Updates 02/23/2021

Timeline

The analysis of the timeline helps to identify the required approach and handling of single vulnerabilities and vulnerability collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Initiating immediate vulnerability response and prioritizing of issues is possible.

Type »

The moderation team is working with the threat intelligence team to categorize software that is affected by security vulnerabilities. This helps to illustrate the assignment of these categories to determine the most affected software types.

Product »

Grouping vulnerabilities by products helps to get an overview. This makes it possible to determine an homogeneous landscape or the most important hotspots in heterogeneous landscapes.

Remediation »

Vendors and researchers are eager to find countermeasures to mitigate security vulnerabilities. These can be distinguished between multiple forms and levels of remediation which influence risks differently.

Exploitability »

Researcher and attacker which are looking for security vulnerabilities try to exploit them for academic purposes or personal gain. The level and quality of exploitability can be distinguished to determine simplicity and strength of attacks.

CVSSv3 Base »

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp »

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

Exploit 0-day »

The moderation team is working with the threat intelligence team to determine prices for exploits. Our unique algorithm is used to identify the 0-day prices for an exploit, before it got distributed or became public. Calculated prices are aligned to prices disclosed by vulnerability broker and compared to prices we see on exploit markets.

Exploit Today »

The 0-day prices do not consider time-relevant factors. The today price does reflect price impacts like disclosure of vulnerability details, alternative exploits, availability of countermeasures. These dynamic aspects might decrease the exploit prices over time. Under certain circumstances this happens very fast.

