Type Chat Software
The analysis of the timeline helps to identify the required approach and handling of single vulnerabilities and vulnerability collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Initiating immediate vulnerability response and prioritizing of issues is possible.
Identifying all affected vendors is a good starting point for an overview. This makes it possible to determine an homogeneous landscape or the most important hotspots in heterogeneous landscapes.
Grouping vulnerabilities by products helps to get an overview. This makes it possible to determine an homogeneous landscape or the most important hotspots in heterogeneous landscapes.
Vendors and researchers are eager to find countermeasures to mitigate security vulnerabilities. These can be distinguished between multiple forms and levels of remediation which influence risks differently.
Researcher and attacker which are looking for security vulnerabilities try to exploit them for academic purposes or personal gain. The level and quality of exploitability can be distinguished to determine simplicity and strength of attacks.
The approach a vulnerability it becomes important to use the expected access vector. This is typically via the network, local, or physically even.
To exploit a vulnerability a certail level of authentication might be required. Vulnerabilities without such a requirement are much more popular.
Some attack scenarios require some user interaction by a victim. This is typical for phishing, social engineering and cross site scripting attacks.
Our unique C3BM Index (CVSSv3 Base Meta Index) cumulates the CVSSv3 Meta Base Scores of all entries over time. Comparing this index to the amount of disclosed vulnerabilities helps to pinpoint the most important events.
The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.
The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.
The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.
The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.
Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.
There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.
The moderation team is working with the threat intelligence team to determine prices for exploits. Our unique algorithm is used to identify the 0-day prices for an exploit, before it got distributed or became public. Calculated prices are aligned to prices disclosed by vulnerability broker and compared to prices we see on exploit markets.
The 0-day prices do not consider time-relevant factors. The today price does reflect price impacts like disclosure of vulnerability details, alternative exploits, availability of countermeasures. These dynamic aspects might decrease the exploit prices over time. Under certain circumstances this happens very fast.
Our unique calculation of exploit prices makes it possible to forecast the expected exploit market volume. The calculated prices for all possible 0-day expoits are cumulated for this task. Comparing the volume to the amount of disclosed vulnerabilities helps to pinpoint the most important events.
Our unique Cyber Threat Intelligence aims to determine the ongoing research of actors to anticipiate their acitivities. Observing exploit markets on the Darknet, discussions of vulnerabilities on mailinglists, and exchanges on social media makes it possible to identify planned attacks. Monitored actors and activities are classified whether they are offensive or defensive. They are also weighted as some actors are well-known for certain products and technologies. And some of their disclosures might contain more or less details about technical aspects and personal context. The world map highlights active actors in real-time.
