Live Archive

Timeframe: 09/26/2021 12:14 AM - 09/28/2021 12:14 AM (63 Entries)
Next Refresh: 09/28/2021 01:14 AM

CVSSv3 Base »

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

Exploit 0-day »

The moderation team is working with the threat intelligence team to determine prices for exploits. Our unique algorithm is used to identify the 0-day prices for an exploit, before it got distributed or became public. Calculated prices are aligned to prices disclosed by vulnerability broker and compared to prices we see on exploit markets.

🔴 CTI Activities »

Our unique Cyber Threat Intelligence aims to determine the ongoing research of actors to anticipiate their acitivities. Observing exploit markets on the Darknet, discussions of vulnerabilities on mailinglists, and exchanges on social media makes it possible to identify planned attacks. Monitored actors and activities are classified whether they are offensive or defensive. They are also weighted as some actors are well-known for certain products and technologies. And some of their disclosures might contain more or less details about technical aspects and personal context. The world map highlights active actors in real-time.

PublishedBaseTempVulnerability0dayTodayExpRemCTICVE
09/27/20216.36.0Zoom Client for Meetings Installer access control$5k-$25k$0-$5kNot DefinedOfficial Fix1.03+CVE-2021-34412
09/27/20216.36.0Zoom Rooms for Conference Room Installer access control$5k-$25k$0-$5kNot DefinedOfficial Fix0.58+CVE-2021-34411
09/27/20216.36.0Zoom Client for Meetings Installation access control$5k-$25k$0-$5kNot DefinedOfficial Fix0.55+CVE-2021-34408
09/27/20214.64.4SKALE sgxwallet trustedEcdsaSign initialization$0-$5k$0-$5kNot DefinedOfficial Fix0.70CVE-2021-36219
09/27/20215.55.3SKALE sgxwallet sgx_disp_ippsAES_GCMEncrypt out-of-bounds write$0-$5k$0-$5kNot DefinedOfficial Fix0.67CVE-2021-36218
09/27/20214.74.5Zoom On-Premise Meeting Connector Controller os command injection$5k-$25k$0-$5kNot DefinedOfficial Fix0.70CVE-2021-34416
09/27/20214.34.1Zoom On-Premise Meeting Connector Controller Zone Controller Service resource consumption$0-$5k$0-$5kNot DefinedOfficial Fix0.70CVE-2021-34415
09/27/20214.74.5Zoom On-Premise Meeting Connector Controller Network Proxy Page os command injection$5k-$25k$0-$5kNot DefinedOfficial Fix0.58CVE-2021-34414
09/27/20216.36.0Zoom Client for Meetings Installation access control$5k-$25k$0-$5kNot DefinedOfficial Fix0.94CVE-2021-34409
09/27/20215.95.8ABB ControlTouch Firmware Update information disclosure$0-$5k$0-$5kNot DefinedOfficial Fix0.43CVE-2021-22272
09/27/20216.36.0Zoho ManageEngine ADManager Plus Privilege Escalation$0-$5k$0-$5kNot DefinedOfficial Fix0.49CVE-2021-37539
09/27/20217.37.0Zoom Client for Meetings MSI File signature verification$5k-$25k$0-$5kNot DefinedOfficial Fix0.55CVE-2021-33907
09/27/20214.34.3uListing Plugin Update Setting cross-site request forgery$0-$5k$0-$5kNot DefinedNot Defined0.49CVE-2021-36878
09/27/20213.53.5HPE StoreOnce cross site scripting$0-$5k$0-$5kNot DefinedNot Defined0.52CVE-2021-26587
09/27/20215.04.8Zoom Plugin for Microsoft Outlook Plugin Installation toctou$0-$5k$0-$5kNot DefinedOfficial Fix0.52CVE-2021-34413
09/27/20218.07.6Zoom Plugin for Microsoft Outlook Installation access control$5k-$25k$0-$5kNot DefinedOfficial Fix1.04CVE-2021-34410
09/27/20214.34.1Firefly III cross-site request forgery$0-$5k$0-$5kNot DefinedOfficial Fix0.61CVE-2021-3819
09/27/20214.24.0Mediat MT6893 m4u use after free$0-$5k$0-$5kNot DefinedOfficial Fix0.58CVE-2021-0612
09/27/20214.24.0MediaTek MT6893 m4u use after free$0-$5k$0-$5kNot DefinedOfficial Fix0.55CVE-2021-0611
09/27/20215.35.1MediaTek MT6893 Memory Management Driver integer overflow$0-$5k$0-$5kNot DefinedOfficial Fix0.52CVE-2021-0610
