Updates September 2020

Timeline

The analysis of the timeline helps to identify the required approach and handling of single vulnerabilities and vulnerability collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Initiating immediate vulnerability response and prioritizing of issues is possible.

Type »

The moderation team is working with the threat intelligence team to categorize software that is affected by security vulnerabilities. This helps to illustrate the assignment of these categories to determine the most affected software types.

Product »

Grouping vulnerabilities by products helps to get an overview. This makes it possible to determine an homogeneous landscape or the most important hotspots in heterogeneous landscapes.

Remediation »

Vendors and researchers are eager to find countermeasures to mitigate security vulnerabilities. These can be distinguished between multiple forms and levels of remediation which influence risks differently.

Exploitability »

Researcher and attacker which are looking for security vulnerabilities try to exploit them for academic purposes or personal gain. The level and quality of exploitability can be distinguished to determine simplicity and strength of attacks.

CVSSv3 Base »

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp »

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

Exploit 0-day »

The moderation team is working with the threat intelligence team to determine prices for exploits. Our unique algorithm is used to identify the 0-day prices for an exploit, before it got distributed or became public. Calculated prices are aligned to prices disclosed by vulnerability broker and compared to prices we see on exploit markets.

Exploit Today »

The 0-day prices do not consider time-relevant factors. The today price does reflect price impacts like disclosure of vulnerability details, alternative exploits, availability of countermeasures. These dynamic aspects might decrease the exploit prices over time. Under certain circumstances this happens very fast.

