Live Archive

Timeframe: 02/26/2021 10:35 AM - 02/28/2021 10:35 AM (44 Entries)
Next Refresh: 02/28/2021 11:35 AM

CVSSv3 Base »

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

Exploit 0-day »

The moderation team is working with the threat intelligence team to determine prices for exploits. Our unique algorithm is used to identify the 0-day prices for an exploit, before it got distributed or became public. Calculated prices are aligned to prices disclosed by vulnerability broker and compared to prices we see on exploit markets.

🔴 CTI Activities »

Our unique Cyber Threat Intelligence aims to determine the ongoing research of actors to anticipiate their acitivities. Observing exploit markets on the Darknet, discussions of vulnerabilities on mailinglists, and exchanges on social media makes it possible to identify planned attacks. Monitored actors and activities are classified whether they are offensive or defensive. They are also weighted as some actors are well-known for certain products and technologies. And some of their disclosures might contain more or less details about technical aspects and personal context. The world map highlights active actors in real-time.

PublishedBaseTempVulnerability0dayTodayExpRemCTICVE
02/27/20215.55.5SerComm Combo VD625 HTTP Header injection$0-$5k$0-$5kNot DefinedNot Defined4.21-CVE-2021-27132
02/27/20215.55.5SaltStack Salt SSH Client os command injection$0-$5k$0-$5kNot DefinedOfficial Fix4.34CVE-2021-3197
02/27/20213.53.5i-doit cross site scripting$0-$5k$0-$5kNot DefinedOfficial Fix4.27CVE-2021-3151
02/27/20215.55.5SaltStack Salt API thin.py salt.utils.thin.gen_thin command injection$0-$5k$0-$5kNot DefinedOfficial Fix3.69CVE-2021-3148
02/27/20215.55.5SaltStack Salt eauth Token unknown vulnerability$0-$5k$0-$5kNot DefinedOfficial Fix4.53CVE-2021-3144
02/27/20214.04.0wpa_supplicant P2P Provision Discovery Request p2p_pd.c denial of service$0-$5k$0-$5kNot DefinedOfficial Fix3.49CVE-2021-27803
02/27/20215.55.5Zint Barcode Generator C API upcean.c ean_leading_zeroes buffer overflow$0-$5k$0-$5kNot DefinedOfficial Fix2.46CVE-2021-27799
02/27/20217.37.3Visualware MyConnection Server Web Service unrestricted upload$0-$5k$0-$5kNot DefinedNot Defined2.20CVE-2021-27198
02/27/20216.36.3Synology DiskStation Manager faad path traversal$0-$5k$0-$5kNot DefinedOfficial Fix2.78CVE-2021-26567
02/27/20215.65.6Synology DiskStation Manager synorelayd insertion of sensitive information into sent data$0-$5k$0-$5kNot DefinedOfficial Fix10.00CVE-2021-26566
02/27/20213.73.7Synology DiskStation Manager HTTP Session cleartext transmission$0-$5k$0-$5kNot DefinedOfficial Fix3.06CVE-2021-26565
02/27/20213.13.1Synology DiskStation Manager HTTP Session channel accessible$0-$5k$0-$5kNot DefinedOfficial Fix3.13CVE-2021-26564
02/27/20213.33.3Synology DiskStation Manager Kernel Module access control$0-$5k$0-$5kNot DefinedOfficial Fix3.15CVE-2021-26563
02/27/20218.18.1Synology DiskStation Manager HTTP Header out-of-bounds write$0-$5k$0-$5kNot DefinedOfficial Fix2.89CVE-2021-26562
02/27/20218.18.1Synology DiskStation Manager HTTP Header stack-based overflow$0-$5k$0-$5kNot DefinedOfficial Fix2.95CVE-2021-26561
02/27/20213.73.7Synology DiskStation Manager HTTP Session channel accessible$0-$5k$0-$5kNot DefinedOfficial Fix3.24CVE-2021-26560
