Live Recent

Timeframe: 02/23/2021 09:19 PM - 02/24/2021 09:19 PM (60 Entries)
Next Refresh: 02/24/2021 10:19 PM

Timeline

The analysis of the timeline helps to identify the required approach and handling of single vulnerabilities and vulnerability collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Initiating immediate vulnerability response and prioritizing of issues is possible.

CVSSv3 Base »

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

Exploit 0-day »

The moderation team is working with the threat intelligence team to determine prices for exploits. Our unique algorithm is used to identify the 0-day prices for an exploit, before it got distributed or became public. Calculated prices are aligned to prices disclosed by vulnerability broker and compared to prices we see on exploit markets.

🔴 CTI Activities »

Our unique Cyber Threat Intelligence aims to determine the ongoing research of actors to anticipiate their acitivities. Observing exploit markets on the Darknet, discussions of vulnerabilities on mailinglists, and exchanges on social media makes it possible to identify planned attacks. Monitored actors and activities are classified whether they are offensive or defensive. They are also weighted as some actors are well-known for certain products and technologies. And some of their disclosures might contain more or less details about technical aspects and personal context. The world map highlights active actors in real-time.

CreatedStatus VulnerabilityBase0dayExpRemCTICVE
08:49 PMapproved
100%
Artifact Repository Parameter Plugin cross site scripting3.5$0-$5kNot DefinedNot Defined0.83+CVE-2021-21622
08:48 PMapproved
100%
Jenkins Support Core Plugin insertion of sensitive information into sent data4.3$0-$5kNot DefinedNot Defined0.78+CVE-2021-21621
08:48 PMapproved
100%
Claim Plugin cross-site request forgery3.5$0-$5kNot DefinedNot Defined0.83+CVE-2021-21620
08:47 PMapproved
100%
Claim Plugin Display Name cross site scripting3.5$0-$5kNot DefinedNot Defined0.83+CVE-2021-21619
08:46 PMapproved
100%
Repository Connector Plugin Permission cross site scripting3.5$0-$5kNot DefinedNot Defined0.83+CVE-2021-21618
08:44 PMapproved
100%
Configuration Slicing Plugin cross-site request forgery3.5$0-$5kNot DefinedNot Defined0.89+CVE-2021-21617
08:44 PMapproved
100%
Active Choices Plugin cross site scripting3.5$0-$5kNot DefinedNot Defined0.89+CVE-2021-21616
08:41 PMapproved
100%
Helpcom hard-coded key5.5$0-$5kNot DefinedOfficial Fix1.16+CVE-2020-7846
08:40 PMapproved
100%
Voiceye WSActiveBridgeES stack-based overflow5.3$0-$5kNot DefinedOfficial Fix1.05+CVE-2020-7836
08:38 PMapproved
100%
IBM MQ Message denial of service4.3$0-$5kNot DefinedNot Defined1.11+CVE-2020-4931
08:37 PMapproved
100%
Openscad STL File import_stl.cc import_stl stack-based overflow6.3$0-$5kNot DefinedNot Defined0.89+CVE-2020-28599
08:36 PMapproved
100%
Eclipse Theia Markdown cross site scripting3.5$0-$5kNot DefinedNot Defined0.94+CVE-2020-27224
08:35 PMapproved
100%
CoolKit eWeLink Quick Pairing Mode inadequate encryption2.1$0-$5kProof-of-ConceptNot Defined0.94+CVE-2020-12702
08:34 PMapproved
100%
Apache XmlGraphics Commons XMPParser server-side request forgery5.5$5k-$25kNot DefinedNot Defined1.00+CVE-2020-11988
08:33 PMapproved
100%
Apache Batik NodePickerPanel server-side request forgery5.5$5k-$25kNot DefinedNot Defined0.89+CVE-2020-11987
03:01 PMapproved
100%
Contec SolarView Compact SV-CPT-MC310 improper authentication6.3$0-$5kNot DefinedOfficial Fix2.94CVE-2021-20662
03:00 PMapproved
100%
Contec SolarView Compact SV-CPT-MC310 pathname traversal5.5$0-$5kNot DefinedOfficial Fix2.94CVE-2021-20661
03:00 PMapproved
100%
Contec SolarView Compact SV-CPT-MC310 cross site scripting3.5$0-$5kNot DefinedOfficial Fix2.83CVE-2021-20660
03:00 PMapproved
100%
Contec SolarView Compact SV-CPT-MC310 PHP Script unrestricted upload5.5$0-$5kNot DefinedOfficial Fix2.89CVE-2021-20659
02:59 PMapproved
100%
