Live Recent

Timeframe: 02/23/2021 09:19 PM - 02/24/2021 09:19 PM (60 Entries)

Next Refresh: 02/24/2021 10:19 PM

Timeline

The analysis of the timeline helps to identify the required approach and handling of single vulnerabilities and vulnerability collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Initiating immediate vulnerability response and prioritizing of issues is possible.

CVSSv3 Base »

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

Exploit 0-day »

The moderation team is working with the threat intelligence team to determine prices for exploits. Our unique algorithm is used to identify the 0-day prices for an exploit, before it got distributed or became public. Calculated prices are aligned to prices disclosed by vulnerability broker and compared to prices we see on exploit markets.

🔴 CTI Activities »

Our unique Cyber Threat Intelligence aims to determine the ongoing research of actors to anticipiate their acitivities. Observing exploit markets on the Darknet, discussions of vulnerabilities on mailinglists, and exchanges on social media makes it possible to identify planned attacks. Monitored actors and activities are classified whether they are offensive or defensive. They are also weighted as some actors are well-known for certain products and technologies. And some of their disclosures might contain more or less details about technical aspects and personal context. The world map highlights active actors in real-time.

Created	Status		Vulnerability	Base	0day	Exp	Rem	CTI	CVE
08:49 PM	approved	100%	Artifact Repository Parameter Plugin cross site scripting	3.5	$0-$5k	Not Defined	Not Defined	0.83+	CVE-2021-21622
08:48 PM	approved	100%	Jenkins Support Core Plugin insertion of sensitive information into sent data	4.3	$0-$5k	Not Defined	Not Defined	0.78+	CVE-2021-21621
08:48 PM	approved	100%	Claim Plugin cross-site request forgery	3.5	$0-$5k	Not Defined	Not Defined	0.83+	CVE-2021-21620
08:47 PM	approved	100%	Claim Plugin Display Name cross site scripting	3.5	$0-$5k	Not Defined	Not Defined	0.83+	CVE-2021-21619
08:46 PM	approved	100%	Repository Connector Plugin Permission cross site scripting	3.5	$0-$5k	Not Defined	Not Defined	0.83+	CVE-2021-21618
08:44 PM	approved	100%	Configuration Slicing Plugin cross-site request forgery	3.5	$0-$5k	Not Defined	Not Defined	0.89+	CVE-2021-21617
08:44 PM	approved	100%	Active Choices Plugin cross site scripting	3.5	$0-$5k	Not Defined	Not Defined	0.89+	CVE-2021-21616
08:41 PM	approved	100%	Helpcom hard-coded key	5.5	$0-$5k	Not Defined	Official Fix	1.16+	CVE-2020-7846
08:40 PM	approved	100%	Voiceye WSActiveBridgeES stack-based overflow	5.3	$0-$5k	Not Defined	Official Fix	1.05+	CVE-2020-7836
08:38 PM	approved	100%	IBM MQ Message denial of service	4.3	$0-$5k	Not Defined	Not Defined	1.11+	CVE-2020-4931
08:37 PM	approved	100%	Openscad STL File import_stl.cc import_stl stack-based overflow	6.3	$0-$5k	Not Defined	Not Defined	0.89+	CVE-2020-28599
08:36 PM	approved	100%	Eclipse Theia Markdown cross site scripting	3.5	$0-$5k	Not Defined	Not Defined	0.94+	CVE-2020-27224
08:35 PM	approved	100%	CoolKit eWeLink Quick Pairing Mode inadequate encryption	2.1	$0-$5k	Proof-of-Concept	Not Defined	0.94+	CVE-2020-12702
08:34 PM	approved	100%	Apache XmlGraphics Commons XMPParser server-side request forgery	5.5	$5k-$25k	Not Defined	Not Defined	1.00+	CVE-2020-11988
08:33 PM	approved	100%	Apache Batik NodePickerPanel server-side request forgery	5.5	$5k-$25k	Not Defined	Not Defined	0.89+	CVE-2020-11987
03:01 PM	approved	100%	Contec SolarView Compact SV-CPT-MC310 improper authentication	6.3	$0-$5k	Not Defined	Official Fix	2.94	CVE-2021-20662
03:00 PM	approved	100%	Contec SolarView Compact SV-CPT-MC310 pathname traversal	5.5	$0-$5k	Not Defined	Official Fix	2.94	CVE-2021-20661
03:00 PM	approved	100%	Contec SolarView Compact SV-CPT-MC310 cross site scripting	3.5	$0-$5k	Not Defined	Official Fix	2.83	CVE-2021-20660
03:00 PM	approved	100%	Contec SolarView Compact SV-CPT-MC310 PHP Script unrestricted upload	5.5	$0-$5k	Not Defined	Official Fix	2.89	CVE-2021-20659
02:59 PM	approved	100%	Contec SolarView Compact SV-CPT-MC310 Web Server os command injection	5.5	$0-$5k	Not Defined	Official Fix	3.00	CVE-2021-20658
