Updates September 2022

Timeline

The analysis of the timeline helps to identify the required approach and handling of single vulnerabilities and vulnerability collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Initiating immediate vulnerability response and prioritizing of issues is possible.

Type

The moderation team is working with the threat intelligence team to categorize software that is affected by security vulnerabilities. This helps to illustrate the assignment of these categories to determine the most affected software types.

Product

Google Android360
Microsoft Windows209
Mozilla Firefox149
Apple iOS119
Adobe Acrobat Reader106

Grouping vulnerabilities by products helps to get an overview. This makes it possible to determine an homogeneous landscape or the most important hotspots in heterogeneous landscapes.

Remediation

Official Fix3445
Temporary Fix0
Workaround87
Unavailable11
Not Defined541

Vendors and researchers are eager to find countermeasures to mitigate security vulnerabilities. These can be distinguished between multiple forms and levels of remediation which influence risks differently.

Exploitability

High47
Functional4
Proof-of-Concept377
Unproven129
Not Defined3527

Researcher and attacker which are looking for security vulnerabilities try to exploit them for academic purposes or personal gain. The level and quality of exploitability can be distinguished to determine simplicity and strength of attacks.

CVSSv3 Base

≤10
≤21
≤317
≤4153
≤5421
≤6723
≤7772
≤81097
≤9473
≤10427

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp

≤10
≤22
≤344
≤4136
≤5445
≤6944
≤7659
≤81094
≤9371
≤10389

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

Exploit 0-day

<1k319
<2k336
<5k648
<10k474
<25k944
<50k652
<100k584
≥100k127

The moderation team is working with the threat intelligence team to determine prices for exploits. Our unique algorithm is used to identify the 0-day prices for an exploit, before it got distributed or became public. Calculated prices are aligned to prices disclosed by vulnerability broker and compared to prices we see on exploit markets.

Exploit Today

<1k2276
<2k252
<5k523
<10k408
<25k591
<50k33
<100k1
≥100k0

The 0-day prices do not consider time-relevant factors. The today price does reflect price impacts like disclosure of vulnerability details, alternative exploits, availability of countermeasures. These dynamic aspects might decrease the exploit prices over time. Under certain circumstances this happens very fast.

