Live Archive

Timeframe: 02/26/2021 10:35 AM - 02/28/2021 10:35 AM (44 Entries)

Next Refresh: 02/28/2021 11:35 AM

CVSSv3 Base »

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

Exploit 0-day »

The moderation team is working with the threat intelligence team to determine prices for exploits. Our unique algorithm is used to identify the 0-day prices for an exploit, before it got distributed or became public. Calculated prices are aligned to prices disclosed by vulnerability broker and compared to prices we see on exploit markets.

🔴 CTI Activities »

Our unique Cyber Threat Intelligence aims to determine the ongoing research of actors to anticipiate their acitivities. Observing exploit markets on the Darknet, discussions of vulnerabilities on mailinglists, and exchanges on social media makes it possible to identify planned attacks. Monitored actors and activities are classified whether they are offensive or defensive. They are also weighted as some actors are well-known for certain products and technologies. And some of their disclosures might contain more or less details about technical aspects and personal context. The world map highlights active actors in real-time.

Published	Base	Temp	Vulnerability	0day	Today	Exp	Rem	CTI	CVE
02/27/2021	5.5	5.5	SerComm Combo VD625 HTTP Header injection	$0-$5k	$0-$5k	Not Defined	Not Defined	4.21-	CVE-2021-27132
02/27/2021	5.5	5.5	SaltStack Salt SSH Client os command injection	$0-$5k	$0-$5k	Not Defined	Official Fix	4.34	CVE-2021-3197
02/27/2021	3.5	3.5	i-doit cross site scripting	$0-$5k	$0-$5k	Not Defined	Official Fix	4.27	CVE-2021-3151
02/27/2021	5.5	5.5	SaltStack Salt API thin.py salt.utils.thin.gen_thin command injection	$0-$5k	$0-$5k	Not Defined	Official Fix	3.69	CVE-2021-3148
02/27/2021	5.5	5.5	SaltStack Salt eauth Token unknown vulnerability	$0-$5k	$0-$5k	Not Defined	Official Fix	4.53	CVE-2021-3144
02/27/2021	4.0	4.0	wpa_supplicant P2P Provision Discovery Request p2p_pd.c denial of service	$0-$5k	$0-$5k	Not Defined	Official Fix	3.49	CVE-2021-27803
02/27/2021	5.5	5.5	Zint Barcode Generator C API upcean.c ean_leading_zeroes buffer overflow	$0-$5k	$0-$5k	Not Defined	Official Fix	2.46	CVE-2021-27799
02/27/2021	7.3	7.3	Visualware MyConnection Server Web Service unrestricted upload	$0-$5k	$0-$5k	Not Defined	Not Defined	2.20	CVE-2021-27198
02/27/2021	6.3	6.3	Synology DiskStation Manager faad path traversal	$0-$5k	$0-$5k	Not Defined	Official Fix	2.78	CVE-2021-26567
02/27/2021	5.6	5.6	Synology DiskStation Manager synorelayd insertion of sensitive information into sent data	$0-$5k	$0-$5k	Not Defined	Official Fix	10.00	CVE-2021-26566
02/27/2021	3.7	3.7	Synology DiskStation Manager HTTP Session cleartext transmission	$0-$5k	$0-$5k	Not Defined	Official Fix	3.06	CVE-2021-26565
02/27/2021	3.1	3.1	Synology DiskStation Manager HTTP Session channel accessible	$0-$5k	$0-$5k	Not Defined	Official Fix	3.13	CVE-2021-26564
02/27/2021	3.3	3.3	Synology DiskStation Manager Kernel Module access control	$0-$5k	$0-$5k	Not Defined	Official Fix	3.15	CVE-2021-26563
02/27/2021	8.1	8.1	Synology DiskStation Manager HTTP Header out-of-bounds write	$0-$5k	$0-$5k	Not Defined	Official Fix	2.89	CVE-2021-26562
02/27/2021	8.1	8.1	Synology DiskStation Manager HTTP Header stack-based overflow	$0-$5k	$0-$5k	Not Defined	Official Fix	2.95	CVE-2021-26561
02/27/2021	3.7	3.7	Synology DiskStation Manager HTTP Session channel accessible	$0-$5k	$0-$5k	Not Defined	Official Fix	3.24	CVE-2021-26560
02/27/2021	3.5	3.5	SaltStack Salt salt.modules.cmdmod log file	$0-$5k	$0-$5k	Not Defined	Official Fix	2.91	CVE-2021-25284
