Exploits 06/04/2021info

Type »

The moderation team is working with the threat intelligence team to categorize software that is affected by security vulnerabilities. This helps to illustrate the assignment of these categories to determine the most affected software types.

Remediation »

Vendors and researchers are eager to find countermeasures to mitigate security vulnerabilities. These can be distinguished between multiple forms and levels of remediation which influence risks differently.

Exploitability »

Researcher and attacker which are looking for security vulnerabilities try to exploit them for academic purposes or personal gain. The level and quality of exploitability can be distinguished to determine simplicity and strength of attacks.

Lang »

The automatization and the exploitation of a security vulnerability is called an exploit. It is possible to determine the popularity and availability of programming languages used for creating such exploits.

CVSSv3 Base »

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp »

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

Exploit 0-day »

The moderation team is working with the threat intelligence team to determine prices for exploits. Our unique algorithm is used to identify the 0-day prices for an exploit, before it got distributed or became public. Calculated prices are aligned to prices disclosed by vulnerability broker and compared to prices we see on exploit markets.

Exploit Today »

The 0-day prices do not consider time-relevant factors. The today price does reflect price impacts like disclosure of vulnerability details, alternative exploits, availability of countermeasures. These dynamic aspects might decrease the exploit prices over time. Under certain circumstances this happens very fast.

Published0dayTodayTrVulnerabilityExpLangURLCTICVE
06/04/2021$25k-$100k$5k-$25kMicrosoft Edge Remote Code ExecutionUnproven
 
 
0.07CVE-2021-33741
06/04/2021$5k-$25k$5k-$25kLinux Kernel eBPF RINGBUF bpf_ringbuf_reserve out-of-bounds writeNot Defined
 
 
0.00CVE-2021-3489
06/04/2021$5k-$25k$5k-$25kLinux Kernel io_uring Subsystem mem heap-based overflowNot Defined
 
 
0.12CVE-2021-3491
06/04/2021$5k-$25k$5k-$25kCisco WebEx Network Recording Player/WebEx Player ARF/WRF File memory corruptionNot Defined
 
 
0.00CVE-2021-1502
06/04/2021$5k-$25k$5k-$25kCisco WebEx Network Recording Player/WebEx Player ARF/WRF File memory corruptionNot Defined
 
 
0.05CVE-2021-1503
06/04/2021$5k-$25k$5k-$25kCisco WebEx Player WRF File memory corruptionNot Defined
 
 
0.08CVE-2021-1527
06/04/2021$5k-$25k$5k-$25kCisco WebEx Player WRF File memory corruptionNot Defined
 
 
0.00CVE-2021-1526
06/04/2021$5k-$25k$0-$5kCisco ASR 5000 CLI Command authorizationNot Defined
 
 
0.00CVE-2021-1540
06/04/2021$5k-$25k$0-$5kCisco ASR 5000 CLI Command authorizationNot Defined
 
 
0.04CVE-2021-1539
06/04/2021$5k-$25k$0-$5kCisco SD-WAN CLI unnecessary privilegesNot Defined
 
 
0.12CVE-2021-1528
06/04/2021$5k-$25k$5k-$25kHuawei Smart Phone Image buffer overflowNot Defined
 
 
0.00CVE-2021-22335
06/04/2021$5k-$25k$5k-$25kHuawei Smart Phone array indexNot Defined
 
 
0.04CVE-2021-22333
06/04/2021$5k-$25k$0-$5kCisco WebEx Meetings Server Multimedia Viewer protection mechanismNot Defined
 
 
0.00CVE-2021-1517
06/04/2021$5k-$25k$0-$5kCisco Common Services Platform Collector os command injectionNot Defined
 
 
0.00CVE-2021-1538
06/04/2021$5k-$25k$5k-$25kHuawei Smart Phone App access controlNot Defined
 
 
0.00CVE-2021-22334
06/04/2021$5k-$25k$0-$5kLinux Kernel eBPF ALU32 Bounds Tracking out-of-bounds readNot Defined
 
 
0.05CVE-2021-3490
06/04/2021$5k-$25k$0-$5kCisco WebEx Meetings/WebEx Meetings Server Web UI redirectNot Defined
 
 
0.05CVE-2021-1525
06/04/2021$5k-$25k$5k-$25kHuawei Smart Phone credentials managementNot Defined
 
 
0.00CVE-2021-22324
06/04/2021$5k-$25k$0-$5kCisco WebEx Meetings Desktop App uncontrolled search pathNot Defined
 
 
0.05CVE-2021-1536
06/04/2021$5k-$25k$5k-$25kHuawei Smart Phone Video Stream Transmission information disclosureNot Defined
 
