القطاع Insurance

Timeframe: -28 days

Default Categories (76): Access Management Software, Accounting Software, Anti-Malware Software, Anti-Spam Software, Application Server Software, Asset Management Software, Atlassian Confluence Plugin, Atlassian Jira App Software, Backup Software, Big Data Software, Billing Software, Bug Tracking Software, Business Process Management Software, Calendar Software, Cloud Software, Communications System, Connectivity Software, Continuous Integration Software, Customer Relationship Management System, Database Administration Software, Database Software, Directory Service Software, Document Management Software, Document Processing Software, Document Reader Software, Domain Name Software, Endpoint Management Software, Enterprise Resource Planning Software, File Compression Software, File Transfer Software, Firewall Software, Firmware Software, Groupware Software, Hardware Driver Software, Human Capital Management Software, Information Management Software, IP Phone Software, JavaScript Library, Knowledge Base Software, Log Management Software, Mail Client Software, Mail Server Software, Middleware, Network Attached Storage Software, Network Authentication Software, Network Encryption Software, Network Management Software, Network Routing Software, Office Suite Software, Operating System, Policy Management Software, Presentation Software, Printing Software, Programming Language Software, Project Management Software, Remote Access Software, Reporting Software, Risk Management System, Router Operating System, Security Testing Software, Server Management Software, Service Management Software, Smartphone Operating System, Software Library, Software Management Software, Solution Stack Software, Spreadsheet Software, SSH Server Software, Ticket Tracking Software, Unified Communication Software, Virtualization Software, Web Browser, Web Server, Windowing System Software, Wireless LAN Software, Word Processing Software

التسلسل الزمني

المجهز

منتج

Linux Kernel368
HDF532
Mozilla Firefox22
Oracle MySQL Server22
Google Android18

معالجة

Official Fix670
Temporary Fix0
Workaround2
Unavailable0
Not Defined160

قابلية الاستغلال

High2
Functional0
Proof-of-Concept12
Unproven0
Not Defined818

متجه الوصول

Not Defined0
Physical2
Local92
Adjacent420
Network318

توثيق

Not Defined0
High62
Low576
None194

تفاعل المستخدم

Not Defined0
Required122
None710

C3BM Index

CVSSv3 Base

≤10
≤20
≤328
≤494
≤5210
≤6282
≤7106
≤894
≤912
≤106

CVSSv3 Temp

≤10
≤20
≤328
≤496
≤5208
≤6326
≤788
≤870
≤910
≤106

VulDB

≤10
≤20
≤336
≤496
≤5210
≤6270
≤7112
≤894
≤96
≤108

NVD

≤1832
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

CNA

≤1610
≤20
≤38
≤420
≤536
≤658
≤720
≤852
≤922
≤106

المجهز

≤1832
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

إكسبلويت ذات هجوم فوري

<1k46
<2k188
<5k26
<10k404
<25k134
<50k32
<100k2
≥100k0

إكسبلويت اليوم

<1k352
<2k208
<5k172
<10k60
<25k40
<50k0
<100k0
≥100k0

حجم سوق الإكسبلويت

IOB - Indicator of Behavior (1000)

التسلسل الزمني

اللغة

en688
ja82
zh68
de56
es42

البلد

us206
jp106
cn98
de58
fr44

الفاعلين

النشاطات

الاهتمام

التسلسل الزمني

النوع

المجهز

منتج

Linux Kernel74
Google Android16
Foxit PDF Reader12
Samsung Mobile Devices12
Google Chrome8