UpdatedBaseTempVulnerabilityChangeExpRemCTICVE
09/30/20225.55.4Google Android AOSP Launcher access control(3): vulnerability_cvss2_nvd_basescore, vulnerability_cvss3_meta_tempscore, source_cve_nvd_summaryNot DefinedOfficial Fix0.01CVE-2016-6716
09/30/20225.55.4Google Android Mediaserver access control(4): vulnerability_cvss2_nvd_basescore, vulnerability_cvss3_meta_tempscore, exploit_price_0day, source_cve_nvd_summaryNot DefinedOfficial Fix0.00CVE-2016-6714
09/30/20225.55.4Google Android Mediaserver access control(4): vulnerability_cvss2_nvd_basescore, vulnerability_cvss3_meta_tempscore, exploit_price_0day, source_cve_nvd_summaryNot DefinedOfficial Fix0.06CVE-2016-6713
09/30/20225.55.4Google Android Mediaserver input validation(4): vulnerability_cvss2_nvd_basescore, vulnerability_cvss3_meta_tempscore, exploit_price_0day, source_cve_nvd_summaryNot DefinedOfficial Fix0.13CVE-2016-6712
09/30/20225.55.4Google Android Mediaserver input validation(4): vulnerability_cvss2_nvd_basescore, vulnerability_cvss3_meta_tempscore, exploit_price_0day, source_cve_nvd_summaryNot DefinedOfficial Fix0.09CVE-2016-6711
09/30/20225.35.1Google Android OpenJDK denial of service(4): vulnerability_cvss2_nvd_basescore, exploit_price_0day, source_cve_nvd_summary, source_sectrackerNot DefinedOfficial Fix0.16CVE-2015-0410
09/30/20224.94.8Google Android Bluetooth denial of service(18): vulnerability_cvss2_nvd_basescore, vulnerability_cvss2_nvd_av, vulnerability_cvss2_nvd_ac, vulnerability_cvss2_nvd_au, vulnerability_cvss2_nvd_ci, vulnerability_cvss2_nvd_ii, vulnerability_cvss2_nvd_ai, vulnerability_cvss3_meta_basescore, vulnerability_cvss3_meta_tempscore, vulnerability_cvss3_nvd_basescore, vulnerability_cvss3_nvd_av, vulnerability_cvss3_nvd_ac, vulnerability_cvss3_nvd_pr, vulnerability_cvss3_nvd_ui, vulnerability_cvss3_nvd_s, vulnerability_cvss3_nvd_c, vulnerability_cvss3_nvd_i, vulnerability_cvss3_nvd_aNot DefinedOfficial Fix0.50CVE-2014-9908
09/30/20225.55.4Google Android Download Manager information disclosure(3): vulnerability_cvss2_nvd_basescore, vulnerability_cvss3_meta_tempscore, source_cve_nvd_summaryNot DefinedOfficial Fix0.41CVE-2016-6710
09/30/20225.95.8Google Android Conscrypt information disclosure(3): vulnerability_cvss2_nvd_basescore, vulnerability_cvss3_meta_tempscore, source_cve_nvd_summaryNot DefinedOfficial Fix0.44CVE-2016-6709
09/30/20225.55.4Google Android System UI access control(3): vulnerability_cvss2_nvd_basescore, vulnerability_cvss3_meta_tempscore, source_cve_nvd_summaryNot DefinedOfficial Fix0.54CVE-2016-6708
09/30/20227.57.2Google Android System Server access control(3): vulnerability_cvss2_nvd_basescore, vulnerability_cvss3_meta_tempscore, source_cve_nvd_summaryProof-of-ConceptOfficial Fix0.48CVE-2016-6707
09/30/20227.87.6Google Android Mediaserver access control(3): vulnerability_cvss2_nvd_basescore, vulnerability_cvss3_meta_tempscore, source_cve_nvd_summaryNot DefinedOfficial Fix0.44CVE-2016-6706
09/30/20227.87.6Google Android Mediaserver access control(3): vulnerability_cvss2_nvd_basescore, vulnerability_cvss3_meta_tempscore, source_cve_nvd_summaryNot DefinedOfficial Fix0.44CVE-2016-6705
09/30/20227.87.6Google Android Mediaserver access control(3): vulnerability_cvss2_nvd_basescore, vulnerability_cvss3_meta_tempscore, source_cve_nvd_summaryNot DefinedOfficial Fix0.50CVE-2016-6704
09/30/20227.87.6Google Android Android Runtime access control(4): vulnerability_cvss2_nvd_basescore, vulnerability_cvss3_meta_tempscore, exploit_price_0day, source_cve_nvd_summaryNot DefinedOfficial Fix0.45CVE-2016-6703
09/30/20226.36.0Mozilla Thunderbird memory corruption(17): software_type, vulnerability_cvss2_vuldb_basescore, vulnerability_cvss2_vuldb_tempscore, vulnerability_cvss2_vuldb_av, vulnerability_cvss2_vuldb_ac, vulnerability_cvss2_vuldb_au, vulnerability_cvss2_vuldb_ci, vulnerability_cvss2_vuldb_ii, vulnerability_cvss2_vuldb_ai, vulnerability_cvss2_vuldb_e, vulnerability_cvss2_vuldb_rl, vulnerability_cvss3_meta_basescore, vulnerability_cvss3_meta_tempscore, vulnerability_cvss3_vuldb_basescore, vulnerability_cvss3_vuldb_tempscore, vulnerability_cvss3_vuldb_e, exploit_price_0dayNot DefinedOfficial Fix1.32+CVE-2022-2505