02:59 PM	approved	100%	Contec SolarView Compact SV-CPT-MC310 access control	5.5	$0-$5k	Not Defined	Official Fix	2.82	CVE-2021-20657
02:58 PM	approved	100%	Contec SolarView Compact SV-CPT-MC310 information disclosure	3.5	$0-$5k	Not Defined	Official Fix	2.54	CVE-2021-20656
09:40 AM	approved	100%	libcaca canvas.c caca_resize buffer overflow	5.3	$0-$5k	Not Defined	Not Defined	4.07	CVE-2021-3410
09:39 AM	approved	100%	Artifex MuPDF memory corruption	5.5	$0-$5k	Not Defined	Official Fix	4.05	CVE-2021-3407
09:38 AM	approved	100%	libEBML ReadData heap-based overflow	5.5	$0-$5k	Not Defined	Official Fix	3.69	CVE-2021-3405
09:37 AM	approved	100%	Directus Password Reset information disclosure	3.5	$0-$5k	Not Defined	Workaround	3.76	CVE-2021-27583
09:36 AM	approved	100%	Jasper jp2_dec.c jp2_decode null pointer dereference	3.5	$0-$5k	Not Defined	Official Fix	3.52	CVE-2021-26927
09:35 AM	approved	100%	Aruba ClearPass Policy Manager Web-based Management Interface command injection	8.8	$0-$5k	Not Defined	Official Fix	4.61	CVE-2021-26680
09:35 AM	approved	100%	Aruba ClearPass Policy Manager Web-based Management Interface command injection	8.8	$0-$5k	Not Defined	Official Fix	4.68	CVE-2021-26679
09:34 AM	approved	100%	Aruba ClearPass Policy Manager OnGuard Local Privilege Escalation	7.8	$0-$5k	Not Defined	Official Fix	5.66	CVE-2021-26677
09:30 AM	approved	100%	Directus api-aa information disclosure	3.5	$0-$5k	Not Defined	Not Defined	4.62	CVE-2021-26595
09:11 AM	approved	100%	Directus PATCH Method unknown vulnerability	5.5	$0-$5k	Not Defined	Workaround	5.60-	CVE-2021-26594
09:10 AM	approved	100%	Directus API {id} information disclosure	3.5	$0-$5k	Not Defined	Not Defined	4.95-	CVE-2021-26593
09:08 AM	approved	100%	UniFi Protect Controller denial of service	3.5	$0-$5k	Not Defined	Official Fix	4.99-	CVE-2021-22882
09:07 AM	approved	100%	VMware Spring Security security check for standard	4.3	$5k-$25k	Not Defined	Official Fix	5.16-	CVE-2021-22112
09:04 AM	approved	100%	Brave Web Browser Proxy information disclosure	4.3	$0-$5k	Not Defined	Official Fix	4.55-	CVE-2021-21323
09:02 AM	approved	100%	Red Hat Satellite BMC Interface information disclosure	3.3	$0-$5k	Not Defined	Not Defined	5.44-	CVE-2021-20256
09:00 AM	approved	100%	Red Hat 3scale API Management Platform Backend resource consumption	3.5	$0-$5k	Not Defined	Not Defined	5.07-	CVE-2021-20252
08:59 AM	approved	100%	mbsync Mailbox Name Validator path traversal	5.5	$0-$5k	Not Defined	Official Fix	4.44-	CVE-2021-20247
08:58 AM	approved	100%	Linux Kernel BPF __cgroup_bpf_run_filter_getsockopt heap-based overflow	4.5	$5k-$25k	Not Defined	Workaround	5.11-	CVE-2021-20194
08:56 AM	approved	100%	Openshift ose-docker-builder file access	3.5	$0-$5k	Not Defined	Not Defined	5.27-	CVE-2021-20182
08:54 AM	approved	100%	Nextcloud Deck resource injection	5.5	$0-$5k	Not Defined	Official Fix	5.07-	CVE-2020-8297
08:52 AM	approved	100%	Aruba ClearPass Policy Manager OnGuard buffer overflow	5.3	$0-$5k	Not Defined	Official Fix	4.60-	CVE-2020-7120
08:52 AM	approved	100%	SoftMaker Office PlanMaker Document heap-based overflow	6.3	$0-$5k	Not Defined	Not Defined	4.33-	CVE-2020-28587
08:51 AM	approved	100%	Undertow AJP Connector denial of service	3.5	$0-$5k	Not Defined	Not Defined	4.63-	CVE-2020-27782
08:50 AM	approved	100%	KACO New Energy XP100U information disclosure	3.5	$0-$5k	Proof-of-Concept	Not Defined	5.00-	CVE-2021-3252
08:48 AM	approved	100%	MITREid Connect OpenID Connect Server OAuthConfirmationController.java improper authorization	5.5	$0-$5k	Not Defined	Official Fix	4.46-	CVE-2021-27582
08:45 AM	approved	100%	Snow Inventory Agent Configuration unknown vulnerability	5.5	$0-$5k	Not Defined	Not Defined	6.94-	CVE-2021-27579
08:42 AM	approved	100%	Polaris Office PDF File PolarisOffice.exe divide by zero	4.3	$0-$5k	Not Defined	Not Defined	5.22-	CVE-2021-27550
07:35 AM	approved	100%	Jasper jp2_decode out-of-bounds read	5.5	$0-$5k	Not Defined	Official Fix	4.83-	CVE-2021-26926

Live Recent

Timeline

CVSSv3 Base »

Exploit 0-day »

🔴 CTI Activities »

🔒 Login Required

Interested in the pricing of exploits?