الثغرات

#الثغرةBaseTemp0dayاليومق�معالجةEPSSCTICVE
1Google Chrome HTML Page تلف الذاكرة6.36.0$25k-$100k$5k-$25kNot DefinedOfficial Fix0.000432.25CVE-2024-4671
2Microsoft Edge Remote Code Execution5.95.7$25k-$100k$5k-$25kNot DefinedOfficial Fix0.000431.35CVE-2024-30055
3Contemporary Control System BASrouter BACnet BASRT-B Application Protocol Data Unit الحرمان من الخدمة7.56.6$0-$5k$0-$5kProof-of-ConceptWorkaround0.000002.65-CVE-2024-4791
4vercel next.js تجاوز الصلاحيات6.46.3$0-$5k$0-$5kNot DefinedOfficial Fix0.000450.49CVE-2024-34351
5Red Hat Migration Toolkit for Containers Registry Remote Code Execution7.97.9$5k-$25k$5k-$25kNot DefinedNot Defined0.000430.58CVE-2024-3727
6GNU C Library iconv تلف الذاكرة5.35.1$0-$5k$0-$5kNot DefinedOfficial Fix0.000440.13CVE-2024-2961
7Synaptics Fingerprint Driver SynHsaService الحرمان من الخدمة5.55.4$0-$5k$0-$5kNot DefinedOfficial Fix0.000430.58-CVE-2023-5447
8Google Android Health Data تجاوز الصلاحيات5.35.1$5k-$25k$0-$5kNot DefinedOfficial Fix0.000430.09CVE-2024-23706
9IBM Security Guardium Local Privilege Escalation7.87.6$5k-$25k$0-$5kNot DefinedOfficial Fix0.000000.54CVE-2023-47712
10F5 BIG-IP Next Central Manager حقن إس كيو إل7.37.0$5k-$25k$0-$5kNot DefinedOfficial Fix0.000430.22CVE-2024-26026
11Google Chrome WebAudio تلف الذاكرة6.36.0$25k-$100k$5k-$25kNot DefinedOfficial Fix0.000430.14CVE-2024-4559
12PostgreSQL pg_stats_ext_exprs تجاوز الصلاحيات3.13.0$0-$5k$0-$5kNot DefinedOfficial Fix0.000430.05CVE-2024-4317
13D-Link DIR-619L boa تلف الذاكرة6.56.3$5k-$25k$5k-$25kNot DefinedNot Defined0.000000.31CVE-2024-33773
14F5 BIG-IP Next Central Manager API حقن إس كيو إل7.37.0$5k-$25k$0-$5kNot DefinedOfficial Fix0.000430.14CVE-2024-21793
15PuTTY ECDSA Nonce Generation الكشف عن المعلومات3.73.6$0-$5k$0-$5kNot DefinedOfficial Fix0.001670.09CVE-2024-31497
16Google Chrome ANGLE تلف الذاكرة6.36.0$25k-$100k$5k-$25kNot DefinedOfficial Fix0.000430.00CVE-2024-4558
17vercel next.js HTTP Request تجاوز الصلاحيات6.46.3$0-$5k$0-$5kNot DefinedOfficial Fix0.000430.09CVE-2024-34350
18IBM Security Guardium تجاوز الصلاحيات2.72.6$5k-$25k$0-$5kNot DefinedOfficial Fix0.000000.41CVE-2023-47711
19Google Go net Lookup الحرمان من الخدمة5.35.1$5k-$25k$0-$5kNot DefinedOfficial Fix0.000450.12CVE-2024-24788
20IBM Security Guardium Request تجاوز الصلاحيات8.18.0$5k-$25k$0-$5kNot DefinedOfficial Fix0.000000.37CVE-2023-47709

IOC - Indicator of Compromise (26)

These indicators of compromise highlight associated network ranges which are known to be part of research and attack activities.