09/30/20226.36.0Mozilla Thunderbird Shortcut link following(17): software_type, vulnerability_cvss2_vuldb_basescore, vulnerability_cvss2_vuldb_tempscore, vulnerability_cvss2_vuldb_av, vulnerability_cvss2_vuldb_ac, vulnerability_cvss2_vuldb_au, vulnerability_cvss2_vuldb_ci, vulnerability_cvss2_vuldb_ii, vulnerability_cvss2_vuldb_ai, vulnerability_cvss2_vuldb_e, vulnerability_cvss2_vuldb_rl, vulnerability_cvss3_meta_basescore, vulnerability_cvss3_meta_tempscore, vulnerability_cvss3_vuldb_basescore, vulnerability_cvss3_vuldb_tempscore, vulnerability_cvss3_vuldb_e, exploit_price_0dayNot DefinedOfficial Fix1.35+CVE-2022-36314
09/30/20222.82.7Mozilla Firefox chrome URL cross site scripting(9): vulnerability_cvss2_vuldb_basescore, vulnerability_cvss2_vuldb_tempscore, vulnerability_cvss2_vuldb_av, vulnerability_cvss2_vuldb_au, vulnerability_cvss3_meta_basescore, vulnerability_cvss3_meta_tempscore, vulnerability_cvss3_vuldb_basescore, vulnerability_cvss3_vuldb_tempscore, exploit_price_0dayNot DefinedOfficial Fix1.23+CVE-2022-36318
09/30/20222.82.7Mozilla Thunderbird chrome URL cross site scripting(29): software_component, software_type, vulnerability_cwe, vulnerability_cvss2_vuldb_basescore, vulnerability_cvss2_vuldb_tempscore, vulnerability_cvss2_vuldb_av, vulnerability_cvss2_vuldb_ac, vulnerability_cvss2_vuldb_au, vulnerability_cvss2_vuldb_ci, vulnerability_cvss2_vuldb_ii, vulnerability_cvss2_vuldb_ai, vulnerability_cvss2_vuldb_e, vulnerability_cvss2_vuldb_rl, vulnerability_cvss3_meta_basescore, vulnerability_cvss3_meta_tempscore, vulnerability_cvss3_vuldb_basescore, vulnerability_cvss3_vuldb_tempscore, vulnerability_cvss3_vuldb_av, vulnerability_cvss3_vuldb_ac, vulnerability_cvss3_vuldb_pr, vulnerability_cvss3_vuldb_ui, vulnerability_cvss3_vuldb_s, vulnerability_cvss3_vuldb_c, vulnerability_cvss3_vuldb_i, vulnerability_cvss3_vuldb_a, vulnerability_cvss3_vuldb_e, vulnerability_cvss3_vuldb_rl, vulnerability_cvss3_vuldb_rc, exploit_price_0dayNot DefinedOfficial Fix1.20+CVE-2022-36318
09/30/20226.36.0Mozilla Thunderbird CSS access control(17): software_type, vulnerability_cvss2_vuldb_basescore, vulnerability_cvss2_vuldb_tempscore, vulnerability_cvss2_vuldb_av, vulnerability_cvss2_vuldb_ac, vulnerability_cvss2_vuldb_au, vulnerability_cvss2_vuldb_ci, vulnerability_cvss2_vuldb_ii, vulnerability_cvss2_vuldb_ai, vulnerability_cvss2_vuldb_e, vulnerability_cvss2_vuldb_rl, vulnerability_cvss3_meta_basescore, vulnerability_cvss3_meta_tempscore, vulnerability_cvss3_vuldb_basescore, vulnerability_cvss3_vuldb_tempscore, vulnerability_cvss3_vuldb_e, exploit_price_0dayNot DefinedOfficial Fix1.16+CVE-2022-36319
09/30/20226.36.0Mozilla Firefox memory corruption(27): software_type, vulnerability_cvss2_vuldb_basescore, vulnerability_cvss2_vuldb_tempscore, vulnerability_cvss2_vuldb_av, vulnerability_cvss2_vuldb_ac, vulnerability_cvss2_vuldb_au, vulnerability_cvss2_vuldb_ci, vulnerability_cvss2_vuldb_ii, vulnerability_cvss2_vuldb_ai, vulnerability_cvss2_vuldb_e, vulnerability_cvss2_vuldb_rl, vulnerability_cvss3_meta_basescore, vulnerability_cvss3_meta_tempscore, vulnerability_cvss3_vuldb_basescore, vulnerability_cvss3_vuldb_tempscore, vulnerability_cvss3_vuldb_av, vulnerability_cvss3_vuldb_ac, vulnerability_cvss3_vuldb_pr, vulnerability_cvss3_vuldb_ui, vulnerability_cvss3_vuldb_s, vulnerability_cvss3_vuldb_c, vulnerability_cvss3_vuldb_i, vulnerability_cvss3_vuldb_a, vulnerability_cvss3_vuldb_e, vulnerability_cvss3_vuldb_rl, vulnerability_cvss3_vuldb_rc, exploit_price_0dayNot DefinedOfficial Fix1.26+CVE-2022-2505
