Exploits 10/12/2021info

Type »

The moderation team is working with the threat intelligence team to categorize software that is affected by security vulnerabilities. This helps to illustrate the assignment of these categories to determine the most affected software types.

Remediation »

Vendors and researchers are eager to find countermeasures to mitigate security vulnerabilities. These can be distinguished between multiple forms and levels of remediation which influence risks differently.

Exploitability »

Researcher and attacker which are looking for security vulnerabilities try to exploit them for academic purposes or personal gain. The level and quality of exploitability can be distinguished to determine simplicity and strength of attacks.

Lang »

The automatization and the exploitation of a security vulnerability is called an exploit. It is possible to determine the popularity and availability of programming languages used for creating such exploits.

CVSSv3 Base »

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp »

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

Exploit 0-day »

The moderation team is working with the threat intelligence team to determine prices for exploits. Our unique algorithm is used to identify the 0-day prices for an exploit, before it got distributed or became public. Calculated prices are aligned to prices disclosed by vulnerability broker and compared to prices we see on exploit markets.

Exploit Today »

The 0-day prices do not consider time-relevant factors. The today price does reflect price impacts like disclosure of vulnerability details, alternative exploits, availability of countermeasures. These dynamic aspects might decrease the exploit prices over time. Under certain circumstances this happens very fast.

Published0dayTodayTrVulnerabilityExpLangURLCTICVE
10/12/2021$100k and more$25k-$100kMicrosoft Windows Print Spooler Remote Code ExecutionFunctional
 
 
5.93CVE-2021-36970
10/12/2021$100k and more$25k-$100kMicrosoft Windows Text Shaping Remote Code ExecutionUnproven
 
 
0.81CVE-2021-40465
10/12/2021$100k and more$25k-$100kMicrosoft Windows Common Log File System Driver Privilege EscalationUnproven
 
 
0.53CVE-2021-40467
10/12/2021$100k and more$25k-$100kMicrosoft Windows Common Log File System Driver Privilege EscalationUnproven
 
 
0.33CVE-2021-40443
10/12/2021$100k and more$25k-$100kMicrosoft Windows Win32k Privilege EscalationFunctional
 
 
10.00CVE-2021-40449
10/12/2021$100k and more$25k-$100kMicrosoft Windows Win32k Privilege EscalationUnproven
 
 
0.77CVE-2021-40450
10/12/2021$100k and more$25k-$100kMicrosoft Windows Common Log File System Driver Privilege EscalationUnproven
 
 
0.16CVE-2021-40466
10/12/2021$100k and more$25k-$100kMicrosoft Windows DirectX Graphics Privilege EscalationUnproven
 
 
0.41CVE-2021-40470
10/12/2021$100k and more$25k-$100kMicrosoft Windows AppContainer Privilege EscalationProof-of-Concept
 
 
0.53CVE-2021-40476
10/12/2021$100k and more$25k-$100kMicrosoft Windows Event Tracing Privilege EscalationUnproven
 
 
0.41CVE-2021-40477
10/12/2021$100k and more$25k-$100kMicrosoft Windows Storage Spaces Controller Privilege EscalationUnproven
 
 
0.33CVE-2021-40478
10/12/2021$100k and more$25k-$100kMicrosoft Windows Storage Spaces Controller Privilege EscalationUnproven
 
 
0.45CVE-2021-40488
10/12/2021$100k and more$25k-$100kMicrosoft Windows Storage Spaces Controller Privilege EscalationUnproven
 
 
0.37CVE-2021-40489
10/12/2021$100k and more$25k-$100kMicrosoft Windows Kernel Privilege EscalationProof-of-Concept
 
 
3.04CVE-2021-41335
10/12/2021$100k and more$25k-$100kMicrosoft Windows Storage Spaces Controller Privilege EscalationUnproven
 
 
0.49CVE-2021-41345
10/12/2021$100k and more$25k-$100kMicrosoft Windows AppX Deployment Service Privilege EscalationUnproven
 
 
0.61CVE-2021-41347
10/12/2021$100k and more$25k-$100kMicrosoft Windows Win32k Privilege EscalationFunctional
 
 
1.26CVE-2021-41357
10/12/2021$100k and more$25k-$100kMicrosoft Windows Hyper-V Privilege EscalationUnproven
 
 
2.89CVE-2021-38672
10/12/2021$100k and more$25k-$100kMicrosoft Windows Hyper-V Privilege EscalationUnproven
 
 
2.40CVE-2021-40461
10/12/2021$25k-$100k$25k-$100kMicrosoft Windows HTTP.sys Privilege EscalationUnproven
 
 
0.89CVE-2021-26442
10/12/2021$25k-$100k$25k-$100kMicrosoft Windows Desktop Bridge Privilege EscalationUnproven
 
 
0.77CVE-2021-41334
10/12/2021$25k-$100k$25k-$100kMicrosoft Windows Graphics Privilege EscalationUnproven
 