UpdatedBaseTempVulnerabilityChangeExpRemCTICVE
09/30/20204.74.5Xen Timer Migration race condition(18): software_type, vulnerability_cwe, vulnerability_cvss2_nvd_av, vulnerability_cvss2_nvd_ac, vulnerability_cvss2_nvd_au, vulnerability_cvss2_nvd_ci, vulnerability_cvss2_nvd_ii, vulnerability_cvss2_nvd_ai, vulnerability_cvss3_nvd_av, vulnerability_cvss3_nvd_ac, vulnerability_cvss3_nvd_pr, vulnerability_cvss3_nvd_ui, vulnerability_cvss3_nvd_s, vulnerability_cvss3_nvd_c, vulnerability_cvss3_nvd_i, vulnerability_cvss3_nvd_a, source_cve_assigned, source_cve_nvd_summaryNot DefinedOfficial Fix0.06CVE-2020-25604
09/30/20205.35.1Xen Event Channel smp_*mb memory corruption(4): software_type, source_cve_assigned, source_cve_nvd_summary, vulnerability_cweNot DefinedOfficial Fix0.06CVE-2020-25603
09/30/20205.55.3Xen Error denial of service(4): software_type, source_cve_assigned, source_cve_nvd_summary, vulnerability_cweNot DefinedOfficial Fix0.07CVE-2020-25602
09/30/20203.33.2Xen FIFO Event Channel evtchn_destroy denial of service(4): software_type, source_cve_assigned, source_cve_nvd_summary, vulnerability_cweNot DefinedOfficial Fix0.06CVE-2020-25601
09/30/20205.55.3Xen Event Channel denial of service(4): software_type, source_cve_assigned, source_cve_nvd_summary, vulnerability_cweNot DefinedOfficial Fix0.07CVE-2020-25600
09/30/20205.35.1Xen evtchn_reset memory corruption(4): software_type, source_cve_assigned, source_cve_nvd_summary, vulnerability_cweNot DefinedOfficial Fix0.05CVE-2020-25599
09/30/20205.55.3Xen denial of service(4): software_type, source_cve_assigned, source_cve_nvd_summary, vulnerability_cweNot DefinedOfficial Fix0.84CVE-2020-25597
09/30/20205.55.3Xen SYSENTER null termination(4): software_type, source_cve_assigned, source_cve_nvd_summary, vulnerability_cweNot DefinedOfficial Fix0.09CVE-2020-25596
09/30/20207.06.7Xen PCI Passthrough backdoor(4): software_type, source_cve_assigned, source_cve_nvd_summary, vulnerability_cweNot DefinedOfficial Fix0.05CVE-2020-25595
09/30/20207.47.1Mimosa Client Radios/Backhaul Radios Mosquitto hard-coded credentials(2): vulnerability_discoverydate, source_osvdb_titleNot DefinedOfficial Fix0.06CVE-2017-9132
09/30/20207.57.2Mimosa Client Radios/Backhaul Radios input validation(2): vulnerability_discoverydate, source_osvdb_titleNot DefinedOfficial Fix0.12CVE-2017-9131
09/30/20208.58.2PHP zend_variables.h i_zval_ptr_dtor Memory resource consumption(7): vulnerability_discoverydate, advisory_confirm_url, countermeasure_name, countermeasure_date, source_osvdb_title, source_securityfocus_date, source_securityfocus_classNot DefinedOfficial Fix0.04CVE-2017-9119
09/30/20205.45.1OpenEXR ImfZip.cpp uncompress numeric error(5): vulnerability_discoverydate, advisory_confirm_url, countermeasure_name, countermeasure_date, source_osvdb_titleNot DefinedOfficial Fix0.06CVE-2017-9116
09/30/20207.57.2OpenEXR half.h operator numeric error(5): vulnerability_discoverydate, advisory_confirm_url, countermeasure_name, countermeasure_date, source_osvdb_titleNot DefinedOfficial Fix0.31CVE-2017-9115
09/30/20208.58.1TP-LINK WR1043ND V2 Management Web Interface improper authentication(1): advisory_urlFunctionalWorkaround0.00CVE-2019-6971