09/30/20226.36.0Mozilla Firefox memory corruption(17): software_type, vulnerability_cvss2_vuldb_basescore, vulnerability_cvss2_vuldb_tempscore, vulnerability_cvss2_vuldb_av, vulnerability_cvss2_vuldb_ac, vulnerability_cvss2_vuldb_au, vulnerability_cvss2_vuldb_ci, vulnerability_cvss2_vuldb_ii, vulnerability_cvss2_vuldb_ai, vulnerability_cvss2_vuldb_e, vulnerability_cvss2_vuldb_rl, vulnerability_cvss3_meta_basescore, vulnerability_cvss3_meta_tempscore, vulnerability_cvss3_vuldb_basescore, vulnerability_cvss3_vuldb_tempscore, vulnerability_cvss3_vuldb_e, exploit_price_0dayNot DefinedOfficial Fix1.17+CVE-2022-36320
09/30/20224.34.1Mozilla Firefox Performance API information disclosure(17): software_type, vulnerability_cvss2_vuldb_basescore, vulnerability_cvss2_vuldb_tempscore, vulnerability_cvss2_vuldb_av, vulnerability_cvss2_vuldb_ac, vulnerability_cvss2_vuldb_au, vulnerability_cvss2_vuldb_ci, vulnerability_cvss2_vuldb_ii, vulnerability_cvss2_vuldb_ai, vulnerability_cvss2_vuldb_e, vulnerability_cvss2_vuldb_rl, vulnerability_cvss3_meta_basescore, vulnerability_cvss3_meta_tempscore, vulnerability_cvss3_vuldb_basescore, vulnerability_cvss3_vuldb_tempscore, vulnerability_cvss3_vuldb_e, exploit_price_0dayNot DefinedOfficial Fix1.29+CVE-2022-36316
09/30/20226.36.0Mozilla Firefox Script injection(28): software_component, software_type, vulnerability_cvss2_vuldb_basescore, vulnerability_cvss2_vuldb_tempscore, vulnerability_cvss2_vuldb_av, vulnerability_cvss2_vuldb_ac, vulnerability_cvss2_vuldb_au, vulnerability_cvss2_vuldb_ci, vulnerability_cvss2_vuldb_ii, vulnerability_cvss2_vuldb_ai, vulnerability_cvss2_vuldb_e, vulnerability_cvss2_vuldb_rl, vulnerability_cvss3_meta_basescore, vulnerability_cvss3_meta_tempscore, vulnerability_cvss3_vuldb_basescore, vulnerability_cvss3_vuldb_tempscore, vulnerability_cvss3_vuldb_av, vulnerability_cvss3_vuldb_ac, vulnerability_cvss3_vuldb_pr, vulnerability_cvss3_vuldb_ui, vulnerability_cvss3_vuldb_s, vulnerability_cvss3_vuldb_c, vulnerability_cvss3_vuldb_i, vulnerability_cvss3_vuldb_a, vulnerability_cvss3_vuldb_e, vulnerability_cvss3_vuldb_rl, vulnerability_cvss3_vuldb_rc, exploit_price_0dayNot DefinedOfficial Fix1.13+CVE-2022-36315
09/30/20226.36.0Mozilla Firefox Shortcut link following(17): software_type, vulnerability_cvss2_vuldb_basescore, vulnerability_cvss2_vuldb_tempscore, vulnerability_cvss2_vuldb_av, vulnerability_cvss2_vuldb_ac, vulnerability_cvss2_vuldb_au, vulnerability_cvss2_vuldb_ci, vulnerability_cvss2_vuldb_ii, vulnerability_cvss2_vuldb_ai, vulnerability_cvss2_vuldb_e, vulnerability_cvss2_vuldb_rl, vulnerability_cvss3_meta_basescore, vulnerability_cvss3_meta_tempscore, vulnerability_cvss3_vuldb_basescore, vulnerability_cvss3_vuldb_tempscore, vulnerability_cvss3_vuldb_e, exploit_price_0dayNot DefinedOfficial Fix1.20+CVE-2022-36314
09/30/20227.87.6Google Android libjpeg access control(4): vulnerability_cvss2_nvd_basescore, vulnerability_cvss3_meta_tempscore, exploit_price_0day, source_cve_nvd_summaryNot DefinedOfficial Fix0.35CVE-2016-6702
09/30/20224.34.1Mozilla Firefox URL denial of service(17): software_type, vulnerability_cvss2_vuldb_basescore, vulnerability_cvss2_vuldb_tempscore, vulnerability_cvss2_vuldb_av, vulnerability_cvss2_vuldb_ac, vulnerability_cvss2_vuldb_au, vulnerability_cvss2_vuldb_ci, vulnerability_cvss2_vuldb_ii, vulnerability_cvss2_vuldb_ai, vulnerability_cvss2_vuldb_e, vulnerability_cvss2_vuldb_rl, vulnerability_cvss3_meta_basescore, vulnerability_cvss3_meta_tempscore, vulnerability_cvss3_vuldb_basescore, vulnerability_cvss3_vuldb_tempscore, vulnerability_cvss3_vuldb_e, exploit_price_0dayNot DefinedOfficial Fix1.14+CVE-2022-36317