UpdatedBaseTempVulnerabilityChangeExpRemCTICVE
09:11 AM3.73.7Eclipse Californium Certificate state issue(3): source_cve_assigned, source_cve_nvd_summary, advisory_confirm_urlNot DefinedNot Defined0.03CVE-2020-27222
09:09 AM3.53.4JetBrains YouTrack REST API information disclosure(5): source_cve_assigned, source_cve_nvd_summary, vulnerability_cvss2_vuldb_tempscore, vulnerability_cvss3_vuldb_tempscore, vulnerability_cvss3_meta_tempscoreNot DefinedOfficial Fix0.05CVE-2020-25208
09:07 AM7.37.0QNAP QTS Helpdesk access control(6): source_cve_assigned, source_cve_nvd_summary, advisory_confirm_url, vulnerability_cvss2_vuldb_tempscore, vulnerability_cvss3_vuldb_tempscore, vulnerability_cvss3_meta_tempscoreNot DefinedOfficial Fix0.06CVE-2020-2507
09:04 AM9.89.4QNAP QTS Helpdesk os command injection(6): source_cve_assigned, source_cve_nvd_summary, advisory_confirm_url, vulnerability_cvss2_vuldb_tempscore, vulnerability_cvss3_vuldb_tempscore, vulnerability_cvss3_meta_tempscoreNot DefinedOfficial Fix0.06CVE-2020-2506
08:58 AM5.55.3Apple macOS WebRTC redirect(4): source_cve_assigned, vulnerability_cvss2_vuldb_tempscore, vulnerability_cvss3_vuldb_tempscore, vulnerability_cvss3_meta_tempscoreNot DefinedOfficial Fix0.00CVE-2021-1799
08:55 AM6.35.9Apple macOS WebKit Remote Code Execution(1): source_cve_assignedFunctionalOfficial Fix0.00CVE-2021-1870
08:49 AM6.35.9Apple macOS WebKit Remote Code Execution(1): source_cve_assignedFunctionalOfficial Fix0.05CVE-2021-1871
08:47 AM6.36.0Apple macOS WebKit type confusion(4): source_cve_assigned, vulnerability_cvss2_vuldb_tempscore, vulnerability_cvss3_vuldb_tempscore, vulnerability_cvss3_meta_tempscoreNot DefinedOfficial Fix0.00CVE-2021-1789
08:41 AM6.36.0Apple macOS WebKit access control(4): source_cve_assigned, vulnerability_cvss2_vuldb_tempscore, vulnerability_cvss3_vuldb_tempscore, vulnerability_cvss3_meta_tempscoreNot DefinedOfficial Fix0.27CVE-2021-1801
08:35 AM6.36.0Apple macOS WebKit access control(4): source_cve_assigned, vulnerability_cvss2_vuldb_tempscore, vulnerability_cvss3_vuldb_tempscore, vulnerability_cvss3_meta_tempscoreNot DefinedOfficial Fix0.21CVE-2021-1765
08:31 AM6.36.0Apple macOS WebKit use after free(4): source_cve_assigned, vulnerability_cvss2_vuldb_tempscore, vulnerability_cvss3_vuldb_tempscore, vulnerability_cvss3_meta_tempscoreNot DefinedOfficial Fix0.32CVE-2021-1788
08:25 AM5.55.3Apple macOS Swift memory corruption(4): source_cve_assigned, vulnerability_cvss2_vuldb_tempscore, vulnerability_cvss3_vuldb_tempscore, vulnerability_cvss3_meta_tempscoreNot DefinedOfficial Fix0.32CVE-2021-1769
08:20 AM5.55.5Apple macOS SQLite sql injection(3): source_cve_assigned, source_cve_nvd_summary, advisory_confirm_urlNot DefinedOfficial Fix0.16CVE-2020-15358
08:16 AM5.55.5Apple macOS Screen Sharing unknown vulnerability(3): source_cve_assigned, source_cve_nvd_summary, advisory_confirm_urlNot DefinedOfficial Fix0.11CVE-2020-14155
08:13 AM5.55.5Apple macOS Screen Sharing unknown vulnerability(3): source_cve_assigned, source_cve_nvd_summary, advisory_confirm_urlNot DefinedOfficial Fix0.43CVE-2019-20838
08:10 AM5.35.1Apple macOS Power Management state issue(4): source_cve_assigned, vulnerability_cvss2_vuldb_tempscore, vulnerability_cvss3_vuldb_tempscore, vulnerability_cvss3_meta_tempscoreNot DefinedOfficial Fix0.38CVE-2020-27938
08:07 AM4.34.1Apple macOS OpenLDAP denial of service(4): source_cve_assigned, vulnerability_cvss2_vuldb_tempscore, vulnerability_cvss3_vuldb_tempscore, vulnerability_cvss3_meta_tempscoreNot DefinedOfficial Fix0.27CVE-2020-25709
08:05 AM6.36.0Apple macOS NetFSFramework state issue(4): source_cve_assigned, vulnerability_cvss2_vuldb_tempscore, vulnerability_cvss3_vuldb_tempscore, vulnerability_cvss3_meta_tempscoreNot DefinedOfficial Fix0.33CVE-2021-1751
07:59 AM6.36.0Apple macOS Model IO out-of-bounds read(4): source_cve_assigned, vulnerability_cvss2_vuldb_tempscore, vulnerability_cvss3_vuldb_tempscore, vulnerability_cvss3_meta_tempscoreNot DefinedOfficial Fix0.22CVE-2021-1768