09/30/20207.97.1Microsoft Windows Win32k memory corruption(1): source_cve_assignedProof-of-ConceptOfficial Fix0.43CVE-2019-1364
09/30/20206.55.9Microsoft Windows memory corruption(1): source_cve_assignedProof-of-ConceptOfficial Fix0.03CVE-2019-1343
09/30/20205.14.6Microsoft Windows Code Integrity Module information disclosure(1): source_cve_assignedProof-of-ConceptOfficial Fix0.37CVE-2019-1344
09/30/20205.14.6Microsoft Windows Kernel information disclosure(1): source_cve_assignedProof-of-ConceptOfficial Fix0.43CVE-2019-1345
09/30/20206.05.4Microsoft Windows memory corruption(1): source_cve_assignedProof-of-ConceptOfficial Fix0.06CVE-2019-1346
09/30/20206.05.4Microsoft Windows memory corruption(1): source_cve_assignedProof-of-ConceptOfficial Fix0.05CVE-2019-1347
09/30/20207.46.7RobotCPA Plugin f.php path traversal(19): software_type, vulnerability_cwe, vulnerability_cvss2_nvd_av, vulnerability_cvss2_nvd_ac, vulnerability_cvss2_nvd_au, vulnerability_cvss2_nvd_ci, vulnerability_cvss2_nvd_ii, vulnerability_cvss2_nvd_ai, vulnerability_cvss3_nvd_av, vulnerability_cvss3_nvd_ac, vulnerability_cvss3_nvd_pr, vulnerability_cvss3_nvd_ui, vulnerability_cvss3_nvd_s, vulnerability_cvss3_nvd_c, vulnerability_cvss3_nvd_i, vulnerability_cvss3_nvd_a, source_cve_assigned, source_cve_nvd_summary, source_exploitdb_dateProof-of-ConceptNot Defined1.91CVE-2015-9480
09/30/20208.58.5ACF-Frontend-Display Plugin File Upload index.php unrestricted upload(18): software_type, vulnerability_cwe, vulnerability_cvss2_nvd_av, vulnerability_cvss2_nvd_ac, vulnerability_cvss2_nvd_au, vulnerability_cvss2_nvd_ci, vulnerability_cvss2_nvd_ii, vulnerability_cvss2_nvd_ai, vulnerability_cvss3_nvd_av, vulnerability_cvss3_nvd_ac, vulnerability_cvss3_nvd_pr, vulnerability_cvss3_nvd_ui, vulnerability_cvss3_nvd_s, vulnerability_cvss3_nvd_c, vulnerability_cvss3_nvd_i, vulnerability_cvss3_nvd_a, source_cve_assigned, source_cve_nvd_summaryNot DefinedNot Defined0.05CVE-2015-9479
09/30/20205.24.9prettyPhoto jquery.prettyPhoto.js cross site scripting(17): vulnerability_cwe, vulnerability_cvss2_nvd_av, vulnerability_cvss2_nvd_ac, vulnerability_cvss2_nvd_au, vulnerability_cvss2_nvd_ci, vulnerability_cvss2_nvd_ii, vulnerability_cvss2_nvd_ai, vulnerability_cvss3_nvd_av, vulnerability_cvss3_nvd_ac, vulnerability_cvss3_nvd_pr, vulnerability_cvss3_nvd_ui, vulnerability_cvss3_nvd_s, vulnerability_cvss3_nvd_c, vulnerability_cvss3_nvd_i, vulnerability_cvss3_nvd_a, source_cve_assigned, source_cve_nvd_summaryNot DefinedOfficial Fix0.16CVE-2015-9478
09/30/20207.57.5Vernissage Theme Option Update default permission(18): software_type, vulnerability_cwe, vulnerability_cvss2_nvd_av, vulnerability_cvss2_nvd_ac, vulnerability_cvss2_nvd_au, vulnerability_cvss2_nvd_ci, vulnerability_cvss2_nvd_ii, vulnerability_cvss2_nvd_ai, vulnerability_cvss3_nvd_av, vulnerability_cvss3_nvd_ac, vulnerability_cvss3_nvd_pr, vulnerability_cvss3_nvd_ui, vulnerability_cvss3_nvd_s, vulnerability_cvss3_nvd_c, vulnerability_cvss3_nvd_i, vulnerability_cvss3_nvd_a, source_cve_assigned, source_cve_nvd_summaryNot DefinedNot Defined0.55CVE-2015-9477
