Live Recent

Timeframe: 11/28/2022 10:01 PM - 11/29/2022 10:01 PM (48 Entries)
Next Refresh: 11/29/2022 11:01 PM

Timeline

The analysis of the timeline helps to identify the required approach and handling of single vulnerabilities and vulnerability collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Initiating immediate vulnerability response and prioritizing of issues is possible.

CVSSv3 Base

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

Exploit 0-day

The moderation team is working with the threat intelligence team to determine prices for exploits. Our unique algorithm is used to identify the 0-day prices for an exploit, before it got distributed or became public. Calculated prices are aligned to prices disclosed by vulnerability broker and compared to prices we see on exploit markets.

🔴 CTI Activities

Our unique Cyber Threat Intelligence aims to determine the ongoing research of actors to anticipiate their acitivities. Observing exploit markets on the Darknet, discussions of vulnerabilities on mailinglists, and exchanges on social media makes it possible to identify planned attacks. Monitored actors and activities are classified whether they are offensive or defensive. They are also weighted as some actors are well-known for certain products and technologies. And some of their disclosures might contain more or less details about technical aspects and personal context. The world map highlights active actors in real-time.

CreatedStatus VulnerabilityBase0dayExpRemCTIEPSSCVE
06:56 PMapproved
100%
Amasty Blog Pro Plugin Admin Panel cross site scripting3.5$0-$5kNot DefinedNot Defined2.12+0.00000CVE-2022-36433
06:56 PMapproved
100%
GPAC unquantize.c Q_IsTypeOn use after free7.3$0-$5kNot DefinedNot Defined2.21+0.00000CVE-2022-45343
06:55 PMapproved
100%
Prometheus Exporter Toolkit web.yml unknown vulnerability4.7$0-$5kNot DefinedOfficial Fix2.30+0.00000CVE-2022-46146
06:54 PMapproved
100%
Apache Fineract File Upload path traversal6.3$5k-$25kNot DefinedOfficial Fix2.24+0.00000CVE-2022-44635
08:36 AMapproved
100%
GPAC lsr_dec.c lsr_translate_coords integer overflow6.3$0-$5kProof-of-ConceptNot Defined3.85-0.00000CVE-2022-4202
08:32 AMapproved
100%
Wenzhou Huoyin BossCMS Administrator List Module Add cross-site request forgery4.3$0-$5kNot DefinedNot Defined4.18-0.00000CVE-2022-44937
08:31 AMapproved
100%
KLiK SocialMediaWebsite cross site scripting3.5$0-$5kNot DefinedOfficial Fix2.42-0.00000CVE-2022-42100
08:31 AMapproved
100%
KLiK SocialMediaWebsite cross site scripting3.5$0-$5kNot DefinedOfficial Fix2.27-0.00000CVE-2022-42099
08:30 AMapproved
100%
LINE Group Chat denial of service3.5$0-$5kNot DefinedOfficial Fix2.09-0.00000CVE-2022-41568
08:29 AMapproved
100%
ChurchCRM cross site scripting3.5$0-$5kNot DefinedOfficial Fix2.16-0.00000CVE-2022-36137
08:29 AMapproved
100%
ChurchCRM cross site scripting3.5$0-$5kNot DefinedOfficial Fix1.94-0.00000CVE-2022-36136
08:29 AMapproved
100%
Virgial Berveling Notification E-mails Plugin cross-site request forgery4.3$0-$5kNot DefinedNot Defined1.86-0.00000CVE-2022-34654
08:28 AMapproved
100%
AeroCMS sql injection5.5$0-$5kNot DefinedNot Defined2.24-0.00000CVE-2022-45329
08:27 AMapproved
100%
D-Link DNR-322L Backup Config Privilege Escalation5.5$5k-$25kNot DefinedNot Defined2.18-0.00000CVE-2022-40799
08:26 AMapproved
100%
ghost Newsletter access control6.3$0-$5kNot DefinedOfficial Fix2.10-0.00000CVE-2022-41654
08:26 AMapproved
100%
NetIQ Advanced Authentication Multi-Factor Authentication improper authentication6.3$0-$5kNot DefinedOfficial Fix2.04-0.00000CVE-2022-38753
08:24 AMapproved
100%
Dropbox JPEG Compression infinite loop3.5$0-$5kNot DefinedNot Defined2.04-0.00000CVE-2022-4104
08:23 AMapproved
100%
GPAC box_code_3gpp.c dimC_box_read memory leak4.3$0-$5kNot DefinedNot Defined1.92-0.00000CVE-2022-45204
08:15 AMapproved
100%
GPAC box_code_3gpp.c dimC_box_read stack-based overflow6.3$0-$5kNot DefinedOfficial Fix1.95-0.00000CVE-2022-45202