IDIP rangeممثلالنوعالثقة
15.61.32.0/24FIN7predictiveعالي
223.154.177.0/24B1txor20predictiveعالي
338.180.29.0/24Cobalt Strikepredictiveعالي
4XX.XX.X.X/XXXxxxxxxxpredictiveعالي
5XX.XX.XXX.X/XXXxxxxxxxpredictiveعالي
6XX.XX.XX.X/XXXxxxxxpredictiveعالي
7XXX.XXX.XXX.X/XXXxxxxxxxxxxxxxxpredictiveعالي
8XXX.XXX.X.X/XXXxxxxxxxxpredictiveعالي
9XXX.XXX.X.X/XXXxxxxx Xxxxxxpredictiveعالي
10XXX.XXX.X.X/XXXxxxxxxxxpredictiveعالي
11XXX.XXX.X.X/XXXxxxxx Xxxxxxpredictiveعالي
12XXX.XXX.XX.X/XXXxxxxx Xxxxxxpredictiveعالي
13XXX.XXX.XX.X/XXXxxxxx Xxxpredictiveعالي
14XXX.XXX.XX.X/XXXxxxxxxxx Xxxxxxpredictiveعالي
15XXX.XXX.XX.X/XXXxxxxpredictiveعالي
16XXX.XXX.XX.X/XXXxxxxpredictiveعالي
17XXX.XX.XX.X/XXXxxxxpredictiveعالي
18XXX.XXX.XX.X/XXXxxxxxpredictiveعالي
19XXX.XXX.XXX.X/XXXxxxxxpredictiveعالي
20XXX.XXX.XXX.X/XXXxxxxx Xxxpredictiveعالي
21XXX.XXX.XX.X/XXXxxxxpredictiveعالي
22XXX.XXX.XXX.X/XXXxxxpredictiveعالي
23XXX.XXX.XXX.X/XXXxxxxx Xxxxxxpredictiveعالي
24XXX.XXX.XXX.X/XXXxxxxxx Xxxxxxxpredictiveعالي
25XXX.XXX.XXX.X/XXXxxxxx Xxxxxxpredictiveعالي
26XXX.XXX.XX.X/XXXxxxxxpredictiveعالي

TTP - Tactics, Techniques, Procedures (20)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueالفئةالثغراتمتجه الوصولالنوعالثقة
1T1006CAPEC-126CWE-22Path Traversalpredictiveعالي
2T1055CAPEC-10CWE-74Improper Neutralization of Data within XPath Expressionspredictiveعالي
3T1059CAPEC-137CWE-88, CWE-94Argument Injectionpredictiveعالي
4T1059.007CAPEC-209CWE-79, CWE-80Cross Site Scriptingpredictiveعالي
5TXXXXCAPEC-122CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx Xxxxxxxxxxpredictiveعالي
6TXXXX.XXXCAPEC-CWE-XXXXxx Xx Xxxx-xxxxx Xxxxxxxxpredictiveعالي
7TXXXXCAPEC-136CWE-XX, CWE-XXXxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx Xxxxxxxxxpredictiveعالي
8TXXXXCAPEC-1CWE-XXX, CWE-XXXXxxxxxxxxx Xxxxxxpredictiveعالي
9TXXXXCAPEC-108CWE-XXXxx Xxxxxxxxxpredictiveعالي
10TXXXXCAPEC-102CWE-XXXXxx Xx Xxxxxxxxxx Xxxxxxx Xxxxxxxxxx Xxxxxxxxx Xxxxxxxxxxxpredictiveعالي
11TXXXX.XXXCAPEC-1CWE-XXXXxxxxxxx Xxxxxxxxxxxxxpredictiveعالي
12TXXXXCAPEC-37CWE-XXXXxxxxxxxx Xxxxxxx Xx Xxxxxxxxx Xxxxxxxxxxxpredictiveعالي
13TXXXXCAPEC-38CWE-XXXXxxxxxxxx Xxxxxx Xxxxpredictiveعالي
14TXXXX.XXXCAPEC-CWE-XXXXxxxxxxx Xxxxxx Xxxxpredictiveعالي
15TXXXX.XXXCAPEC-142CWE-XXXXxxxxxxx Xx Xxx Xxxxxxx Xx X Xxxxxxxx Xxxxxxxxpredictiveعالي
16TXXXX.XXXCAPEC-459CWE-XXXXxxxxxxx Xxxxxxxxxxx Xxxxxxxxxxpredictiveعالي
17TXXXXCAPEC-464CWE-XXXXxxxxxxx Xx Xxxxxxx Xxxxxxxx Xxxxxxxxxxx Xx Xx Xxxxxxxxxxxx Xxxxxpredictiveعالي
18TXXXXCAPEC-116CWE-XXX, CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx Xxxxxxxxxxxpredictiveعالي
19TXXXXCAPEC-20CWE-XXX, CWE-XXXXxxxxxxxxxxxx Xxxxxxpredictiveعالي
20TXXXX.XXXCAPEC-1CWE-XXXXxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx Xxxxxxxxxpredictiveعالي