09/30/20207.57.5Teardrop Theme Option Update default permission(18): software_type, vulnerability_cwe, vulnerability_cvss2_nvd_av, vulnerability_cvss2_nvd_ac, vulnerability_cvss2_nvd_au, vulnerability_cvss2_nvd_ci, vulnerability_cvss2_nvd_ii, vulnerability_cvss2_nvd_ai, vulnerability_cvss3_nvd_av, vulnerability_cvss3_nvd_ac, vulnerability_cvss3_nvd_pr, vulnerability_cvss3_nvd_ui, vulnerability_cvss3_nvd_s, vulnerability_cvss3_nvd_c, vulnerability_cvss3_nvd_i, vulnerability_cvss3_nvd_a, source_cve_assigned, source_cve_nvd_summaryNot DefinedNot Defined2.07CVE-2015-9476
09/30/20207.57.5Pont Theme Option Update default permission(18): software_type, vulnerability_cwe, vulnerability_cvss2_nvd_av, vulnerability_cvss2_nvd_ac, vulnerability_cvss2_nvd_au, vulnerability_cvss2_nvd_ci, vulnerability_cvss2_nvd_ii, vulnerability_cvss2_nvd_ai, vulnerability_cvss3_nvd_av, vulnerability_cvss3_nvd_ac, vulnerability_cvss3_nvd_pr, vulnerability_cvss3_nvd_ui, vulnerability_cvss3_nvd_s, vulnerability_cvss3_nvd_c, vulnerability_cvss3_nvd_i, vulnerability_cvss3_nvd_a, source_cve_assigned, source_cve_nvd_summaryNot DefinedNot Defined0.55CVE-2015-9475
09/30/20207.57.5Simpolio Theme Option Update default permission(18): software_type, vulnerability_cwe, vulnerability_cvss2_nvd_av, vulnerability_cvss2_nvd_ac, vulnerability_cvss2_nvd_au, vulnerability_cvss2_nvd_ci, vulnerability_cvss2_nvd_ii, vulnerability_cvss2_nvd_ai, vulnerability_cvss3_nvd_av, vulnerability_cvss3_nvd_ac, vulnerability_cvss3_nvd_pr, vulnerability_cvss3_nvd_ui, vulnerability_cvss3_nvd_s, vulnerability_cvss3_nvd_c, vulnerability_cvss3_nvd_i, vulnerability_cvss3_nvd_a, source_cve_assigned, source_cve_nvd_summaryNot DefinedNot Defined1.56CVE-2015-9474
09/30/20207.47.4estrutura-basica Theme download.php path traversal(18): software_type, vulnerability_cwe, vulnerability_cvss2_nvd_av, vulnerability_cvss2_nvd_ac, vulnerability_cvss2_nvd_au, vulnerability_cvss2_nvd_ci, vulnerability_cvss2_nvd_ii, vulnerability_cvss2_nvd_ai, vulnerability_cvss3_nvd_av, vulnerability_cvss3_nvd_ac, vulnerability_cvss3_nvd_pr, vulnerability_cvss3_nvd_ui, vulnerability_cvss3_nvd_s, vulnerability_cvss3_nvd_c, vulnerability_cvss3_nvd_i, vulnerability_cvss3_nvd_a, source_cve_assigned, source_cve_nvd_summaryNot DefinedNot Defined0.09CVE-2015-9473
09/30/20205.24.9incoming-links Plugin HTTP Header referrers.php cross site scripting(18): software_type, vulnerability_cwe, vulnerability_cvss2_nvd_av, vulnerability_cvss2_nvd_ac, vulnerability_cvss2_nvd_au, vulnerability_cvss2_nvd_ci, vulnerability_cvss2_nvd_ii, vulnerability_cvss2_nvd_ai, vulnerability_cvss3_nvd_av, vulnerability_cvss3_nvd_ac, vulnerability_cvss3_nvd_pr, vulnerability_cvss3_nvd_ui, vulnerability_cvss3_nvd_s, vulnerability_cvss3_nvd_c, vulnerability_cvss3_nvd_i, vulnerability_cvss3_nvd_a, source_cve_assigned, source_cve_nvd_summaryNot DefinedOfficial Fix1.75CVE-2015-9472
09/30/20208.58.5dzs-zoomsounds Plugin File Upload upload.php unrestricted upload(18): software_type, vulnerability_cwe, vulnerability_cvss2_nvd_av, vulnerability_cvss2_nvd_ac, vulnerability_cvss2_nvd_au, vulnerability_cvss2_nvd_ci, vulnerability_cvss2_nvd_ii, vulnerability_cvss2_nvd_ai, vulnerability_cvss3_nvd_av, vulnerability_cvss3_nvd_ac, vulnerability_cvss3_nvd_pr, vulnerability_cvss3_nvd_ui, vulnerability_cvss3_nvd_s, vulnerability_cvss3_nvd_c, vulnerability_cvss3_nvd_i, vulnerability_cvss3_nvd_a, source_cve_assigned, source_cve_nvd_summaryNot DefinedNot Defined1.54CVE-2015-9471
