Updates January 2020

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need you unlock this view to get access to more details of real data.

UpdatedBaseTempVulnerabilityChangeExpRemCTICVE
01/31/20206.56.5Hyland Perceptive Document Filters DOCX File use after free(4): vulnerability_discoverydate, advisory_company_name, source_securityfocus_date, source_securityfocus_classNot DefinedNot Defined0.09CVE-2018-3844
01/31/20208.08.0IBM Security QRadar SIEM improper authentication(4): vulnerability_discoverydate, exploit_availability, exploit_publicity, exploit_urlHighNot Defined0.37CVE-2018-1418
01/31/20204.94.7ovirt-engine API/Administration Web Portal Credentials credentials management(2): vulnerability_discoverydate, advisory_confirm_urlNot DefinedOfficial Fix0.00CVE-2018-1074
01/31/20206.76.7D-Link DIR-615 traceroute input validation(1): vulnerability_discoverydateNot DefinedNot Defined0.04CVE-2018-10431
01/31/20203.63.6DiliCMS index.php Stored cross site scripting(1): vulnerability_discoverydateNot DefinedNot Defined0.00CVE-2018-10430
01/31/20208.58.5Cosmo Database Prefix Field install.php code injection(1): vulnerability_discoverydateNot DefinedNot Defined0.01CVE-2018-10429
01/31/20204.84.6Google Guava CompoundOrdering deserialization(5): vulnerability_discoverydate, advisory_confirm_url, countermeasure_date, source_securityfocus_date, source_securityfocus_classNot DefinedOfficial Fix0.00CVE-2018-10237
01/31/20206.46.1Microfocus IDM information disclosure(2): vulnerability_discoverydate, advisory_confirm_urlNot DefinedOfficial Fix0.01CVE-2017-9284
01/31/20205.24.9NetIQ Identity Reporting cross site scripting(2): vulnerability_discoverydate, advisory_confirm_urlNot DefinedOfficial Fix0.05CVE-2017-9275
01/31/20207.47.4Fortinet FortiClient inadequate encryption(2): vulnerability_discoverydate, advisory_confirm_urlNot DefinedNot Defined0.04CVE-2017-17543
01/31/20205.25.2IBM Security QRadar SIEM Web UI cross site scripting(1): vulnerability_discoverydateNot DefinedNot Defined0.05CVE-2017-1724
01/31/20205.95.9IBM Security QRadar SIEM path traversal(1): vulnerability_discoverydateNot DefinedNot Defined0.00CVE-2017-1723
01/31/20206.36.3IBM Security QRadar SIEM Back-End Database sql injection(1): vulnerability_discoverydateNot DefinedNot Defined0.04CVE-2017-1722
01/31/20206.56.5IBM Security QRadar SIEM code injection(1): vulnerability_discoverydateNot DefinedNot Defined0.01CVE-2017-1721
01/31/20205.45.1Apache uimaj/uima-as/uimaFIT/uimaDUCC XML xml external entity reference(2): vulnerability_discoverydate, advisory_confirm_urlNot DefinedOfficial Fix0.01CVE-2017-15691
01/31/20204.54.5GeniXCMS Menu cross site scripting(1): vulnerability_discoverydateNot DefinedNot Defined0.02CVE-2017-14740
01/31/20207.37.0SpiderControl Windows Browser uncontrolled search path(4): vulnerability_discoverydate, advisory_person_name, source_securityfocus_date, source_securityfocus_classNot DefinedOfficial Fix0.00CVE-2017-14010
01/31/20204.94.7puppet-swift Installation proxy-server.conf information disclosure(4): vulnerability_discoverydate, advisory_confirm_url, source_securityfocus_date, source_securityfocus_classNot DefinedOfficial Fix0.00CVE-2016-9590
01/31/20206.56.5Centers for Disease Control and Prevention MicrobeTRACE CSV File code injection(1): vulnerability_discoverydateNot DefinedNot Defined0.00CVE-2018-9113
01/31/20206.56.5Centers for Disease Control and Prevention MicrobeTRACE CSV File code injection(1): vulnerability_discoverydateNot DefinedNot Defined0.04CVE-2018-8974
