Live Archive

Timeframe: 11/25/2020 01:24 PM - 11/26/2020 01:24 PM (14 Entries)
Next Refresh: 11/26/2020 02:24 PM

CVSSv3 Base »

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

Exploit 0-day »

The moderation team is working with the threat intelligence team to determine prices for exploits. Our unique algorithm is used to identify the 0-day prices for an exploit, before it got distributed or became public. Calculated prices are aligned to prices disclosed by vulnerability broker and compared to prices we see on exploit markets.

🔴 CTI Activities »

Our unique Cyber Threat Intelligence aims to determine the ongoing research of actors to anticipiate their acitivities. Observing exploit markets on the Darknet, discussions of vulnerabilities on mailinglists, and exchanges on social media makes it possible to identify planned attacks. Monitored actors and activities are classified whether they are offensive or defensive. They are also weighted as some actors are well-known for certain products and technologies. And some of their disclosures might contain more or less details about technical aspects and personal context. The world map highlights active actors in real-time.

PublishedBaseTempVulnerability0dayTodayExpRemCTICVE
11/26/20205.55.5petl XML Document unknown vulnerability$0-$5k$0-$5kNot DefinedOfficial Fix2.24+CVE-2020-29128
11/26/20207.37.3FactoryTalk Linx Address Space Layout Randomization heap-based buffer overflow$0-$5k$0-$5kNot DefinedNot Defined3.96+CVE-2020-27255
11/26/20205.35.3FactoryTalk Linx Check Routine denial of service$0-$5k$0-$5kNot DefinedNot Defined4.09+CVE-2020-27253
11/26/20207.37.3Rockwell Automation FactoryTalk Linx Port Range heap-based buffer overflow$0-$5k$0-$5kNot DefinedNot Defined4.54CVE-2020-27251
11/26/20205.55.5spice-vdagentd Client Connection race condition$0-$5k$0-$5kNot DefinedNot Defined4.28CVE-2020-25653
11/26/20203.33.3spice-vdagentd Unix Domain Socket spice-vdagent-sock allocation of resources$0-$5k$0-$5kNot DefinedNot Defined3.45CVE-2020-25652
11/26/20205.55.5spice-vdagent File Transfer race condition$0-$5k$0-$5kNot DefinedNot Defined4.03CVE-2020-25651
11/26/20205.55.5x11vnc shmget Call scan.c access control$0-$5k$0-$5kNot DefinedOfficial Fix4.86CVE-2020-29074
11/26/20203.53.5osCommerce Newsletter cross site scripting$0-$5k$0-$5kNot DefinedNot Defined4.28CVE-2020-29070
11/26/20205.35.1Nanopb Message memory corruption$0-$5k$0-$5kNot DefinedOfficial Fix4.28CVE-2020-26243
11/26/20204.34.3GLPI caldav.php authorization$0-$5k$0-$5kNot DefinedOfficial Fix4.09CVE-2020-26212
11/26/20205.55.5spice-vdagentd File Transfer spice-vdagent-sock allocation of resources$0-$5k$0-$5kNot DefinedNot Defined3.78CVE-2020-25650
11/26/20204.34.3Atlassian Fisheye/Crucible MessageBundleResource denial of service$0-$5k$0-$5kNot DefinedOfficial Fix4.10CVE-2020-14191
11/26/20204.34.3Atlassian Fisheye/Crucible EyeQL incorrect regex$0-$5k$0-$5kNot DefinedOfficial Fix3.91CVE-2020-14190

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!