02/27/20213.53.5SaltStack Salt salt.modules.cmdmod log file$0-$5k$0-$5kNot DefinedOfficial Fix2.91CVE-2021-25284
02/27/20215.55.5SaltStack Salt Jinja Renderer injection$0-$5k$0-$5kNot DefinedOfficial Fix2.47CVE-2021-25283
02/27/20215.55.5SaltStack Salt salt.wheel.pillar_roots.write pathname traversal$0-$5k$0-$5kNot DefinedOfficial Fix2.52CVE-2021-25282
02/27/20216.36.3SaltStack Salt salt-api Remote Privilege Escalation$0-$5k$0-$5kNot DefinedOfficial Fix2.49CVE-2021-25281
02/27/20217.37.3Redis integer overflow$0-$5k$0-$5kNot DefinedOfficial Fix2.39CVE-2021-21309
02/27/20217.17.1PrestaShop Soft Logout System improper authentication$0-$5k$0-$5kNot DefinedOfficial Fix3.02CVE-2021-21308
02/27/20216.36.3PrestaShop Admin Panel csv injection$0-$5k$0-$5kNot DefinedOfficial Fix3.02CVE-2021-21302
02/27/20217.87.8Google Android cameraisp out-of-bounds write$25k-$100k$5k-$25kNot DefinedOfficial Fix3.15CVE-2021-0406
02/27/20217.87.8Google Android Performance Driver out-of-bounds write$25k-$100k$5k-$25kNot DefinedOfficial Fix3.05CVE-2021-0405
02/27/20213.33.3Google Android mobile_log_d information disclosure$5k-$25k$0-$5kNot DefinedOfficial Fix2.93CVE-2021-0404
02/27/20213.33.3Google Android netdiag information disclosure$5k-$25k$0-$5kNot DefinedOfficial Fix2.96CVE-2021-0403
02/27/20217.87.8Google Android jpeg out-of-bounds write$25k-$100k$5k-$25kNot DefinedOfficial Fix2.75CVE-2021-0402
02/27/20217.87.8Google Android vow memory corruption$25k-$100k$5k-$25kNot DefinedOfficial Fix2.84CVE-2021-0401
02/27/20217.87.8Google Android vpu memory corruption$25k-$100k$5k-$25kNot DefinedOfficial Fix3.06CVE-2021-0367
02/27/20217.87.8Google Android vpu memory corruption$25k-$100k$5k-$25kNot DefinedOfficial Fix2.81CVE-2021-0366
02/27/20216.36.3Zenphoto CMS Uploader Plugin unrestricted upload$0-$5k$0-$5kNot DefinedNot Defined2.14CVE-2020-36079
02/27/20215.65.6SaltStack Salt certificate validation$0-$5k$0-$5kNot DefinedOfficial Fix2.36CVE-2020-35662
02/27/20215.65.6SaltStack Salt certificate validation$0-$5k$0-$5kNot DefinedOfficial Fix2.46CVE-2020-28972
02/27/20215.35.3SaltStack Salt Process Name command injection$0-$5k$0-$5kNot DefinedOfficial Fix2.36CVE-2020-28243
02/27/20214.34.3GNU C Library Mutlibyte iconv infinite loop$0-$5k$0-$5kNot DefinedNot Defined2.01CVE-2020-27618
02/27/20213.53.5Eclipse Jetty Accept Header algorithmic complexity$0-$5k$0-$5kNot DefinedNot Defined2.33CVE-2020-27223
02/27/20214.34.3Scytl sVote X-Forwarded-For Header injection$0-$5k$0-$5kNot DefinedNot Defined2.17CVE-2019-25023
02/27/20215.55.5Scytl sVote Event Alias Runtime.getRuntime.exec code injection$0-$5k$0-$5kNot DefinedNot Defined1.96CVE-2019-25022
02/27/20216.36.3Scytl sVote Database Manager hard-coded password$0-$5k$0-$5kNot DefinedNot Defined3.05CVE-2019-25021
02/27/20214.34.3Scytl sVote sdm-ws-rest API preconfiguration improper authentication$0-$5k$0-$5kNot DefinedWorkaround1.91CVE-2019-25020
02/27/20213.53.3OpenText Content Server cross site scripting$0-$5k$0-$5kProof-of-ConceptNot Defined3.09CVE-2021-3010
02/27/20216.36.3LMA ISIDA Retriever sql injection$0-$5k$0-$5kNot DefinedNot Defined2.66CVE-2021-26904
02/27/20213.53.5LMA ISIDA Retriever cross site scripting$0-$5k$0-$5kNot DefinedNot Defined1.88CVE-2021-26903

Want to stay up to date on a daily basis?

Enable the mail alert feature now!