01/31/20205.55.5Shanghai 2345 Security Guard 2345MPCSafe.exe access control(1): vulnerability_discoverydateNot DefinedNot Defined0.04CVE-2018-10425
01/31/20202.72.7miniCMS post-edit.php Path information disclosure(1): vulnerability_discoverydateNot DefinedNot Defined0.01CVE-2018-10424
01/31/20202.72.7miniCMS post.php Directory information disclosure(1): vulnerability_discoverydateNot DefinedNot Defined0.05CVE-2018-10423
01/31/20203.63.6HongCMS Post News Stored cross site scripting(1): vulnerability_discoverydateNot DefinedNot Defined0.00CVE-2018-10422
01/31/20207.47.1Xiph.Org libvorbis psy.c bark_noise_hybridmp memory corruption(3): vulnerability_discoverydate, countermeasure_name, countermeasure_dateNot DefinedOfficial Fix0.03CVE-2018-10393
01/31/20208.07.7Xiph.Org libvorbis mapping0.c mapping0_forward memory corruption(3): vulnerability_discoverydate, countermeasure_name, countermeasure_dateNot DefinedOfficial Fix0.00CVE-2018-10392
01/31/20203.63.6WUZHI CMS cross site scripting(1): vulnerability_discoverydateNot DefinedNot Defined0.00CVE-2018-10391
01/31/20208.58.5TunnelBear TunnelBearMaintenance Service OpenVPNConnect access control(1): vulnerability_discoverydateNot DefinedNot Defined0.05CVE-2018-10381
01/31/20205.25.2Mitel MiVoice Connect/ST/GA27 Conferencing api.php Reflected cross site scripting(2): vulnerability_discoverydate, advisory_confirm_urlNot DefinedNot Defined0.03CVE-2018-9104
01/31/20205.25.2Mitel MiVoice Connect/ST/GA27 Conferencing signin.php Reflected cross site scripting(2): vulnerability_discoverydate, advisory_confirm_urlNot DefinedNot Defined0.01CVE-2018-9103
01/31/20206.96.9Mitel MiVoice Connect/ST/GA27 Conferencing sql injection(2): vulnerability_discoverydate, advisory_confirm_urlNot DefinedNot Defined0.00CVE-2018-9102
01/31/20207.57.5Mitel ST Conferencing unrestricted upload(2): vulnerability_discoverydate, advisory_confirm_urlNot DefinedNot Defined0.00CVE-2017-16251
01/31/20205.25.2Mitel MiVoice Connect/ST/GA27 launch_presenter.php Reflected cross site scripting(2): vulnerability_discoverydate, advisory_confirm_urlNot DefinedNot Defined0.01CVE-2018-9101
01/31/20206.56.5Advantech WebAccess HMI Designer out-of-bounds write(5): vulnerability_discoverydate, advisory_person_name, advisory_company_name, source_securityfocus_date, source_securityfocus_classNot DefinedNot Defined0.00CVE-2018-8837
01/31/20206.56.5Advantech WebAccess HMI Designer pm3 File double free(5): vulnerability_discoverydate, advisory_person_name, advisory_company_name, source_securityfocus_date, source_securityfocus_classNot DefinedNot Defined0.01CVE-2018-8835
01/31/20206.56.5Advantech WebAccess HMI Designer pm3 File memory corruption(5): vulnerability_discoverydate, advisory_person_name, advisory_company_name, source_securityfocus_date, source_securityfocus_classNot DefinedNot Defined0.00CVE-2018-8833
01/31/20206.46.1GitLab Community Edition/Enterprise Edition Webhooks server-side request forgery(2): vulnerability_discoverydate, countermeasure_dateNot DefinedOfficial Fix0.01CVE-2018-8801
01/31/20204.44.0WSO2 Identity Server Dashboard cross site scripting(4): vulnerability_discoverydate, exploit_availability, exploit_publicity, exploit_urlProof-of-ConceptOfficial Fix0.00CVE-2018-8716
01/31/20206.56.5NetApp OnCommand Unified Manager Java Debug Wire Protocol access control(2): vulnerability_discoverydate, advisory_confirm_urlNot DefinedNot Defined0.11CVE-2018-5486
01/31/20207.57.2SourceTree command injection(2): vulnerability_discoverydate, advisory_confirm_urlNot DefinedOfficial Fix0.00CVE-2018-5226

Interested in the pricing of exploits?

See the underground prices here!