09/27/20215.55.3MediaTek MT6893 Memory Management Driver resource consumption$0-$5k$0-$5kNot DefinedOfficial Fix0.58CVE-2021-0424
09/27/20213.33.2MediaTek MT6893 Memory Management Driver denial of service$0-$5k$0-$5kNot DefinedOfficial Fix0.55CVE-2021-0422
09/27/20213.53.4Concrete CMS Calendar save cross-site request forgery$0-$5k$0-$5kNot DefinedOfficial Fix0.64CVE-2021-40108
09/27/20214.34.1Concrete CMS Blog Comment cross site scripting$0-$5k$0-$5kNot DefinedOfficial Fix0.58CVE-2021-40106
09/27/20213.53.4Concrete CMS Markdown Comment cross site scripting$0-$5k$0-$5kNot DefinedOfficial Fix0.55CVE-2021-40105
09/27/20216.46.3nltk incorrect regex$0-$5k$0-$5kNot DefinedOfficial Fix0.64CVE-2021-3828
09/27/20215.35.2jsoneditor incorrect regex$0-$5k$0-$5kNot DefinedOfficial Fix0.61CVE-2021-3822
09/27/20215.35.1inflect incorrect regex$0-$5k$0-$5kNot DefinedOfficial Fix0.55CVE-2021-3820
09/27/20216.36.1grav cookie validation$0-$5k$0-$5kNot DefinedOfficial Fix0.46CVE-2021-3818
09/27/20215.55.3grav-plugin-admin improper restriction of rendered ui layers$0-$5k$0-$5kNot DefinedOfficial Fix0.49CVE-2021-3799
09/27/20215.55.5Oppo Battery Application Third-Party SDK Privilege Escalation$0-$5k$0-$5kNot DefinedNot Defined0.49CVE-2021-23243
09/27/20215.55.3Concrete CMS SVG Sanitizer Privilege Escalation$0-$5k$0-$5kNot DefinedOfficial Fix0.61CVE-2021-40104
09/27/20215.55.3Concrete CMS path traversal$0-$5k$0-$5kNot DefinedOfficial Fix0.76CVE-2021-40103
09/27/20213.33.2MediaTek MT6893 Memory Management Driver information disclosure$0-$5k$0-$5kNot DefinedOfficial Fix0.61CVE-2021-0425
09/27/20213.33.2MediaTek MT6893 Memory Management Driver information disclosure$0-$5k$0-$5kNot DefinedOfficial Fix0.52CVE-2021-0423
09/27/20213.33.2MediaTek MT6893 Memory Management Driver information disclosure$0-$5k$0-$5kNot DefinedOfficial Fix0.58CVE-2021-0421
09/27/20216.36.0Concrete CMS Upload File server-side request forgery$0-$5k$0-$5kNot DefinedOfficial Fix0.67CVE-2021-40109
09/27/20212.42.3MediaTek MT6779/MT6853/MT6873/MT6885 CCU out-of-bounds read$0-$5k$0-$5kNot DefinedOfficial Fix0.64CVE-2021-0660
09/27/20216.36.0Concrete CMS Regular Expression path traversal$0-$5k$0-$5kNot DefinedOfficial Fix0.61CVE-2021-40098
09/27/20216.36.0Concrete CMS Parameter path traversal$0-$5k$0-$5kNot DefinedOfficial Fix0.58CVE-2021-40097
09/27/20213.53.4F5 BIG-IP APM Resource Information Page cross site scripting$0-$5k$0-$5kNot DefinedOfficial Fix1.51CVE-2021-23054
09/27/20213.13.0Linux Kernel Timer Tree timerqueue.c timerqueue_add initialization$0-$5k$0-$5kNot DefinedOfficial Fix1.41CVE-2021-20317
09/27/20215.04.8Asus ROG Armoury Crate Lite GamingCenterLib uncontrolled search path$0-$5k$0-$5kNot DefinedOfficial Fix1.53CVE-2021-40981
09/27/20215.04.8passport-oauth2 OAuth Identity Provider improper authentication$0-$5k$0-$5kNot DefinedOfficial Fix4.20CVE-2021-41580
09/27/20215.55.5Securonix SNYPR Third Party Intelligence Connector server-side request forgery$0-$5k$0-$5kNot DefinedNot Defined1.16CVE-2021-41385
09/27/20212.62.5Datalust Seq View Filter information disclosure$0-$5k$0-$5kNot DefinedOfficial Fix1.25CVE-2021-41329
09/27/20215.55.3Webauthn Authenticator FIDO2 Authenticator access control$0-$5k$0-$5kNot DefinedOfficial Fix1.19CVE-2021-38299
09/27/20217.87.6Phoenix Contact PLCnext JSON Request denial of service$0-$5k$0-$5kNot DefinedOfficial Fix1.19CVE-2021-34570
09/27/20213.53.4furlongm openvpn-monitor Management Interface Socket command injection$0-$5k$0-$5kNot DefinedNot Defined0.86CVE-2021-31605
09/27/20213.53.4furlongm openvpn-monitor cross-site request forgery$0-$5k$0-$5kNot DefinedNot Defined1.16CVE-2021-31604

Do you know our Splunk app?

Download it now for free!