09/30/20207.47.4history-collection Plugin download.php path traversal(18): software_type, vulnerability_cwe, vulnerability_cvss2_nvd_av, vulnerability_cvss2_nvd_ac, vulnerability_cvss2_nvd_au, vulnerability_cvss2_nvd_ci, vulnerability_cvss2_nvd_ii, vulnerability_cvss2_nvd_ai, vulnerability_cvss3_nvd_av, vulnerability_cvss3_nvd_ac, vulnerability_cvss3_nvd_pr, vulnerability_cvss3_nvd_ui, vulnerability_cvss3_nvd_s, vulnerability_cvss3_nvd_c, vulnerability_cvss3_nvd_i, vulnerability_cvss3_nvd_a, source_cve_assigned, source_cve_nvd_summaryNot DefinedNot Defined1.50CVE-2015-9470
09/30/20203.63.6content-grabber Plugin cross site scripting(18): software_type, vulnerability_cwe, vulnerability_cvss2_nvd_av, vulnerability_cvss2_nvd_ac, vulnerability_cvss2_nvd_au, vulnerability_cvss2_nvd_ci, vulnerability_cvss2_nvd_ii, vulnerability_cvss2_nvd_ai, vulnerability_cvss3_nvd_av, vulnerability_cvss3_nvd_ac, vulnerability_cvss3_nvd_pr, vulnerability_cvss3_nvd_ui, vulnerability_cvss3_nvd_s, vulnerability_cvss3_nvd_c, vulnerability_cvss3_nvd_i, vulnerability_cvss3_nvd_a, source_cve_assigned, source_cve_nvd_summaryNot DefinedNot Defined0.09CVE-2015-9469
09/30/20205.25.2broken-link-manager Plugin delURL cross site scripting(18): software_type, vulnerability_cwe, vulnerability_cvss2_nvd_av, vulnerability_cvss2_nvd_ac, vulnerability_cvss2_nvd_au, vulnerability_cvss2_nvd_ci, vulnerability_cvss2_nvd_ii, vulnerability_cvss2_nvd_ai, vulnerability_cvss3_nvd_av, vulnerability_cvss3_nvd_ac, vulnerability_cvss3_nvd_pr, vulnerability_cvss3_nvd_ui, vulnerability_cvss3_nvd_s, vulnerability_cvss3_nvd_c, vulnerability_cvss3_nvd_i, vulnerability_cvss3_nvd_a, source_cve_assigned, source_cve_nvd_summaryNot DefinedNot Defined0.24CVE-2015-9468
09/30/20208.58.2broken-link-manager Plugin wpslEditURL sql injection(18): software_type, vulnerability_cwe, vulnerability_cvss2_nvd_av, vulnerability_cvss2_nvd_ac, vulnerability_cvss2_nvd_au, vulnerability_cvss2_nvd_ci, vulnerability_cvss2_nvd_ii, vulnerability_cvss2_nvd_ai, vulnerability_cvss3_nvd_av, vulnerability_cvss3_nvd_ac, vulnerability_cvss3_nvd_pr, vulnerability_cvss3_nvd_ui, vulnerability_cvss3_nvd_s, vulnerability_cvss3_nvd_c, vulnerability_cvss3_nvd_i, vulnerability_cvss3_nvd_a, source_cve_assigned, source_cve_nvd_summaryNot DefinedOfficial Fix0.18CVE-2015-9467
09/30/20208.58.2wti-like-post Plugin WtiLikePostProcessVote sql injection(18): software_type, vulnerability_cwe, vulnerability_cvss2_nvd_av, vulnerability_cvss2_nvd_ac, vulnerability_cvss2_nvd_au, vulnerability_cvss2_nvd_ci, vulnerability_cvss2_nvd_ii, vulnerability_cvss2_nvd_ai, vulnerability_cvss3_nvd_av, vulnerability_cvss3_nvd_ac, vulnerability_cvss3_nvd_pr, vulnerability_cvss3_nvd_ui, vulnerability_cvss3_nvd_s, vulnerability_cvss3_nvd_c, vulnerability_cvss3_nvd_i, vulnerability_cvss3_nvd_a, source_cve_assigned, source_cve_nvd_summaryNot DefinedOfficial Fix0.35CVE-2015-9466