IOA - Indicator of Attack (119)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDالفئةIndicatorالنوعالثقة
1File/API/infopredictiveمتوسط
2File/bin/boapredictiveمتوسط
3File/CMD0/xml_modes.xmlpredictiveعالي
4File/drivers/tty/serial/serial_core.cpredictiveعالي
5File/htdocs/webinc/js/bsc_sms_inbox.phppredictiveعالي
6File/proc/scsi/${proc_name}predictiveعالي
7File/Public/webuploader/0.1.5/server/fileupload.phppredictiveعالي
8File/Public/webuploader/0.1.5/server/fileupload2.phppredictiveعالي
9File/sys/bus/i2c/devices/i2c-2/new_devicepredictiveعالي
10File/u/:username/activity/reactionspredictiveعالي
11File/webeditor/predictiveمتوسط
12FileActivityManagerService.javapredictiveعالي
13Fileadmin-manage-user.phppredictiveعالي
14FileAppOpsService.javapredictiveعالي
15Filebsc_sms_inbox.phppredictiveعالي
16Filexxxxxxxxxxxxxxxxxxxxxxxxxxxxx.xxxxpredictiveعالي
17Filexxxxxx/xxxxxx_xxxxxx.xpredictiveعالي
18Filexx_xxx.xpredictiveمتوسط
19Filexxxxxxx/xxxxxx/xxxxxxx/xxxxxx_xxxx.xpredictiveعالي
20Filexxxxxxx/xxx/xxxx/xxx.xpredictiveعالي
21Filexxxxxxx/xxxx/xxxx_xxxx.xpredictiveعالي
22Filexxxxxxx/xxxxx/xxx-xxxxxxxxx/xxxxxxx.xpredictiveعالي
23Filexxxxxxx/xxx/xxxxxxxx/xxx/xx.xpredictiveعالي
24Filexxxxxxx/xxx/xxxxxxxx/xxxxxxxxx/xxxxxxxx/xxx.xpredictiveعالي
25Filexxxxxxx/xxx/xxxxxx/xxxx/xxxx_xxxx.xpredictiveعالي
26Filexxxxxxx/xxx/xxxx/xxxxx.xpredictiveعالي
27Filexxxxxxx/xxx/xxxx/xxx.xpredictiveعالي
28Filexxxxxxxxx.xxxpredictiveعالي
29Filexx/xxxxxx.xpredictiveمتوسط
30Filexx/xxxx/xxxxxxx.xpredictiveعالي
31Filexx/xxxxx/xxxx.xpredictiveعالي
32Filexx/xxxxxx/xxx.xpredictiveعالي
33Filexxxxxxx.xxpredictiveمتوسط
34Filexxxxxx.xxxpredictiveمتوسط
35Filexxxxxx/xxxxxxxpredictiveعالي
36Filexxxxxx.xpredictiveمتوسط
37Filexxxxxxxxxxx.xpredictiveعالي
38Filexxxxxx.xpredictiveمتوسط
39Filexxxxxx.xpredictiveمتوسط
40Filexxxx.xpredictiveواطئ
41Filexxxx.xpredictiveواطئ
42Filexxxxxxxxx.xpredictiveمتوسط
43Filexxxx.xpredictiveواطئ
44Filexxxxxxxx.xpredictiveمتوسط
45Filexxxxxxxxx.xpredictiveمتوسط
46Filexxxxxxxx.xpredictiveمتوسط
47Filexxxxxxxx.xpredictiveمتوسط
48Filexxx.xpredictiveواطئ
49Filexxxxxxx.xpredictiveمتوسط
50Filexxxxxxxxx.xpredictiveمتوسط
51Filexxxxxx.xpredictiveمتوسط
52Filexxxx.xpredictiveواطئ
53Filexxxxxxx.xpredictiveمتوسط
54Filexx/xxxxxx/xxxxxx-xxx.xpredictiveعالي
55Filexxxxxxx/xxxxx/xxxxxxxxxxxx.xpredictiveعالي
56Filexxxxxxx/xxxxx/xxxx.xpredictiveعالي
57Filexxxx/xxxx.xpredictiveمتوسط
58Filexxxxxxxxxxxxxxxxxxxx.xxxxpredictiveعالي
