Live Archive

Timeframe: 12/08/2022 01:28 PM - 12/09/2022 01:28 PM (24 Entries)
Next Refresh: 12/09/2022 02:28 PM

CVSSv3 Base

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

Exploit 0-day

The moderation team is working with the threat intelligence team to determine prices for exploits. Our unique algorithm is used to identify the 0-day prices for an exploit, before it got distributed or became public. Calculated prices are aligned to prices disclosed by vulnerability broker and compared to prices we see on exploit markets.

🔴 CTI Activities

Our unique Cyber Threat Intelligence aims to determine the ongoing research of actors to anticipiate their acitivities. Observing exploit markets on the Darknet, discussions of vulnerabilities on mailinglists, and exchanges on social media makes it possible to identify planned attacks. Monitored actors and activities are classified whether they are offensive or defensive. They are also weighted as some actors are well-known for certain products and technologies. And some of their disclosures might contain more or less details about technical aspects and personal context. The world map highlights active actors in real-time.

12/09/20224.44.3JetBrains IntelliJ IDEA Custom Plugin xml external entity reference$0-$5k$0-$5kNot DefinedOfficial Fix1.21CVE-2022-46827
12/09/20224.44.4TinyMCE cross site scripting$0-$5k$0-$5kNot DefinedOfficial Fix1.05CVE-2022-23494
12/09/20222.72.6Brocade SANnav debug log file$0-$5k$0-$5kNot DefinedOfficial Fix1.07CVE-2022-33187
12/09/20225.35.2lirantal daloradius unknown vulnerability$0-$5k$0-$5kNot DefinedOfficial Fix1.07CVE-2022-4366
12/09/20223.43.4JetBrains TeamCity STS Endpoint server-side request forgery$0-$5k$0-$5kNot DefinedNot Defined1.07CVE-2022-46830
12/09/20226.05.9JetBrains Gateway improper authentication$0-$5k$0-$5kNot DefinedOfficial Fix1.01CVE-2022-46829
12/09/20225.35.1JetBrains IntelliJ IDEA DYLIB injection$0-$5k$0-$5kNot DefinedOfficial Fix1.01CVE-2022-46828
12/09/20224.74.7JetBrains IntelliJ IDEA Built-In Web Server path traversal$0-$5k$0-$5kNot DefinedOfficial Fix1.03CVE-2022-46826
12/09/20223.63.6JetBrains IntelliJ IDEA Built-In Web Server information disclosure$0-$5k$0-$5kNot DefinedOfficial Fix0.93CVE-2022-46825
12/09/20225.04.9JetBrains IntelliJ IDEA fsnotifier Daemon buffer overflow$0-$5k$0-$5kNot DefinedOfficial Fix1.03CVE-2022-46824
12/09/20223.53.4DHIS cross site scripting$0-$5k$0-$5kNot DefinedOfficial Fix1.01CVE-2022-41947
12/09/20223.73.7SeedDMS Reset Token Generation excessive authentication$0-$5k$0-$5kNot DefinedNot Defined0.89CVE-2022-44938
12/09/20223.53.5Teleport Web Interface get-role-list information disclosure$0-$5k$0-$5kNot DefinedNot Defined0.89CVE-2022-38599
12/09/20223.53.2S-CMS Contact Information Page cross site scripting$0-$5k$0-$5kProof-of-ConceptNot Defined1.34CVE-2022-4377
12/09/20226.35.7Mingsoft MCMS list sql injection$0-$5k$0-$5kProof-of-ConceptOfficial Fix1.13CVE-2022-4375
12/09/20225.35.3Google Go net-http memory allocation$5k-$25k$5k-$25kNot DefinedNot Defined0.99CVE-2022-41717
12/09/20223.53.5Secustation Camera information disclosure$0-$5k$0-$5kNot DefinedNot Defined0.96CVE-2022-40939
12/09/20226.36.3Canon Medical Informatics Vitrea Vision search access control$0-$5k$0-$5kNot DefinedNot Defined0.99CVE-2022-38765
12/09/20227.37.3Brocade Fabric OS Remote Code Execution$0-$5k$0-$5kNot DefinedNot Defined1.11CVE-2022-33186
12/09/20225.35.1Yauaa Client Hints Analysis exceptional condition$0-$5k$0-$5kNot DefinedOfficial Fix1.03CVE-2022-23496
12/09/20225.75.6DHIS HTTP PUT Request privileges management$0-$5k$0-$5kNot DefinedOfficial Fix1.52CVE-2022-41948
12/09/20226.46.3go-merkledag DAGService Interface exceptional condition$0-$5k$0-$5kNot DefinedOfficial Fix1.18CVE-2022-23495
12/09/20224.64.5DHIS server-side request forgery$0-$5k$0-$5kNot DefinedOfficial Fix1.07CVE-2022-41949
12/09/20225.65.6JetBrains TeamCity Default Credential Provider Chain variable initialization$0-$5k$0-$5kNot DefinedNot Defined1.07CVE-2022-46831

Do you know our Splunk app?

Download it now for free!