09/30/20226.36.0Mozilla Firefox CSS access control(17): software_type, vulnerability_cvss2_vuldb_basescore, vulnerability_cvss2_vuldb_tempscore, vulnerability_cvss2_vuldb_av, vulnerability_cvss2_vuldb_ac, vulnerability_cvss2_vuldb_au, vulnerability_cvss2_vuldb_ci, vulnerability_cvss2_vuldb_ii, vulnerability_cvss2_vuldb_ai, vulnerability_cvss2_vuldb_e, vulnerability_cvss2_vuldb_rl, vulnerability_cvss3_meta_basescore, vulnerability_cvss3_meta_tempscore, vulnerability_cvss3_vuldb_basescore, vulnerability_cvss3_vuldb_tempscore, vulnerability_cvss3_vuldb_e, exploit_price_0dayNot DefinedOfficial Fix1.04+CVE-2022-36319
09/30/20226.36.0Mozilla Thunderbird memory corruption(27): software_type, vulnerability_cvss2_vuldb_basescore, vulnerability_cvss2_vuldb_tempscore, vulnerability_cvss2_vuldb_av, vulnerability_cvss2_vuldb_ac, vulnerability_cvss2_vuldb_au, vulnerability_cvss2_vuldb_ci, vulnerability_cvss2_vuldb_ii, vulnerability_cvss2_vuldb_ai, vulnerability_cvss2_vuldb_e, vulnerability_cvss2_vuldb_rl, vulnerability_cvss3_meta_basescore, vulnerability_cvss3_meta_tempscore, vulnerability_cvss3_vuldb_basescore, vulnerability_cvss3_vuldb_tempscore, vulnerability_cvss3_vuldb_av, vulnerability_cvss3_vuldb_ac, vulnerability_cvss3_vuldb_pr, vulnerability_cvss3_vuldb_ui, vulnerability_cvss3_vuldb_s, vulnerability_cvss3_vuldb_c, vulnerability_cvss3_vuldb_i, vulnerability_cvss3_vuldb_a, vulnerability_cvss3_vuldb_e, vulnerability_cvss3_vuldb_rl, vulnerability_cvss3_vuldb_rc, exploit_price_0dayNot DefinedOfficial Fix1.04+CVE-2022-34484
09/30/20226.36.0Mozilla Thunderbird code injection(17): software_type, vulnerability_cvss2_vuldb_basescore, vulnerability_cvss2_vuldb_tempscore, vulnerability_cvss2_vuldb_av, vulnerability_cvss2_vuldb_ac, vulnerability_cvss2_vuldb_au, vulnerability_cvss2_vuldb_ci, vulnerability_cvss2_vuldb_ii, vulnerability_cvss2_vuldb_ai, vulnerability_cvss2_vuldb_e, vulnerability_cvss2_vuldb_rl, vulnerability_cvss3_meta_basescore, vulnerability_cvss3_meta_tempscore, vulnerability_cvss3_vuldb_basescore, vulnerability_cvss3_vuldb_tempscore, vulnerability_cvss3_vuldb_e, exploit_price_0dayNot DefinedOfficial Fix0.98+CVE-2022-2200
09/30/20226.36.0Mozilla Thunderbird Microsoft Protocol access control(29): software_component, software_type, vulnerability_cwe, vulnerability_cvss2_vuldb_basescore, vulnerability_cvss2_vuldb_tempscore, vulnerability_cvss2_vuldb_av, vulnerability_cvss2_vuldb_ac, vulnerability_cvss2_vuldb_au, vulnerability_cvss2_vuldb_ci, vulnerability_cvss2_vuldb_ii, vulnerability_cvss2_vuldb_ai, vulnerability_cvss2_vuldb_e, vulnerability_cvss2_vuldb_rl, vulnerability_cvss3_meta_basescore, vulnerability_cvss3_meta_tempscore, vulnerability_cvss3_vuldb_basescore, vulnerability_cvss3_vuldb_tempscore, vulnerability_cvss3_vuldb_av, vulnerability_cvss3_vuldb_ac, vulnerability_cvss3_vuldb_pr, vulnerability_cvss3_vuldb_ui, vulnerability_cvss3_vuldb_s, vulnerability_cvss3_vuldb_c, vulnerability_cvss3_vuldb_i, vulnerability_cvss3_vuldb_a, vulnerability_cvss3_vuldb_e, vulnerability_cvss3_vuldb_rl, vulnerability_cvss3_vuldb_rc, exploit_price_0dayNot DefinedOfficial Fix1.07+CVE-2022-34478
09/30/20224.34.1Mozilla Thunderbird PAC File denial of service(17): software_type, vulnerability_cvss2_vuldb_basescore, vulnerability_cvss2_vuldb_tempscore, vulnerability_cvss2_vuldb_av, vulnerability_cvss2_vuldb_ac, vulnerability_cvss2_vuldb_au, vulnerability_cvss2_vuldb_ci, vulnerability_cvss2_vuldb_ii, vulnerability_cvss2_vuldb_ai, vulnerability_cvss2_vuldb_e, vulnerability_cvss2_vuldb_rl, vulnerability_cvss3_meta_basescore, vulnerability_cvss3_meta_tempscore, vulnerability_cvss3_vuldb_basescore, vulnerability_cvss3_vuldb_tempscore, vulnerability_cvss3_vuldb_e, exploit_price_0dayNot DefinedOfficial Fix1.01+CVE-2022-34472
09/30/20226.36.0Mozilla Thunderbird CSS unknown vulnerability(17): software_type, vulnerability_cvss2_vuldb_basescore, vulnerability_cvss2_vuldb_tempscore, vulnerability_cvss2_vuldb_av, vulnerability_cvss2_vuldb_ac, vulnerability_cvss2_vuldb_au, vulnerability_cvss2_vuldb_ci, vulnerability_cvss2_vuldb_ii, vulnerability_cvss2_vuldb_ai, vulnerability_cvss2_vuldb_e, vulnerability_cvss2_vuldb_rl, vulnerability_cvss3_meta_basescore, vulnerability_cvss3_meta_tempscore, vulnerability_cvss3_vuldb_basescore, vulnerability_cvss3_vuldb_tempscore, vulnerability_cvss3_vuldb_e, exploit_price_0dayNot DefinedOfficial Fix1.01+CVE-2022-31744