Contec SolarView Compact SV-CPT-MC310 Web Server os command injection5.5$0-$5kNot DefinedOfficial Fix3.00CVE-2021-20658
02:59 PMapproved
100%
Contec SolarView Compact SV-CPT-MC310 access control5.5$0-$5kNot DefinedOfficial Fix2.82CVE-2021-20657
02:58 PMapproved
100%
Contec SolarView Compact SV-CPT-MC310 information disclosure3.5$0-$5kNot DefinedOfficial Fix2.54CVE-2021-20656
09:40 AMapproved
100%
libcaca canvas.c caca_resize buffer overflow5.3$0-$5kNot DefinedNot Defined4.07CVE-2021-3410
09:39 AMapproved
100%
Artifex MuPDF memory corruption5.5$0-$5kNot DefinedOfficial Fix4.05CVE-2021-3407
09:38 AMapproved
100%
libEBML ReadData heap-based overflow5.5$0-$5kNot DefinedOfficial Fix3.69CVE-2021-3405
09:37 AMapproved
100%
Directus Password Reset information disclosure3.5$0-$5kNot DefinedWorkaround3.76CVE-2021-27583
09:36 AMapproved
100%
Jasper jp2_dec.c jp2_decode null pointer dereference3.5$0-$5kNot DefinedOfficial Fix3.52CVE-2021-26927
09:35 AMapproved
100%
Aruba ClearPass Policy Manager Web-based Management Interface command injection8.8$0-$5kNot DefinedOfficial Fix4.61CVE-2021-26680
09:35 AMapproved
100%
Aruba ClearPass Policy Manager Web-based Management Interface command injection8.8$0-$5kNot DefinedOfficial Fix4.68CVE-2021-26679
09:34 AMapproved
100%
Aruba ClearPass Policy Manager OnGuard Local Privilege Escalation7.8$0-$5kNot DefinedOfficial Fix5.66CVE-2021-26677
09:30 AMapproved
100%
Directus api-aa information disclosure3.5$0-$5kNot DefinedNot Defined4.62CVE-2021-26595
09:11 AMapproved
100%
Directus PATCH Method unknown vulnerability5.5$0-$5kNot DefinedWorkaround5.60-CVE-2021-26594
09:10 AMapproved
100%
Directus API {id} information disclosure3.5$0-$5kNot DefinedNot Defined4.95-CVE-2021-26593
09:08 AMapproved
100%
UniFi Protect Controller denial of service3.5$0-$5kNot DefinedOfficial Fix4.99-CVE-2021-22882
09:07 AMapproved
100%
VMware Spring Security security check for standard4.3$5k-$25kNot DefinedOfficial Fix5.16-CVE-2021-22112
09:04 AMapproved
100%
Brave Web Browser Proxy information disclosure4.3$0-$5kNot DefinedOfficial Fix4.55-CVE-2021-21323
09:02 AMapproved
100%
Red Hat Satellite BMC Interface information disclosure3.3$0-$5kNot DefinedNot Defined5.44-CVE-2021-20256
09:00 AMapproved
100%
Red Hat 3scale API Management Platform Backend resource consumption3.5$0-$5kNot DefinedNot Defined5.07-CVE-2021-20252
08:59 AMapproved
100%
mbsync Mailbox Name Validator path traversal5.5$0-$5kNot DefinedOfficial Fix4.44-CVE-2021-20247
08:58 AMapproved
100%
Linux Kernel BPF __cgroup_bpf_run_filter_getsockopt heap-based overflow4.5$5k-$25kNot DefinedWorkaround5.11-CVE-2021-20194
08:56 AMapproved
100%
Openshift ose-docker-builder file access3.5$0-$5kNot DefinedNot Defined5.27-CVE-2021-20182
08:54 AMapproved
100%
Nextcloud Deck resource injection5.5$0-$5kNot DefinedOfficial Fix5.07-CVE-2020-8297
08:52 AMapproved
100%
Aruba ClearPass Policy Manager OnGuard buffer overflow5.3$0-$5kNot DefinedOfficial Fix4.60-CVE-2020-7120
08:52 AMapproved
100%
SoftMaker Office PlanMaker Document heap-based overflow6.3$0-$5kNot DefinedNot Defined4.33-CVE-2020-28587
08:51 AMapproved
100%
Undertow AJP Connector denial of service3.5$0-$5kNot DefinedNot Defined4.63-CVE-2020-27782
08:50 AMapproved
100%
KACO New Energy XP100U information disclosure3.5$0-$5kProof-of-ConceptNot Defined5.00-CVE-2021-3252
08:48 AMapproved
100%
MITREid Connect OpenID Connect Server OAuthConfirmationController.java improper authorization5.5$0-$5kNot DefinedOfficial Fix4.46-CVE-2021-27582
08:45 AMapproved
100%
Snow Inventory Agent Configuration unknown vulnerability5.5$0-$5kNot DefinedNot Defined6.94-CVE-2021-27579
08:42 AMapproved
100%
Polaris Office PDF File PolarisOffice.exe divide by zero4.3$0-$5kNot DefinedNot Defined5.22-CVE-2021-27550
07:35 AMapproved
100%
Jasper jp2_decode out-of-bounds read5.5$0-$5kNot DefinedOfficial Fix4.83-CVE-2021-26926

Interested in the pricing of exploits?

See the underground prices here!