59Filexxxxxx/xxx/xxxxxx.xpredictiveعالي
60Filexxxxxx/xxxx_xxxxx.xpredictiveعالي
61Filexxxxxxxxxxxxx.xxxpredictiveعالي
62Filexxxxx.xxpredictiveمتوسط
63Filexxxxx.xxxpredictiveمتوسط
64Filexx/xxxx.xpredictiveمتوسط
65Filexx/xxxxxxxx.xpredictiveعالي
66Filexxxxxx/xxxxxxxxxxx.xxpredictiveعالي
67Filexxxxxxx/xxxxx/xxxxxx/xxxxxx.xxxpredictiveعالي
68Filexxx-xxxpredictiveواطئ
69Filexxx/xxxxxx/xx_xxxxxxxxx_xxxxx.xpredictiveعالي
70Filexxx/xxxx/xxx.xpredictiveعالي
71Filexxx/xxxx/xxxx.xpredictiveعالي
72Filexxx/xxxxxxxxx/xx_xxxxxx_xxx.xpredictiveعالي
73Filexxxxxxxxxxxxxxxxxxxxxxxxxx.xxxxpredictiveعالي
74Filexxx.xxpredictiveواطئ
75Filexxxx.xpredictiveواطئ
76Filexxxx.xxxpredictiveمتوسط
77Filexxx/xxxxxx.xpredictiveمتوسط
78Filexxx.xpredictiveواطئ
79Filexxxxxxxxxxxx.xxxxpredictiveعالي
80Filexxxxx_xxxx.xpredictiveمتوسط
81Filexxxxxxx_xxxx_xxxxx.xxxpredictiveعالي
82Filexxxx-xxxxxxx.xxxpredictiveعالي
83Filexxxxxx-xxxxx.xxxpredictiveعالي
84Filexxxxxx_xxxxxxxx.xxxpredictiveعالي
85Filexxxxxxxxxxxxxxxxxx.xxxxpredictiveعالي
86Filexxxxxxxxxxxxxxxxxx.xxxxpredictiveعالي
87Filexxxx.xxxpredictiveمتوسط
88Libraryxxxxx-xx.xxpredictiveمتوسط
89Libraryxxxxxxx/xxx/xxxx_xxx.xpredictiveعالي
90Libraryxxx/xxxxxxxxxxxx.xpredictiveعالي
91Libraryxxx/xxxx_xxxxx.xpredictiveعالي
92Libraryxxx/xxxx_xxxxx.xpredictiveعالي
93Libraryxxx/xxxxxx.xpredictiveمتوسط
94Libraryxxx/xxxxxxxx.xpredictiveعالي
95Libraryxxx/xxx_xxxxxxx.xpredictiveعالي
96Libraryxxx/xxxxxxxx.xpredictiveعالي
97Libraryxxxxxxxxxxxx.xxxpredictiveعالي
98Libraryxxxxx/xxx/xxxxxxx_xxx.xpredictiveعالي
99Libraryxxxx-xxxxxx.xxxpredictiveعالي
100Argumentxxxxxxx-xxxxxxpredictiveعالي
101Argumentxxxxxxxpredictiveواطئ
102Argumentxxxpredictiveواطئ
103Argumentxxxxxxxpredictiveواطئ
104Argumentxxxxpredictiveواطئ
105Argumentxxx_xxxx/xx_xxx_xxxxpredictiveعالي
106Argumentxx/xxx/xxxxxpredictiveمتوسط
107Argumentxxxxxpredictiveواطئ
108Argumentxxx_xxxxxxxpredictiveمتوسط
109Argumentxxxxxxx_xxxxx_xxxxxxpredictiveعالي
110Argumentxxxxxpredictiveواطئ
111Argumentxxxxxxxpredictiveواطئ
112Argumentxxxxxpredictiveواطئ
113Argumentxxxx_xxpredictiveواطئ
114Argumentxxxxxxxxxpredictiveمتوسط
115Argumentxxxxxxxxpredictiveمتوسط
116Argumentxx_xxxxxpredictiveمتوسط
117Argumentxxxxxxxpredictiveواطئ
118Argumentxxx_xx_xxx_xxxxpredictiveعالي
119Input Valuexxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxpredictiveعالي

Do you want to use VulDB in your project?

Use the official API to access entries easily!