Exploits 06/10/2021info

Type »

The moderation team is working with the threat intelligence team to categorize software that is affected by security vulnerabilities. This helps to illustrate the assignment of these categories to determine the most affected software types.

Remediation »

Vendors and researchers are eager to find countermeasures to mitigate security vulnerabilities. These can be distinguished between multiple forms and levels of remediation which influence risks differently.

Exploitability »

Researcher and attacker which are looking for security vulnerabilities try to exploit them for academic purposes or personal gain. The level and quality of exploitability can be distinguished to determine simplicity and strength of attacks.

Lang »

The automatization and the exploitation of a security vulnerability is called an exploit. It is possible to determine the popularity and availability of programming languages used for creating such exploits.

CVSSv3 Base »

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp »

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

Exploit 0-day »

The moderation team is working with the threat intelligence team to determine prices for exploits. Our unique algorithm is used to identify the 0-day prices for an exploit, before it got distributed or became public. Calculated prices are aligned to prices disclosed by vulnerability broker and compared to prices we see on exploit markets.

Exploit Today »

The 0-day prices do not consider time-relevant factors. The today price does reflect price impacts like disclosure of vulnerability details, alternative exploits, availability of countermeasures. These dynamic aspects might decrease the exploit prices over time. Under certain circumstances this happens very fast.

Published0dayTodayTrVulnerabilityExpLangURLCTICVE
06/10/2021$25k-$100k$5k-$25kGoogle Chrome BFCache use after freeNot Defined
 
 
1.39CVE-2021-30544
06/10/2021$25k-$100k$5k-$25kGoogle Chrome ANGLE out-of-bounds writeNot Defined
 
 
0.50CVE-2021-30547
06/10/2021$25k-$100k$5k-$25kGoogle Chrome Accessibility use after freeNot Defined
 
 
0.79CVE-2021-30550
06/10/2021$25k-$100k$5k-$25kGoogle Chrome Extension use after freeNot Defined
 
 
0.79CVE-2021-30552
06/10/2021$25k-$100k$5k-$25kGoogle Chrome Extension use after freeNot Defined
 
 
0.79CVE-2021-30545
06/10/2021$25k-$100k$5k-$25kGoogle Chrome Autofill use after freeNot Defined
 
 
0.79CVE-2021-30546
06/10/2021$25k-$100k$5k-$25kGoogle Chrome Loader use after freeNot Defined
 
 
0.99CVE-2021-30548
06/10/2021$25k-$100k$5k-$25kGoogle Chrome Spell Check use after freeNot Defined
 
 
0.69CVE-2021-30549
06/10/2021$25k-$100k$5k-$25kGoogle Chrome Network Service use after freeNot Defined
 
 
0.79CVE-2021-30553
06/10/2021$25k-$100k$5k-$25kGoogle Chrome V8 type confusionNot Defined
 
 
7.83CVE-2021-30551
06/10/2021$25k-$100k$5k-$25kApache HTTP Server mod_session heap-based overflowNot Defined
 
 
0.69CVE-2021-26691
06/10/2021$25k-$100k$5k-$25kApache HTTP Server mod_auth_digest stack-based overflowNot Defined
 
 
0.40CVE-2020-35452
06/10/2021$25k-$100k$5k-$25kApache HTTP Server MergeSlashes Remote Code ExecutionNot Defined
 
 
0.79CVE-2021-30641
06/10/2021$5k-$25k$5k-$25kApache HTTP Server mod_proxy_wstunnel improper authenticationNot Defined
 
 
0.69CVE-2019-17567
06/10/2021$5k-$25k$5k-$25kSAP Internet Graphics Service IGS Request freeMemory memory corruptionNot Defined
 
 
0.54CVE-2021-27625
06/10/2021$5k-$25k$5k-$25kSAP Internet Graphics Service IGS Request Parse memory corruptionNot Defined
 
 
0.41CVE-2021-27626
06/10/2021$5k-$25k$5k-$25kSAP Internet Graphics Service IGS Request DoIt memory corruptionNot Defined
 
 
0.44CVE-2021-27627
06/10/2021$5k-$25k$0-$5kIntel Core/Pentium/Celeron/Atom VT-d Local Privilege EscalationNot Defined
 
 
0.10CVE-2020-24489
06/10/2021$5k-$25k$0-$5kIntel Server BoardM10JNP2SB buffer overflowNot Defined
 
 
0.16CVE-2021-0101
06/10/2021$5k-$25k$0-$5kMcAfee GetSusp Driver File out-of-bounds writeNot Defined
 
 
0.00CVE-2021-31837
06/10/2021$5k-$25k$5k-$25kSAP SCIMono ldap injectionNot Defined
 