09/30/20227.87.6Google Android Skia memory corruption(3): vulnerability_cvss2_nvd_basescore, vulnerability_cvss3_meta_tempscore, source_cve_nvd_summaryNot DefinedOfficial Fix0.35CVE-2016-6701
09/30/20226.36.0Mozilla Thunderbird ReplaceElementsAt integer overflow(17): software_type, vulnerability_cvss2_vuldb_basescore, vulnerability_cvss2_vuldb_tempscore, vulnerability_cvss2_vuldb_av, vulnerability_cvss2_vuldb_ac, vulnerability_cvss2_vuldb_au, vulnerability_cvss2_vuldb_ci, vulnerability_cvss2_vuldb_ii, vulnerability_cvss2_vuldb_ai, vulnerability_cvss2_vuldb_e, vulnerability_cvss2_vuldb_rl, vulnerability_cvss3_meta_basescore, vulnerability_cvss3_meta_tempscore, vulnerability_cvss3_vuldb_basescore, vulnerability_cvss3_vuldb_tempscore, vulnerability_cvss3_vuldb_e, exploit_price_0dayNot DefinedOfficial Fix1.10+CVE-2022-34481
09/30/20226.36.0Mozilla Thunderbird OpenPGP Signature improper validation of certificate expiration(29): software_component, software_type, vulnerability_cwe, vulnerability_cvss2_vuldb_basescore, vulnerability_cvss2_vuldb_tempscore, vulnerability_cvss2_vuldb_av, vulnerability_cvss2_vuldb_ac, vulnerability_cvss2_vuldb_au, vulnerability_cvss2_vuldb_ci, vulnerability_cvss2_vuldb_ii, vulnerability_cvss2_vuldb_ai, vulnerability_cvss2_vuldb_e, vulnerability_cvss2_vuldb_rl, vulnerability_cvss3_meta_basescore, vulnerability_cvss3_meta_tempscore, vulnerability_cvss3_vuldb_basescore, vulnerability_cvss3_vuldb_tempscore, vulnerability_cvss3_vuldb_av, vulnerability_cvss3_vuldb_ac, vulnerability_cvss3_vuldb_pr, vulnerability_cvss3_vuldb_ui, vulnerability_cvss3_vuldb_s, vulnerability_cvss3_vuldb_c, vulnerability_cvss3_vuldb_i, vulnerability_cvss3_vuldb_a, vulnerability_cvss3_vuldb_e, vulnerability_cvss3_vuldb_rl, vulnerability_cvss3_vuldb_rc, exploit_price_0dayNot DefinedOfficial Fix1.01+CVE-2022-2226
09/30/20226.36.0Mozilla Thunderbird iFrame sandbox(17): software_type, vulnerability_cvss2_vuldb_basescore, vulnerability_cvss2_vuldb_tempscore, vulnerability_cvss2_vuldb_av, vulnerability_cvss2_vuldb_ac, vulnerability_cvss2_vuldb_au, vulnerability_cvss2_vuldb_ci, vulnerability_cvss2_vuldb_ii, vulnerability_cvss2_vuldb_ai, vulnerability_cvss2_vuldb_e, vulnerability_cvss2_vuldb_rl, vulnerability_cvss3_meta_basescore, vulnerability_cvss3_meta_tempscore, vulnerability_cvss3_vuldb_basescore, vulnerability_cvss3_vuldb_tempscore, vulnerability_cvss3_vuldb_e, exploit_price_0dayNot DefinedOfficial Fix1.01+CVE-2022-34468
09/30/20226.36.0Mozilla Thunderbird Session History use after free(28): software_component, software_type, vulnerability_cvss2_vuldb_basescore, vulnerability_cvss2_vuldb_tempscore, vulnerability_cvss2_vuldb_av, vulnerability_cvss2_vuldb_ac, vulnerability_cvss2_vuldb_au, vulnerability_cvss2_vuldb_ci, vulnerability_cvss2_vuldb_ii, vulnerability_cvss2_vuldb_ai, vulnerability_cvss2_vuldb_e, vulnerability_cvss2_vuldb_rl, vulnerability_cvss3_meta_basescore, vulnerability_cvss3_meta_tempscore, vulnerability_cvss3_vuldb_basescore, vulnerability_cvss3_vuldb_tempscore, vulnerability_cvss3_vuldb_av, vulnerability_cvss3_vuldb_ac, vulnerability_cvss3_vuldb_pr, vulnerability_cvss3_vuldb_ui, vulnerability_cvss3_vuldb_s, vulnerability_cvss3_vuldb_c, vulnerability_cvss3_vuldb_i, vulnerability_cvss3_vuldb_a, vulnerability_cvss3_vuldb_e, vulnerability_cvss3_vuldb_rl, vulnerability_cvss3_vuldb_rc, exploit_price_0dayNot DefinedOfficial Fix1.07+CVE-2022-34470