Affected Products (227): 12planet Chat Server, 123flashchat eChat plugin, 123 Flash Chat Module, A51dev Activecollab Chat Module, Acobot Live Chat , Acobot Contact Form, ActiveHelper ActiveHelper LiveHelp Live Chat, Adrenalin Labs Adrenalins Asp Chat, Adventia Chat, Adventia Server, Andys Chat, Anna^ IRC Bot, App Rocket.Chat, Appindex MWChat, Apple Ichat, Apple iChat, Apple Ichat Av, Apple Ichat Server, Apple iChat Server, ARSC Really Simple Chat, Atlassian Hipchat Server, Banckle Chat, Bigfun IRC Client, Bird Internet Chat Server, BitchX IRC Client, BlueSky BlueSkychat, Browser IRC Client, Candy Chat, Cgiirc CGI:IRC, Cgiscript.net csChat-R-Box, CGI:IRC, ChatBox Chat Rooms, Chatness, Chatopera Cosin, Chatspot, Chattaitaliano Istant-Replay, chattanoogastate eLearn, ChatterBox, Chatty, chatwm, ChatWork Desktop App, chat anywhere, Chat Anywhere, Chat Anywhere Extension, Chat Room Module, Cisco Email, Cisco Email Center, Cisco Enterprise Chat, clickdesk Clickdesk Live Support-live Chat Plugin, Codologic Com Freichat, Cool Cafe Chat, CSS-TRICKS Chat2, Daniel Toma WebChat, Darrens 5-dollar Script Archive FlashChat, Darrens 5-dollar Script Archive flashChat, Denora IRC Stats, Develooping Flash Chat, Digi-net Digichat, Douchat, DSChat, EFS Easy Chat Server, Efs Software Easy Chat Server, eGain Chat, Eggheads Eggdrop IRC Bot, Enghouse Web Chat, Epic IRC Client, Familycms Family Connections Who is Chatting, Faust Informatics Freestyle Chat, Fijiwebdesign Com Ajaxchat, Fish Encryption IRC, Flashtux WeeChat, Flat Chat, FlexChat, Frankly Chat, FreeChat, Free Web Chat, FreiChat, Fujitsu Chocoa IRC Client, Gist Chatbot, GTChat, Gyach Enhanced Chat Room, HexChat, Hipchat Desktop Client, Hipchat Server, Hipchat Plugin, iLove Ilove - Free Dating! Chat App, IRC-Worm.Win32.Jane.a, IRC-Worm.Win32.Silentium.a, IRC Plugin, IRC Server, IRC Services, IRC Services NickServ LISTLINKS, Jackdapp Jack'd - Gay Chat! Dating, James Seter BNC IRC, JAUMO Chat, JAUMO Flirt! Dating Heart Jaumo, Jollybox.de TCP Chat, Joompolitan Com Livechat, Khaled Mardam-Bey mIRC, Khaled Mardam-Bey Mirc, kvirc IRC Client, KVIrc IRC Client, LANChat Pro Revival, LeafDigital LeafChat, Let's PHP! Frame High-Speed Chat, Let's PHP! Simple Chat, Lionmax Software Chat Anywhere, Live.me - Live Stream Video Chat, LiveZilla Live Chat, Live Chat - Live Support, Live Helper Chat, Mata MataChat, Mazens PHP Chat, Mazens PHP Chat, MCQs, MedQuiz: Medical Chat, Melange Chat Server, Melange Chat System, Micro Focus Service Manager, Micro Focus Service Manager Chat Server, Micro Focus Service Manager Chat Service, Ming Han AJchat, Minichat, mirc, mIRC, mIRC Advanced Integration Plugin, mIRC Plug-in for Winamp, MM Chat, Mohachat MOHA Chat, MPM Chat, MWChat Pro, Natterchat, NatterChat, Netchat Subnet Chat Application, Ninjadesigns Flatchat, Onelouder FriendCaster Chat, Parachat Server, Payperviewvideosoftware Pay Per Minute Video Chat Script, PCPIN PCPIN Chat, Philippe CROCHAT EasySite, phpFreeChat, phpHeaven PHPMyChat, Phpheaven phpMyChat, Phpheaven PhpMyChat, phpHeaven phpMyChat, Phpheaven PHPMyChat, Phpheaven PhpMyChat Plus, phpMyChat, phpMyChat-Plus, PhpMyChat Plus, PhpOnlineChat, PHPOpenChat, PHP Based Web Chat Manager, Pirch IRC Client, Proton Energymech Irc Bot, Pro Chat Rooms, Pro Chat Rooms Text Chat Rooms, Quassel-irc Quassel, Quassel-irc Quassel Irc, Quassel-irc Quassel IRC, Quassel IRC, Quick Chat Plugin, RealChat, Reallysimplechat Really Simple Chat, Rhapsody IRC, Rocket.Chat, Rocket.Chat Server, ScatterChat, Scott Weedon Ajax Chat, Script* Log-Chat, Shawn Webb Webbsyte Chat, Siemens TIM 1531 IRC, Simm-comm SCI Photo Chat, Simple Keitai Chat, SimpleChat, Simple Chatting System, Skout BoyAhoy - Gay Chat, Skout Flurv Chat, Skout Skout: Chats. Friends. Fun., SleeperChat, Smart IRC Daemon, Spytech Spynet Chat, Stephen Craton Chatness, Successkid Harris Wap Chat, Synology Chat, SZ NetChat, T0pp8uzz Dana IRC client, TechyTalk Quick Chat Plugin, Tencent WeChat, TIM 1531 IRC, TJSChat, Topcmm Computing 123 Flash Chat Server, Tufat FlashChat, Unichat, V3chat V3 Chat Live Support, V3chat V3 Chat Profiles Dating Script, V3 Chat, VChat, Vibease Chat App, Vibease Wireless Remote Vibrator App, VideoWhisper PHP 2 Way Video Chat, Vincent Tietz vjchat, Visual IRC, Voodoo chat, Wchat Fully Responsive PHP AJAX Chat Script, Webchat.org WebChat, Webchat, WeeChat, WF-Chat, WircSrv IRC Server, wIRCSrv IRC Server, Wise Chat Plugin, wp-live-chat-support Plugin, WP Live Chat Support, X-Chat, X7chat X7 Chat, X7 Chat, X7 Group X7 Chat, XChat, Xchat, xchat, XChat-GNOME, yChat, Zeacom Chat Server, Zehnet Zz Flashchat, Zipstore Zip Store Chat, Zoom Chat
Interested in the pricing of exploits?
See the underground prices here!