07:56 AM6.36.0Apple macOS Model I/O out-of-bounds read(4): source_cve_assigned, vulnerability_cvss2_vuldb_tempscore, vulnerability_cvss3_vuldb_tempscore, vulnerability_cvss3_meta_tempscoreNot DefinedOfficial Fix0.33CVE-2021-1753
07:52 AM6.36.0Apple macOS Model IO out-of-bounds read(4): source_cve_assigned, vulnerability_cvss2_vuldb_tempscore, vulnerability_cvss3_vuldb_tempscore, vulnerability_cvss3_meta_tempscoreNot DefinedOfficial Fix0.27CVE-2021-1745
07:46 AM6.36.0Apple macOS Model IO heap-based overflow(1): source_cve_assignedNot DefinedOfficial Fix0.27CVE-2021-1767
07:39 AM6.36.0Apple macOS Model IO buffer overflow(4): source_cve_assigned, vulnerability_cvss2_vuldb_tempscore, vulnerability_cvss3_vuldb_tempscore, vulnerability_cvss3_meta_tempscoreNot DefinedOfficial Fix0.32CVE-2021-1763
07:33 AM6.36.0Apple macOS Model IO Remote Code Execution(4): source_cve_assigned, vulnerability_cvss2_vuldb_tempscore, vulnerability_cvss3_vuldb_tempscore, vulnerability_cvss3_meta_tempscoreNot DefinedOfficial Fix0.32CVE-2020-29614
07:31 AM6.36.0Apple macOS Model IO out-of-bounds write(4): source_cve_assigned, vulnerability_cvss2_vuldb_tempscore, vulnerability_cvss3_vuldb_tempscore, vulnerability_cvss3_meta_tempscoreNot DefinedOfficial Fix0.49CVE-2021-1762
07:25 AM5.65.4Apple macOS Messages access control(4): source_cve_assigned, vulnerability_cvss2_vuldb_tempscore, vulnerability_cvss3_vuldb_tempscore, vulnerability_cvss3_meta_tempscoreNot DefinedOfficial Fix0.38CVE-2021-1771
07:18 AM5.04.8Apple macOS Login Window improper authentication(4): source_cve_assigned, vulnerability_cvss2_vuldb_tempscore, vulnerability_cvss3_vuldb_tempscore, vulnerability_cvss3_meta_tempscoreNot DefinedOfficial Fix0.38CVE-2020-29633
07:12 AM7.87.5Apple macOS Kernel behavioral workflow(4): source_cve_assigned, vulnerability_cvss2_vuldb_tempscore, vulnerability_cvss3_vuldb_tempscore, vulnerability_cvss3_meta_tempscoreNot DefinedOfficial Fix0.38CVE-2021-1750
07:09 AM4.54.3Apple macOS Kernel race condition(4): source_cve_assigned, vulnerability_cvss2_vuldb_tempscore, vulnerability_cvss3_vuldb_tempscore, vulnerability_cvss3_meta_tempscoreNot DefinedOfficial Fix0.38CVE-2021-1782
07:07 AM4.34.1Apple macOS Kernel use after free(4): source_cve_assigned, vulnerability_cvss2_vuldb_tempscore, vulnerability_cvss3_vuldb_tempscore, vulnerability_cvss3_meta_tempscoreNot DefinedOfficial Fix0.38CVE-2021-1764
07:00 AM7.87.5Apple macOS Kernel memory corruption(6): source_cve_assigned, source_cve_nvd_summary, advisory_confirm_url, vulnerability_cvss2_vuldb_tempscore, vulnerability_cvss3_vuldb_tempscore, vulnerability_cvss3_meta_tempscoreNot DefinedOfficial Fix0.38CVE-2020-27904
06:54 AM5.35.1Apple macOS IOSkywalkFamily out-of-bounds read(4): source_cve_assigned, vulnerability_cvss2_vuldb_tempscore, vulnerability_cvss3_vuldb_tempscore, vulnerability_cvss3_meta_tempscoreNot DefinedOfficial Fix0.49CVE-2021-1757
06:50 AM7.87.5Apple macOS IOKit state issue(4): source_cve_assigned, vulnerability_cvss2_vuldb_tempscore, vulnerability_cvss3_vuldb_tempscore, vulnerability_cvss3_meta_tempscoreNot DefinedOfficial Fix0.27CVE-2021-1779
06:44 AM6.36.0Apple macOS ImageIO out-of-bounds write(4): source_cve_assigned, vulnerability_cvss2_vuldb_tempscore, vulnerability_cvss3_vuldb_tempscore, vulnerability_cvss3_meta_tempscoreNot DefinedOfficial Fix0.43CVE-2021-1744
06:40 AM6.36.0Apple macOS ImageIO out-of-bounds write(4): source_cve_assigned, vulnerability_cvss2_vuldb_tempscore, vulnerability_cvss3_vuldb_tempscore, vulnerability_cvss3_meta_tempscoreNot DefinedOfficial Fix0.49CVE-2021-1738
06:35 AM6.36.0Apple macOS ImageIO out-of-bounds write(4): source_cve_assigned, vulnerability_cvss2_vuldb_tempscore, vulnerability_cvss3_vuldb_tempscore, vulnerability_cvss3_meta_tempscoreNot DefinedOfficial Fix0.60CVE-2021-1737

Do you want to use VulDB in your project?

Use the official API to access entries easily!