 
0.04CVE-2021-22325
06/04/2021$5k-$25k$0-$5kHuawei Smart Phone missing authenticationNot Defined
 
 
0.16CVE-2021-22322
06/04/2021$0-$5k$0-$5kHuawei Smart Phone information disclosureNot Defined
 
 
0.09CVE-2021-22313
06/04/2021$0-$5k$0-$5kHuawei Smart Phone Data information disclosureNot Defined
 
 
0.05CVE-2021-22317
06/04/2021$0-$5k$0-$5kHuawei Smart Phone User Click Data information disclosureNot Defined
 
 
0.00CVE-2021-22337
06/04/2021$0-$5k$0-$5kCisco Video Surveillance 7000 Cisco Discovery Protocol resource consumptionNot Defined
 
 
0.00CVE-2021-1564
06/04/2021$0-$5k$0-$5kCisco Video Surveillance 7000 Cisco Discovery Protocol resource consumptionNot Defined
 
 
0.00CVE-2021-1563
06/04/2021$0-$5k$0-$5kHuawei Smart Phone denial of serviceNot Defined
 
 
0.56CVE-2021-22336
06/04/2021$0-$5k$0-$5kRealtek RTL8710 WPA2 Handshake AES_UnWRAP stack-based overflowNot Defined
 
 
0.05CVE-2020-27301
06/04/2021$0-$5k$0-$5kRealtek RTL8710 WPA2 Handshake memcpy stack-based overflowNot Defined
 
 
0.05CVE-2020-27302
06/04/2021$0-$5k$0-$5kBackdoor.Win32.Androm.df Service Port 8000 backdoorProof-of-Concept
 
Link0.08
06/04/2021$0-$5k$0-$5kHuawei Smart Phone Screenshot information disclosureNot Defined
 
 
0.05CVE-2021-22308
06/04/2021$0-$5k$0-$5kCisco ThousandEyes Recorder Installer insufficiently protected credentialsNot Defined
 
 
0.09CVE-2021-1537
06/04/2021$0-$5k$0-$5kCisco Webex Meetings Client Logging information disclosureNot Defined
 
 
0.07CVE-2021-1544
06/04/2021$0-$5k$0-$5kLuca Server Phone Number improper validation of integrity check valueNot Defined
 
 
0.06CVE-2021-33840
06/04/2021$0-$5k$0-$5kglob-parent Enclosure Regex incorrect regexNot Defined
 
 
0.05CVE-2020-28469
06/04/2021$0-$5k$0-$5knestie Prototype code injectionNot Defined
 
 
0.50CVE-2021-25947
06/04/2021$0-$5k$0-$5kJohnson Controls Metasys Server File System privileges managementNot Defined
 
 
0.06CVE-2021-27657
06/04/2021$0-$5k$0-$5kAOMedia libaom noise_model.c buffer overflowNot Defined
 
 
0.13CVE-2021-30475
06/04/2021$0-$5k$0-$5kOpenVPN Access Server Authentication Token unusual conditionNot Defined
 
 
0.05CVE-2020-36382
06/04/2021$0-$5k$0-$5kOBottle t.php unknown vulnerabilityNot Defined
 
 
0.10CVE-2020-36008
06/04/2021$0-$5k$0-$5kBloofoxCMS Content-Type unrestricted uploadNot Defined
 
 
0.06CVE-2020-36141
06/04/2021$0-$5k$0-$5kBackstage techdocs-common command injectionNot Defined
 
 
0.07CVE-2021-32660
06/04/2021$0-$5k$0-$5kTechdocs Plugin Deployment command injectionNot Defined
 
 
0.06CVE-2021-32661
06/04/2021$0-$5k$0-$5kForeman Proxy ca.conf authorizationNot Defined
 
 
0.00CVE-2021-3469
06/04/2021$0-$5k$0-$5kAppCMS download_frame.php sql injectionNot Defined
 
 
0.05CVE-2020-36004
06/04/2021$0-$5k$0-$5kYzmCMS Background Collection Management server-side request forgeryNot Defined
 
 
0.00CVE-2020-35970
06/04/2021$0-$5k$0-$5kBackstage TechDocs Documentation path traversalNot Defined
 
 
0.12CVE-2021-32662
06/04/2021$0-$5k$0-$5kWire Conversation Verification insufficient verification of data authenticityNot Defined
 
 
0.06CVE-2021-32665
06/04/2021$0-$5k$0-$5kSOGo SAML Assertion signature verificationNot Defined
 
 
0.12CVE-2021-33054
06/04/2021$0-$5k$0-$5kBloofoxCMS Parameter pathname traversalNot Defined
 
 
0.00CVE-2020-36142

Might our Artificial Intelligence support you?

Check our Alexa App!