08:14 AMapproved
100%
Raiden MAILD Mail Server Website cross site scripting5.0$0-$5kNot DefinedNot Defined2.04-0.00000CVE-2022-41676
08:13 AMapproved
100%
Realtek RTL8168FP-CG Dash Remote Management authorization4.3$0-$5kNot DefinedNot Defined1.86-0.00000CVE-2022-32966
08:12 AMapproved
100%
Realtek RTL8111EP-CG/RTL8111FP-CG dash hard-coded password2.4$0-$5kNot DefinedNot Defined1.86-0.00000CVE-2022-32967
07:55 AMapproved
100%
XBlock Drag and Drop Image cross site scripting3.5$0-$5kNot DefinedOfficial Fix1.38-0.00000CVE-2022-46147
07:54 AMapproved
100%
Ourphoto App acceptBind improper authentication6.3$0-$5kNot DefinedNot Defined1.49-0.00000CVE-2022-24190
07:53 AMapproved
100%
Ourphoto App API improper authorization5.5$0-$5kNot DefinedNot Defined1.43-0.00000CVE-2022-24189
07:52 AMapproved
100%
Squirrly SEO Plugin unrestricted upload7.6$0-$5kNot DefinedNot Defined1.67-0.00000CVE-2022-38140
07:52 AMapproved
100%
Ourphoto App signin missing encryption3.5$0-$5kNot DefinedNot Defined1.35-0.00000CVE-2022-24188
07:51 AMapproved
100%
Ourphoto App resource injection3.5$0-$5kNot DefinedNot Defined1.28-0.00000CVE-2022-24187
07:50 AMapproved
100%
Russound XSourcePlayer 777D scriptRunner.cgi Privilege Escalation6.3$0-$5kProof-of-ConceptNot Defined1.58-0.00000CVE-2022-44038
07:50 AMapproved
100%
Chocolatey Azure-Pipelines-Agent Package agent permission5.5$0-$5kNot DefinedNot Defined1.29-0.00000CVE-2022-45306
07:47 AMapproved
100%
Chocolatey Cmder Package permission5.5$0-$5kNot DefinedNot Defined1.38-0.00000CVE-2022-45304
07:46 AMapproved
100%
APsystems Energy Communication Unit access control6.3$0-$5kProof-of-ConceptNot Defined1.74-0.00000CVE-2022-44037
07:45 AMapproved
100%
Telos Alliance Omnia MPX Node resource injection5.5$0-$5kProof-of-ConceptNot Defined1.52-0.00000CVE-2022-43326
07:45 AMapproved
100%
FusionAuth HTTP Request access control3.5$0-$5kNot DefinedOfficial Fix1.23-0.00000CVE-2022-45921
07:43 AMapproved
100%
Opencast Paella Authentication Page redirect5.5$0-$5kNot DefinedOfficial Fix1.35-0.00000CVE-2022-41965
07:43 AMapproved
100%
Sanitization Management System Login.php cross site scripting3.5$0-$5kNot DefinedNot Defined1.26-0.00000CVE-2022-45214
07:42 AMapproved
100%
PuneethReddyHC online-shopping-system-advanced product.php sql injection5.5$0-$5kNot DefinedNot Defined1.35-0.00000CVE-2022-42109
07:42 AMapproved
100%
Web-Based Student Clearance System add-admin.php cross site scripting3.5$0-$5kNot DefinedNot Defined1.29-0.00000CVE-2022-45224
07:39 AMapproved
100%
Web-Based Student Clearance System add-student.php cross site scripting3.5$0-$5kNot DefinedNot Defined1.40-0.00000CVE-2022-45223
07:38 AMapproved
100%
Web-Based Student Clearance System changepassword.php cross site scripting3.5$0-$5kNot DefinedNot Defined1.34-0.00000CVE-2022-45221
07:38 AMapproved
100%
Linux Kernel L2TP l2tp_core.c sk_user_data null pointer dereference6.5$5k-$25kNot DefinedOfficial Fix1.41-0.00000CVE-2022-4129
07:36 AMapproved
100%
Chocolatey Package Python311 permission6.3$0-$5kNot DefinedNot Defined1.95-0.00000CVE-2022-45305
07:36 AMapproved
100%
Chocolatey Gem ruby31 permission6.3$0-$5kNot DefinedNot Defined1.73-0.00000CVE-2022-45301
07:35 AMapproved
100%
Linux Kernel MPTCP Protocol null pointer dereference6.5$5k-$25kNot DefinedOfficial Fix1.26-0.00000CVE-2022-4128
07:35 AMapproved
100%
Linux Kernel io_files_update_with_index_alloc null pointer dereference6.5$5k-$25kNot DefinedOfficial Fix1.22-0.00000CVE-2022-4127
07:34 AMapproved
100%
Sinatra Header code download6.5$0-$5kNot DefinedOfficial Fix1.17-0.00000CVE-2022-45442
07:32 AMapproved
100%
Chocolatey PHP Package php81 permission6.3$0-$5kNot DefinedNot Defined2.19-0.00000CVE-2022-45307
07:32 AMapproved
100%
Raiden MAILD Mail Server Website csv injection7.1$0-$5kNot DefinedNot Defined1.26-0.00000CVE-2022-41675

Do you want to use VulDB in your project?

Use the official API to access entries easily!