09/30/20207.57.2yet-another-stars-rating Plugin yasr_get_multi_set_values_and_field sql injection(18): software_type, vulnerability_cwe, vulnerability_cvss2_nvd_av, vulnerability_cvss2_nvd_ac, vulnerability_cvss2_nvd_au, vulnerability_cvss2_nvd_ci, vulnerability_cvss2_nvd_ii, vulnerability_cvss2_nvd_ai, vulnerability_cvss3_nvd_av, vulnerability_cvss3_nvd_ac, vulnerability_cvss3_nvd_pr, vulnerability_cvss3_nvd_ui, vulnerability_cvss3_nvd_s, vulnerability_cvss3_nvd_c, vulnerability_cvss3_nvd_i, vulnerability_cvss3_nvd_a, source_cve_assigned, source_cve_nvd_summaryNot DefinedOfficial Fix1.62CVE-2015-9465
09/30/20207.46.7s3bubble-amazon-s3-html-5-video-with-adverts Plugin downloader.php path traversal(18): vulnerability_cwe, vulnerability_cvss2_nvd_av, vulnerability_cvss2_nvd_ac, vulnerability_cvss2_nvd_au, vulnerability_cvss2_nvd_ci, vulnerability_cvss2_nvd_ii, vulnerability_cvss2_nvd_ai, vulnerability_cvss3_nvd_av, vulnerability_cvss3_nvd_ac, vulnerability_cvss3_nvd_pr, vulnerability_cvss3_nvd_ui, vulnerability_cvss3_nvd_s, vulnerability_cvss3_nvd_c, vulnerability_cvss3_nvd_i, vulnerability_cvss3_nvd_a, source_cve_assigned, source_cve_nvd_summary, source_exploitdb_dateProof-of-ConceptNot Defined0.06CVE-2015-9464
09/30/20207.47.4s3bubble-amazon-s3-audio-streaming Plugin downloader.php path traversal(18): software_type, vulnerability_cwe, vulnerability_cvss2_nvd_av, vulnerability_cvss2_nvd_ac, vulnerability_cvss2_nvd_au, vulnerability_cvss2_nvd_ci, vulnerability_cvss2_nvd_ii, vulnerability_cvss2_nvd_ai, vulnerability_cvss3_nvd_av, vulnerability_cvss3_nvd_ac, vulnerability_cvss3_nvd_pr, vulnerability_cvss3_nvd_ui, vulnerability_cvss3_nvd_s, vulnerability_cvss3_nvd_c, vulnerability_cvss3_nvd_i, vulnerability_cvss3_nvd_a, source_cve_assigned, source_cve_nvd_summaryNot DefinedNot Defined0.06CVE-2015-9463
09/30/20205.95.7Portfolio Plugin afp_get_new_category_page sql injection(18): software_type, vulnerability_cwe, vulnerability_cvss2_nvd_av, vulnerability_cvss2_nvd_ac, vulnerability_cvss2_nvd_au, vulnerability_cvss2_nvd_ci, vulnerability_cvss2_nvd_ii, vulnerability_cvss2_nvd_ai, vulnerability_cvss3_nvd_av, vulnerability_cvss3_nvd_ac, vulnerability_cvss3_nvd_pr, vulnerability_cvss3_nvd_ui, vulnerability_cvss3_nvd_s, vulnerability_cvss3_nvd_c, vulnerability_cvss3_nvd_i, vulnerability_cvss3_nvd_a, source_cve_assigned, source_cve_nvd_summaryNot DefinedOfficial Fix1.00CVE-2015-9462
09/30/20205.95.7Portfolio Plugin afp_get_new_portfolio_item_page sql injection(18): software_type, vulnerability_cwe, vulnerability_cvss2_nvd_av, vulnerability_cvss2_nvd_ac, vulnerability_cvss2_nvd_au, vulnerability_cvss2_nvd_ci, vulnerability_cvss2_nvd_ii, vulnerability_cvss2_nvd_ai, vulnerability_cvss3_nvd_av, vulnerability_cvss3_nvd_ac, vulnerability_cvss3_nvd_pr, vulnerability_cvss3_nvd_ui, vulnerability_cvss3_nvd_s, vulnerability_cvss3_nvd_c, vulnerability_cvss3_nvd_i, vulnerability_cvss3_nvd_a, source_cve_assigned, source_cve_nvd_summaryNot DefinedOfficial Fix0.00CVE-2015-9461
09/30/20207.57.2booking-system Plugin display sql injection(18): software_type, vulnerability_cwe, vulnerability_cvss2_nvd_av, vulnerability_cvss2_nvd_ac, vulnerability_cvss2_nvd_au, vulnerability_cvss2_nvd_ci, vulnerability_cvss2_nvd_ii, vulnerability_cvss2_nvd_ai, vulnerability_cvss3_nvd_av, vulnerability_cvss3_nvd_ac, vulnerability_cvss3_nvd_pr, vulnerability_cvss3_nvd_ui, vulnerability_cvss3_nvd_s, vulnerability_cvss3_nvd_c, vulnerability_cvss3_nvd_i, vulnerability_cvss3_nvd_a, source_cve_assigned, source_cve_nvd_summaryNot DefinedOfficial Fix1.42CVE-2015-9460