 
0.81CVE-2021-41340
10/12/2021$25k-$100k$5k-$25kMicrosoft Windows DNS Server Privilege EscalationProof-of-Concept
 
 
10.00CVE-2021-40469
10/12/2021$25k-$100k$5k-$25kMicrosoft Windows Nearby Sharing Privilege EscalationUnproven
 
 
0.69CVE-2021-40464
10/12/2021$25k-$100k$5k-$25kApple iOS/iPadOS IOMobileFrameBuffer memory corruptionFunctional
 
 
10.00CVE-2021-30883
10/12/2021$25k-$100k$5k-$25kMicrosoft Windows Media Foundation Dolby Digital Atmos Decoder Remote Code ExecutionUnproven
 
 
0.69CVE-2021-40462
10/12/2021$25k-$100k$5k-$25kMicrosoft Windows Media Foundation Remote Code ExecutionUnproven
 
 
0.65CVE-2021-41330
10/12/2021$25k-$100k$5k-$25kMicrosoft Windows Server 2012 R2 (Server Core installation) Media Audio Decoder Remote Code ExecutionUnproven
 
 
0.69CVE-2021-41331
10/12/2021$25k-$100k$5k-$25kMicrosoft Windows MSHTML Platform Remote Code ExecutionProof-of-Concept
 
 
1.02CVE-2021-41342
10/12/2021$25k-$100k$5k-$25kMicrosoft Windows Installer unknown vulnerabilityUnproven
 
 
0.94CVE-2021-40455
10/12/2021$25k-$100k$5k-$25kMicrosoft Windows Remote Procedure Call Runtime Privilege EscalationUnproven
 
 
1.60CVE-2021-40460
10/12/2021$25k-$100k$5k-$25kMicrosoft Windows Console Window Host Privilege EscalationUnproven
 
 
0.53CVE-2021-41346
10/12/2021$25k-$100k$5k-$25kMicrosoft Windows Active Directory Federation Server Privilege EscalationUnproven
 
 
1.54CVE-2021-41361
10/12/2021$25k-$100k$5k-$25kMicrosoft Windows Storage Spaces Controller Local Privilege EscalationUnproven
 
 
0.73CVE-2021-26441
10/12/2021$25k-$100k$5k-$25kMicrosoft Windows Active Directory Privilege EscalationUnproven
 
 
1.13CVE-2021-41337
10/12/2021$25k-$100k$5k-$25kMicrosoft Exchange Server Privilege EscalationUnproven
 
 
10.00CVE-2021-26427
10/12/2021$25k-$100k$5k-$25kMicrosoft Exchange Server Privilege EscalationUnproven
 
 
1.58CVE-2021-41348
10/12/2021$25k-$100k$5k-$25kMicrosoft Windows AD FS information disclosureUnproven
 
 
0.77CVE-2021-40456
10/12/2021$25k-$100k$5k-$25kGoogle Android Bluetooth improper restriction of rendered ui layersProof-of-Concept
 
 
0.08CVE-2021-0583
10/12/2021$25k-$100k$5k-$25kMicrosoft Windows Rich Text Edit Control information disclosureFunctional
 
 
1.66CVE-2021-40454
10/12/2021$25k-$100k$5k-$25kMicrosoft Windows Fast FAT File System Driver information disclosureUnproven
 
 
0.73CVE-2021-38662
10/12/2021$25k-$100k$5k-$25kMicrosoft Windows exFAT File System information disclosureUnproven
 
 
0.81CVE-2021-38663
10/12/2021$25k-$100k$5k-$25kMicrosoft Windows Cloud Files Mini Filter Driver information disclosureUnproven
 
 
0.41CVE-2021-40475
10/12/2021$25k-$100k$5k-$25kMicrosoft Windows Bind Filter Driver information disclosureUnproven
 
 
0.65CVE-2021-40468
10/12/2021$25k-$100k$5k-$25kMicrosoft Windows Print Spooler information disclosureUnproven
 
 
1.30CVE-2021-41332
10/12/2021$25k-$100k$5k-$25kMicrosoft Windows Kernel information disclosureUnproven
 
 
0.69CVE-2021-41336
10/12/2021$25k-$100k$5k-$25kMicrosoft Windows AppContainer Firewall Rules information disclosureProof-of-Concept
 
 
2.92CVE-2021-41338
10/12/2021$25k-$100k$5k-$25kMicrosoft Windows Fast FAT File System Driver information disclosureUnproven
 
 
0.81CVE-2021-41343
10/12/2021$25k-$100k$5k-$25kMicrosoft SharePoint Server Privilege EscalationUnproven
 
 
0.97CVE-2021-41344
10/12/2021$25k-$100k$5k-$25kHPE 3PAR StoreServ code injectionNot Defined
 
 
0.53CVE-2021-26588

Might our Artificial Intelligence support you?

Check our Alexa App!