic aspects might decrease the exploit prices over time. Under certain circumstances this happens very fast.

Published0dayTodayTrVulnerabilityExpLangURLCTICVE
10/13/2020$100k and more$25k-$100kMicrosoft Windows GDI+ memory corruptionProof-of-Concept
 
 
0.09CVE-2020-16911
10/13/2020$100k and more$25k-$100kMicrosoft Windows Win32k memory corruptionProof-of-Concept
 
 
0.00CVE-2020-16907
10/13/2020$100k and more$25k-$100kMicrosoft Windows Kernel memory corruptionProof-of-Concept
 
 
0.07CVE-2020-16890
10/13/2020$100k and more$25k-$100kMicrosoft Windows Win32k memory corruptionProof-of-Concept
 
 
0.06CVE-2020-16913
10/13/2020$25k-$100k$5k-$25kMicrosoft Windows NAT memory corruptionProof-of-Concept
 
 
0.06CVE-2020-16894
10/13/2020$25k-$100k$5k-$25kMicrosoft Windows TCPIP Stack unknown vulnerabilityProof-of-Concept
 
 
0.22CVE-2020-16898
10/13/2020$25k-$100k$5k-$25kMicrosoft Windows Camera Codec Pack memory corruptionProof-of-Concept
 
 
0.00CVE-2020-16967
10/13/2020$25k-$100k$5k-$25kMicrosoft Windows Jet Database Engine memory corruptionProof-of-Concept
 
 
0.04CVE-2020-16924
10/13/2020$25k-$100k$5k-$25kMicrosoft Windows Camera Codec Pack memory corruptionProof-of-Concept
 
 
0.04CVE-2020-16968
10/13/2020$25k-$100k$5k-$25kMicrosoft Windows Media Foundation memory corruptionProof-of-Concept
 
 
0.06CVE-2020-16915
10/13/2020$25k-$100k$5k-$25kMicrosoft Windows Graphics memory corruptionProof-of-Concept
 
 
0.07CVE-2020-16923
10/13/2020$25k-$100k$5k-$25kMicrosoft Windows Graphics memory corruptionProof-of-Concept
 
 
0.00CVE-2020-1167
10/13/2020$25k-$100k$5k-$25kMicrosoft Windows Hyper-V memory corruptionProof-of-Concept
 
 
0.06CVE-2020-1047
10/13/2020$25k-$100k$5k-$25kMicrosoft Windows Event System memory corruptionProof-of-Concept
 
 
0.04CVE-2020-16900
10/13/2020$25k-$100k$5k-$25kMicrosoft Windows Error Reporting access controlProof-of-Concept
 
 
0.08CVE-2020-16909
10/13/2020$25k-$100k$5k-$25kMicrosoft Windows Backup Service access controlProof-of-Concept
 
 
0.06CVE-2020-16912
10/13/2020$25k-$100k$5k-$25kMicrosoft Windows Application Compatibility Client Library access controlProof-of-Concept
 
 
0.04CVE-2020-16920
10/13/2020$25k-$100k$5k-$25kMicrosoft Windows Backup Service access controlProof-of-Concept
 
 
0.06CVE-2020-16975
10/13/2020$25k-$100k$5k-$25kMicrosoft Windows Storage Services access controlProof-of-Concept
 
 
0.06CVE-2020-0764
10/13/2020$25k-$100k$5k-$25kMicrosoft Windows User Profile Service access controlProof-of-Concept
 
 
0.00CVE-2020-16940
10/13/2020$25k-$100k$5k-$25kMicrosoft Windows Backup Service access controlProof-of-Concept
 
 
0.04CVE-2020-16936
10/13/2020$25k-$100k$5k-$25kMicrosoft Windows Backup Service access controlProof-of-Concept
 
 
0.05CVE-2020-16973
10/13/2020$25k-$100k$5k-$25kMicrosoft Windows Error Reporting Manager access controlProof-of-Concept
 
 
0.09CVE-2020-16895
10/13/2020$25k-$100k$5k-$25kMicrosoft Windows iSCSI Target Service access controlProof-of-Concept
 
 
0.08CVE-2020-16980
10/13/2020$25k-$100k$5k-$25kMicrosoft Windows COM Server access controlProof-of-Concept
 