02/27/2021	5.5	5.5	SaltStack Salt Jinja Renderer injection	$0-$5k	$0-$5k	Not Defined	Official Fix	2.47	CVE-2021-25283
02/27/2021	5.5	5.5	SaltStack Salt salt.wheel.pillar_roots.write pathname traversal	$0-$5k	$0-$5k	Not Defined	Official Fix	2.52	CVE-2021-25282
02/27/2021	6.3	6.3	SaltStack Salt salt-api Remote Privilege Escalation	$0-$5k	$0-$5k	Not Defined	Official Fix	2.49	CVE-2021-25281
02/27/2021	7.3	7.3	Redis integer overflow	$0-$5k	$0-$5k	Not Defined	Official Fix	2.39	CVE-2021-21309
02/27/2021	7.1	7.1	PrestaShop Soft Logout System improper authentication	$0-$5k	$0-$5k	Not Defined	Official Fix	3.02	CVE-2021-21308
02/27/2021	6.3	6.3	PrestaShop Admin Panel csv injection	$0-$5k	$0-$5k	Not Defined	Official Fix	3.02	CVE-2021-21302
02/27/2021	7.8	7.8	Google Android cameraisp out-of-bounds write	$25k-$100k	$5k-$25k	Not Defined	Official Fix	3.15	CVE-2021-0406
02/27/2021	7.8	7.8	Google Android Performance Driver out-of-bounds write	$25k-$100k	$5k-$25k	Not Defined	Official Fix	3.05	CVE-2021-0405
02/27/2021	3.3	3.3	Google Android mobile_log_d information disclosure	$5k-$25k	$0-$5k	Not Defined	Official Fix	2.93	CVE-2021-0404
02/27/2021	3.3	3.3	Google Android netdiag information disclosure	$5k-$25k	$0-$5k	Not Defined	Official Fix	2.96	CVE-2021-0403
02/27/2021	7.8	7.8	Google Android jpeg out-of-bounds write	$25k-$100k	$5k-$25k	Not Defined	Official Fix	2.75	CVE-2021-0402
02/27/2021	7.8	7.8	Google Android vow memory corruption	$25k-$100k	$5k-$25k	Not Defined	Official Fix	2.84	CVE-2021-0401
02/27/2021	7.8	7.8	Google Android vpu memory corruption	$25k-$100k	$5k-$25k	Not Defined	Official Fix	3.06	CVE-2021-0367
02/27/2021	7.8	7.8	Google Android vpu memory corruption	$25k-$100k	$5k-$25k	Not Defined	Official Fix	2.81	CVE-2021-0366
02/27/2021	6.3	6.3	Zenphoto CMS Uploader Plugin unrestricted upload	$0-$5k	$0-$5k	Not Defined	Not Defined	2.14	CVE-2020-36079
02/27/2021	5.6	5.6	SaltStack Salt certificate validation	$0-$5k	$0-$5k	Not Defined	Official Fix	2.36	CVE-2020-35662
02/27/2021	5.6	5.6	SaltStack Salt certificate validation	$0-$5k	$0-$5k	Not Defined	Official Fix	2.46	CVE-2020-28972
02/27/2021	5.3	5.3	SaltStack Salt Process Name command injection	$0-$5k	$0-$5k	Not Defined	Official Fix	2.36	CVE-2020-28243
02/27/2021	4.3	4.3	GNU C Library Mutlibyte iconv infinite loop	$0-$5k	$0-$5k	Not Defined	Not Defined	2.01	CVE-2020-27618
02/27/2021	3.5	3.5	Eclipse Jetty Accept Header algorithmic complexity	$0-$5k	$0-$5k	Not Defined	Not Defined	2.33	CVE-2020-27223
02/27/2021	4.3	4.3	Scytl sVote X-Forwarded-For Header injection	$0-$5k	$0-$5k	Not Defined	Not Defined	2.17	CVE-2019-25023
02/27/2021	5.5	5.5	Scytl sVote Event Alias Runtime.getRuntime.exec code injection	$0-$5k	$0-$5k	Not Defined	Not Defined	1.96	CVE-2019-25022
02/27/2021	6.3	6.3	Scytl sVote Database Manager hard-coded password	$0-$5k	$0-$5k	Not Defined	Not Defined	3.05	CVE-2019-25021
02/27/2021	4.3	4.3	Scytl sVote sdm-ws-rest API preconfiguration improper authentication	$0-$5k	$0-$5k	Not Defined	Workaround	1.91	CVE-2019-25020
02/27/2021	3.5	3.3	OpenText Content Server cross site scripting	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	3.09	CVE-2021-3010
02/27/2021	6.3	6.3	LMA ISIDA Retriever sql injection	$0-$5k	$0-$5k	Not Defined	Not Defined	2.66	CVE-2021-26904
02/27/2021	3.5	3.5	LMA ISIDA Retriever cross site scripting	$0-$5k	$0-$5k	Not Defined	Not Defined	1.88	CVE-2021-26903

◂ Previous OverviewNext ▸

Want to stay up to date on a daily basis?

Enable the mail alert feature now!