09/30/20205.25.2searchterms-tagging-2 Plugin options-general.php cross site scripting(18): software_type, vulnerability_cwe, vulnerability_cvss2_nvd_av, vulnerability_cvss2_nvd_ac, vulnerability_cvss2_nvd_au, vulnerability_cvss2_nvd_ci, vulnerability_cvss2_nvd_ii, vulnerability_cvss2_nvd_ai, vulnerability_cvss3_nvd_av, vulnerability_cvss3_nvd_ac, vulnerability_cvss3_nvd_pr, vulnerability_cvss3_nvd_ui, vulnerability_cvss3_nvd_s, vulnerability_cvss3_nvd_c, vulnerability_cvss3_nvd_i, vulnerability_cvss3_nvd_a, source_cve_assigned, source_cve_nvd_summaryNot DefinedNot Defined0.05CVE-2015-9459
09/30/20205.75.7searchterms-tagging-2 Plugin pk_stt2_db_get_popular_terms sql injection(18): software_type, vulnerability_cwe, vulnerability_cvss2_nvd_av, vulnerability_cvss2_nvd_ac, vulnerability_cvss2_nvd_au, vulnerability_cvss2_nvd_ci, vulnerability_cvss2_nvd_ii, vulnerability_cvss2_nvd_ai, vulnerability_cvss3_nvd_av, vulnerability_cvss3_nvd_ac, vulnerability_cvss3_nvd_pr, vulnerability_cvss3_nvd_ui, vulnerability_cvss3_nvd_s, vulnerability_cvss3_nvd_c, vulnerability_cvss3_nvd_i, vulnerability_cvss3_nvd_a, source_cve_assigned, source_cve_nvd_summaryNot DefinedNot Defined1.56CVE-2015-9458
09/30/20205.95.7pretty-link Plugin list_links sql injection(18): software_type, vulnerability_cwe, vulnerability_cvss2_nvd_av, vulnerability_cvss2_nvd_ac, vulnerability_cvss2_nvd_au, vulnerability_cvss2_nvd_ci, vulnerability_cvss2_nvd_ii, vulnerability_cvss2_nvd_ai, vulnerability_cvss3_nvd_av, vulnerability_cvss3_nvd_ac, vulnerability_cvss3_nvd_pr, vulnerability_cvss3_nvd_ui, vulnerability_cvss3_nvd_s, vulnerability_cvss3_nvd_c, vulnerability_cvss3_nvd_i, vulnerability_cvss3_nvd_a, source_cve_assigned, source_cve_nvd_summaryNot DefinedOfficial Fix1.51CVE-2015-9457
09/30/20205.45.1OpenEXR ImfFastHuf.cpp refill numeric error(5): vulnerability_discoverydate, advisory_confirm_url, countermeasure_name, countermeasure_date, source_osvdb_titleNot DefinedOfficial Fix0.90CVE-2017-9114
09/30/20207.57.2OpenEXR ImfInputFile.cpp bufferedReadPixels numeric error(5): vulnerability_discoverydate, advisory_confirm_url, countermeasure_name, countermeasure_date, source_osvdb_titleNot DefinedOfficial Fix0.97CVE-2017-9113
09/30/20205.45.1OpenEXR ImfHuf.cpp getBits numeric error(5): vulnerability_discoverydate, advisory_confirm_url, countermeasure_name, countermeasure_date, source_osvdb_titleNot DefinedOfficial Fix0.00CVE-2017-9112
09/30/20207.57.2OpenEXR ImfOptimizedPixelReading.h storeSSE numeric error(5): vulnerability_discoverydate, advisory_confirm_url, countermeasure_name, countermeasure_date, source_osvdb_titleNot DefinedOfficial Fix0.00CVE-2017-9111
09/30/20205.45.1OpenEXR ImfHuf.cpp hufDecode numeric error(5): vulnerability_discoverydate, advisory_confirm_url, countermeasure_name, countermeasure_date, source_osvdb_titleNot DefinedOfficial Fix0.00CVE-2017-9110

Do you need the next level of professionalism?

Upgrade your account now!