 
0.00CVE-2020-16916
10/13/2020$25k-$100k$5k-$25kMicrosoft Windows Application Compatibility Client Library access controlProof-of-Concept
 
 
0.04CVE-2020-16876
10/13/2020$25k-$100k$5k-$25kMicrosoft Windows Backup Service access controlProof-of-Concept
 
 
0.05CVE-2020-16974
10/13/2020$25k-$100k$5k-$25kMicrosoft Windows Storage VSP Driver access controlFunctional
 
 
0.05CVE-2020-16885
10/13/2020$25k-$100k$5k-$25kMicrosoft Windows Backup Service access controlProof-of-Concept
 
 
0.09CVE-2020-16976
10/13/2020$25k-$100k$5k-$25kMicrosoft Windows COM Server access controlProof-of-Concept
 
 
0.00CVE-2020-16935
10/13/2020$25k-$100k$5k-$25kMicrosoft Windows Unified Extensible Firmware Interface access controlProof-of-Concept
 
 
0.06CVE-2020-16910
10/13/2020$25k-$100k$5k-$25kMicrosoft Windows Error Reporting access controlProof-of-Concept
 
 
0.00CVE-2020-16905
10/13/2020$25k-$100k$5k-$25kMicrosoft Windows Group Policy privileges assignmentProof-of-Concept
 
 
0.00CVE-2020-16939
10/13/2020$25k-$100k$5k-$25kMicrosoft Windows Reparse Point access controlProof-of-Concept
 
 
0.04CVE-2020-16877
10/13/2020$25k-$100k$5k-$25kMicrosoft Windows File Signature Validation signature verificationProof-of-Concept
 
 
0.08CVE-2020-16922
10/13/2020$25k-$100k$5k-$25kMicrosoft Windows Hyper-V memory corruptionProof-of-Concept
 
 
0.06CVE-2020-1080
10/13/2020$25k-$100k$5k-$25kMicrosoft Windows Kernel Image memory corruptionProof-of-Concept
 
 
0.06CVE-2020-16892
10/13/2020$25k-$100k$5k-$25kMicrosoft Windows Network Connections Service memory corruptionProof-of-Concept
 
 
0.04CVE-2020-16887
10/13/2020$25k-$100k$5k-$25kMicrosoft Windows Backup Service improper authenticationProof-of-Concept
 
 
0.09CVE-2020-16972
10/13/2020$25k-$100k$5k-$25kMicrosoft Windows Hyper-V access controlProof-of-Concept
 
 
0.06CVE-2020-16891
10/13/2020$25k-$100k$5k-$25kMicrosoft Windows Remote Desktop Protocol information disclosureProof-of-Concept
 
 
0.06CVE-2020-16896
10/13/2020$25k-$100k$5k-$25kMicrosoft Windows Installer access controlProof-of-Concept
 
 
0.06CVE-2020-16902
10/13/2020$25k-$100k$5k-$25kMicrosoft Windows Setup access controlProof-of-Concept
 
 
0.09CVE-2020-16908
10/13/2020$25k-$100k$5k-$25kMicrosoft Windows Text Services Framework information disclosureProof-of-Concept
 
 
0.04CVE-2020-16921
10/13/2020$25k-$100k$5k-$25kMicrosoft Windows NetBIOS over TCP information disclosureProof-of-Concept
 
 
0.09CVE-2020-16897
10/13/2020$25k-$100k$5k-$25kMicrosoft Windows KernelStream information disclosureProof-of-Concept
 
 
0.11CVE-2020-16889
10/13/2020$25k-$100k$5k-$25kMicrosoft Windows Enterprise App Management Service information disclosureProof-of-Concept
 
 
0.00CVE-2020-16919
10/13/2020$5k-$25k$5k-$25kMicrosoft Windows Kernel information disclosureProof-of-Concept
 
 
0.08CVE-2020-16901
10/13/2020$5k-$25k$5k-$25kMicrosoft Windows TCPIP Stack denial of serviceProof-of-Concept
 
 
0.11CVE-2020-16899
10/13/2020$5k-$25k$5k-$25kMicrosoft Windows Remote Desktop Service denial of serviceProof-of-Concept
 
 
0.05CVE-2020-16863

Do you know our Splunk app?

Download it now for free!