09/30/20226.36.0Mozilla Thunderbird Popup Window clickjacking(17): software_type, vulnerability_cvss2_vuldb_basescore, vulnerability_cvss2_vuldb_tempscore, vulnerability_cvss2_vuldb_av, vulnerability_cvss2_vuldb_ac, vulnerability_cvss2_vuldb_au, vulnerability_cvss2_vuldb_ci, vulnerability_cvss2_vuldb_ii, vulnerability_cvss2_vuldb_ai, vulnerability_cvss2_vuldb_e, vulnerability_cvss2_vuldb_rl, vulnerability_cvss3_meta_basescore, vulnerability_cvss3_meta_tempscore, vulnerability_cvss3_vuldb_basescore, vulnerability_cvss3_vuldb_tempscore, vulnerability_cvss3_vuldb_e, exploit_price_0dayNot DefinedOfficial Fix1.01+CVE-2022-34479
09/30/20227.87.6Google Android libzipfile access control(3): vulnerability_cvss2_nvd_basescore, vulnerability_cvss3_meta_tempscore, source_cve_nvd_summaryNot DefinedOfficial Fix0.41CVE-2016-6700
09/30/20227.87.6Google Android Mediaserver memory corruption(3): vulnerability_cvss2_nvd_basescore, vulnerability_cvss3_meta_tempscore, source_cve_nvd_summaryNot DefinedOfficial Fix0.35CVE-2016-6699
09/30/20226.36.0Mozilla Firefox memory corruption(27): software_type, vulnerability_cvss2_vuldb_basescore, vulnerability_cvss2_vuldb_tempscore, vulnerability_cvss2_vuldb_av, vulnerability_cvss2_vuldb_ac, vulnerability_cvss2_vuldb_au, vulnerability_cvss2_vuldb_ci, vulnerability_cvss2_vuldb_ii, vulnerability_cvss2_vuldb_ai, vulnerability_cvss2_vuldb_e, vulnerability_cvss2_vuldb_rl, vulnerability_cvss3_meta_basescore, vulnerability_cvss3_meta_tempscore, vulnerability_cvss3_vuldb_basescore, vulnerability_cvss3_vuldb_tempscore, vulnerability_cvss3_vuldb_av, vulnerability_cvss3_vuldb_ac, vulnerability_cvss3_vuldb_pr, vulnerability_cvss3_vuldb_ui, vulnerability_cvss3_vuldb_s, vulnerability_cvss3_vuldb_c, vulnerability_cvss3_vuldb_i, vulnerability_cvss3_vuldb_a, vulnerability_cvss3_vuldb_e, vulnerability_cvss3_vuldb_rl, vulnerability_cvss3_vuldb_rc, exploit_price_0dayNot DefinedOfficial Fix0.95+CVE-2022-34485
09/30/20226.36.0Mozilla Firefox memory corruption(27): software_type, vulnerability_cvss2_vuldb_basescore, vulnerability_cvss2_vuldb_tempscore, vulnerability_cvss2_vuldb_av, vulnerability_cvss2_vuldb_ac, vulnerability_cvss2_vuldb_au, vulnerability_cvss2_vuldb_ci, vulnerability_cvss2_vuldb_ii, vulnerability_cvss2_vuldb_ai, vulnerability_cvss2_vuldb_e, vulnerability_cvss2_vuldb_rl, vulnerability_cvss3_meta_basescore, vulnerability_cvss3_meta_tempscore, vulnerability_cvss3_vuldb_basescore, vulnerability_cvss3_vuldb_tempscore, vulnerability_cvss3_vuldb_av, vulnerability_cvss3_vuldb_ac, vulnerability_cvss3_vuldb_pr, vulnerability_cvss3_vuldb_ui, vulnerability_cvss3_vuldb_s, vulnerability_cvss3_vuldb_c, vulnerability_cvss3_vuldb_i, vulnerability_cvss3_vuldb_a, vulnerability_cvss3_vuldb_e, vulnerability_cvss3_vuldb_rl, vulnerability_cvss3_vuldb_rc, exploit_price_0dayNot DefinedOfficial Fix1.55+CVE-2022-34484
09/30/20224.74.6Google Android Proxy Auto Config access control(4): vulnerability_cvss2_nvd_basescore, vulnerability_cvss3_meta_tempscore, exploit_price_0day, source_cve_nvd_summaryNot DefinedOfficial Fix0.32CVE-2016-6723
09/30/20226.36.0Mozilla Firefox HTML Sanitizer Remote Code Execution(29): software_component, software_argument, software_type, vulnerability_cvss2_vuldb_basescore, vulnerability_cvss2_vuldb_tempscore, vulnerability_cvss2_vuldb_av, vulnerability_cvss2_vuldb_ac, vulnerability_cvss2_vuldb_au, vulnerability_cvss2_vuldb_ci, vulnerability_cvss2_vuldb_ii, vulnerability_cvss2_vuldb_ai, vulnerability_cvss2_vuldb_e, vulnerability_cvss2_vuldb_rl, vulnerability_cvss3_meta_basescore, vulnerability_cvss3_meta_tempscore, vulnerability_cvss3_vuldb_basescore, vulnerability_cvss3_vuldb_tempscore, vulnerability_cvss3_vuldb_av, vulnerability_cvss3_vuldb_ac, vulnerability_cvss3_vuldb_pr, vulnerability_cvss3_vuldb_ui, vulnerability_cvss3_vuldb_s, vulnerability_cvss3_vuldb_c, vulnerability_cvss3_vuldb_i, vulnerability_cvss3_vuldb_a, vulnerability_cvss3_vuldb_e, vulnerability_cvss3_vuldb_rl, vulnerability_cvss3_vuldb_rc, exploit_price_0dayNot DefinedOfficial Fix1.57+CVE-2022-34473