 
0.43CVE-2021-33668
06/10/2021$5k-$25k$0-$5kF5 BIG-IP APM/BIG-IP APM Clients Windows Installer Service permissionNot Defined
 
 
1.19CVE-2021-23022
06/10/2021$5k-$25k$0-$5kMcAfee Agent MA Event Folder privileges managementNot Defined
 
 
1.29CVE-2021-31839
06/10/2021$5k-$25k$0-$5kIntel Server Board M10JNP2SB BMC Firmware out-of-bounds writeNot Defined
 
 
0.07CVE-2021-0113
06/10/2021$5k-$25k$0-$5kIntel Server Board M10JNP2SB input validationNot Defined
 
 
0.16CVE-2021-0070
06/10/2021$5k-$25k$0-$5kSuSE Linux Enterprise Server default permissionNot Defined
 
 
0.89CVE-2021-31998
06/10/2021$5k-$25k$5k-$25kSAP Manufacturing Execution HTTP Response security check for standardNot Defined
 
 
0.60CVE-2021-27615
06/10/2021$5k-$25k$0-$5kIntel Server Boards/Server System/Compute Modules BMC Firmware buffer overflowNot Defined
 
 
0.19CVE-2020-24474
06/10/2021$5k-$25k$0-$5kMcAfee Agent uncontrolled search pathNot Defined
 
 
1.49CVE-2021-31840
06/10/2021$5k-$25k$0-$5kIntel Core/Xeon initializationNot Defined
 
 
1.23CVE-2020-12357
06/10/2021$5k-$25k$5k-$25kIntel PROSet/Wireless WiFi permissionNot Defined
 
 
0.10CVE-2021-0105
06/10/2021$5k-$25k$0-$5kF5 BIG-IP APM/BIG-IP APM Clients Windows Installer cachecleaner.dll uncontrolled search pathNot Defined
 
 
0.96CVE-2021-23023
06/10/2021$5k-$25k$0-$5kApache HTTP Server mod_proxy_http null pointer dereferenceNot Defined
 
 
0.69CVE-2020-13950
06/10/2021$5k-$25k$0-$5kApache HTTP Server mod_session null pointer dereferenceNot Defined
 
 
0.89CVE-2021-26690
06/10/2021$5k-$25k$0-$5kIntel Core/Xeon Firmware input validationNot Defined
 
 
0.00CVE-2020-8700
06/10/2021$5k-$25k$0-$5kIntel Server Board/Server System/Compute Module BMC Firmware out-of-bounds writeNot Defined
 
 
0.45CVE-2020-24473
06/10/2021$5k-$25k$0-$5kApache HTTP Server denial of serviceNot Defined
 
 
1.39CVE-2020-13938
06/10/2021$5k-$25k$5k-$25kIntel NUC System Firmware buffer overflowNot Defined
 
 
0.89CVE-2021-0054
06/10/2021$5k-$25k$0-$5kIntel CSME Subsystem buffer overflowNot Defined
 
 
0.46CVE-2020-8703
06/10/2021$5k-$25k$0-$5kIntel DSA Link Local Privilege EscalationNot Defined
 
 
0.69CVE-2021-0094
06/10/2021$5k-$25k$0-$5kIntel Core/Xeon Control Flow Management control flowNot Defined
 
 
0.10CVE-2020-12359
06/10/2021$5k-$25k$0-$5kIntel Security Library Key Exchange improper authenticationNot Defined
 
 
0.10CVE-2021-0133
06/10/2021$5k-$25k$0-$5kIntel Server Board M10JNP2S BMC Firmware path traversalNot Defined
 
 
0.16CVE-2021-0097
06/10/2021$5k-$25k$5k-$25kSAP Mobile SDK Certificate Provider temp fileNot Defined
 
 
0.87CVE-2021-33669
06/10/2021$5k-$25k$5k-$25kIntel NUC System Firmware access controlNot Defined
 
 
0.30CVE-2021-0067
06/10/2021$5k-$25k$0-$5kIntel SPS Control Flow Management control flowNot Defined
 
 
0.49CVE-2020-24509
06/10/2021$5k-$25k$0-$5kIntel Processor Diagnostic Tool uncontrolled search pathNot Defined
 
 
0.37CVE-2020-8702
06/10/2021$5k-$25k$0-$5kIntel Computing Improvement Program access controlNot Defined
 
 
1.07CVE-2021-0052
06/10/2021$5k-$25k$0-$5kIntel NUC 9 Extreme Laptop Kit LAN Driver permissionNot Defined
 
 
0.40CVE-2021-0055
06/10/2021$5k-$25k$0-$5kIntel NUC M15 Laptop Kit Driver Pack permissionNot Defined
 
 
0.59CVE-2021-0056

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!