09/30/20226.36.0Mozilla Firefox HTML Sanitizer unknown vulnerability(28): software_component, software_type, vulnerability_cvss2_vuldb_basescore, vulnerability_cvss2_vuldb_tempscore, vulnerability_cvss2_vuldb_av, vulnerability_cvss2_vuldb_ac, vulnerability_cvss2_vuldb_au, vulnerability_cvss2_vuldb_ci, vulnerability_cvss2_vuldb_ii, vulnerability_cvss2_vuldb_ai, vulnerability_cvss2_vuldb_e, vulnerability_cvss2_vuldb_rl, vulnerability_cvss3_meta_basescore, vulnerability_cvss3_meta_tempscore, vulnerability_cvss3_vuldb_basescore, vulnerability_cvss3_vuldb_tempscore, vulnerability_cvss3_vuldb_av, vulnerability_cvss3_vuldb_ac, vulnerability_cvss3_vuldb_pr, vulnerability_cvss3_vuldb_ui, vulnerability_cvss3_vuldb_s, vulnerability_cvss3_vuldb_c, vulnerability_cvss3_vuldb_i, vulnerability_cvss3_vuldb_a, vulnerability_cvss3_vuldb_e, vulnerability_cvss3_vuldb_rl, vulnerability_cvss3_vuldb_rc, exploit_price_0dayNot DefinedOfficial Fix1.48+CVE-2022-34475
09/30/20224.34.1Mozilla Firefox MediaError Message information exposure(17): software_type, vulnerability_cvss2_vuldb_basescore, vulnerability_cvss2_vuldb_tempscore, vulnerability_cvss2_vuldb_av, vulnerability_cvss2_vuldb_ac, vulnerability_cvss2_vuldb_au, vulnerability_cvss2_vuldb_ci, vulnerability_cvss2_vuldb_ii, vulnerability_cvss2_vuldb_ai, vulnerability_cvss2_vuldb_e, vulnerability_cvss2_vuldb_rl, vulnerability_cvss3_meta_basescore, vulnerability_cvss3_meta_tempscore, vulnerability_cvss3_vuldb_basescore, vulnerability_cvss3_vuldb_tempscore, vulnerability_cvss3_vuldb_e, exploit_price_0dayNot DefinedOfficial Fix1.32+CVE-2022-34477
09/30/20224.34.1Mozilla Firefox lg_init uninitialized pointer(17): software_type, vulnerability_cvss2_vuldb_basescore, vulnerability_cvss2_vuldb_tempscore, vulnerability_cvss2_vuldb_av, vulnerability_cvss2_vuldb_ac, vulnerability_cvss2_vuldb_au, vulnerability_cvss2_vuldb_ci, vulnerability_cvss2_vuldb_ii, vulnerability_cvss2_vuldb_ai, vulnerability_cvss2_vuldb_e, vulnerability_cvss2_vuldb_rl, vulnerability_cvss3_meta_basescore, vulnerability_cvss3_meta_tempscore, vulnerability_cvss3_vuldb_basescore, vulnerability_cvss3_vuldb_tempscore, vulnerability_cvss3_vuldb_e, exploit_price_0dayNot DefinedOfficial Fix1.20+CVE-2022-34480
09/30/20226.36.0Mozilla Firefox Object Prototype code injection(31): software_component, software_type, vulnerability_cwe, vulnerability_cvss2_vuldb_basescore, vulnerability_cvss2_vuldb_tempscore, vulnerability_cvss2_vuldb_av, vulnerability_cvss2_vuldb_ac, vulnerability_cvss2_vuldb_au, vulnerability_cvss2_vuldb_ci, vulnerability_cvss2_vuldb_ii, vulnerability_cvss2_vuldb_ai, vulnerability_cvss2_vuldb_e, vulnerability_cvss2_vuldb_rl, vulnerability_cvss3_meta_basescore, vulnerability_cvss3_meta_tempscore, vulnerability_cvss3_vuldb_basescore, vulnerability_cvss3_vuldb_tempscore, vulnerability_cvss3_vuldb_av, vulnerability_cvss3_vuldb_ac, vulnerability_cvss3_vuldb_pr, vulnerability_cvss3_vuldb_ui, vulnerability_cvss3_vuldb_s, vulnerability_cvss3_vuldb_c, vulnerability_cvss3_vuldb_i, vulnerability_cvss3_vuldb_a, vulnerability_cvss3_vuldb_e, vulnerability_cvss3_vuldb_rl, vulnerability_cvss3_vuldb_rc, advisory_via, advisory_person_name, exploit_price_0dayNot DefinedOfficial Fix0.69+CVE-2022-2200
09/30/20226.36.0Mozilla Firefox Microsoft Protocol access control(17): software_type, vulnerability_cvss2_vuldb_basescore, vulnerability_cvss2_vuldb_tempscore, vulnerability_cvss2_vuldb_av, vulnerability_cvss2_vuldb_ac, vulnerability_cvss2_vuldb_au, vulnerability_cvss2_vuldb_ci, vulnerability_cvss2_vuldb_ii, vulnerability_cvss2_vuldb_ai, vulnerability_cvss2_vuldb_e, vulnerability_cvss2_vuldb_rl, vulnerability_cvss3_meta_basescore, vulnerability_cvss3_meta_tempscore, vulnerability_cvss3_vuldb_basescore, vulnerability_cvss3_vuldb_tempscore, vulnerability_cvss3_vuldb_e, exploit_price_0dayNot DefinedOfficial Fix0.82+CVE-2022-34478

4034 more entries are not shown

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!