Neu 18.01.2022

Zeitverlauf

Typ

Produkt

Allwinner R818 SoC Android Q SDK3
China Mobile An Lianbao WF-12
Apache Log4j1
FreeBSD1
Linux Kernel1

Massnahmen

Official Fix14
Temporary Fix0
Workaround0
Unavailable0
Not Defined14

Ausnutzbarkeit

High0
Functional0
Proof-of-Concept2
Unproven0
Not Defined26

CVSSv3 Base

≤10
≤20
≤30
≤44
≤53
≤67
≤712
≤82
≤90
≤100

CVSSv3 Temp

≤10
≤20
≤30
≤44
≤53
≤612
≤77
≤82
≤90
≤100

Exploit 0-day

<1k12
<2k4
<5k5
<10k2
<25k5
<50k0
<100k0
≥100k0

Exploit heute

<1k18
<2k4
<5k5
<10k1
<25k0
<50k0
<100k0
≥100k0
ErstelltBaseTempSchwachstelle0dayHeuteAusMasCTICVE
20:586.36.0Apache Log4j JMSSink erweiterte Rechte$5k-$25k$0-$5kNot DefinedOfficial Fix0.07CVE-2022-23302
20:567.87.5FreeBSD Pufferüberlauf$5k-$25k$0-$5kNot DefinedOfficial Fix0.07CVE-2021-29632
20:557.57.2Linux Kernel Unix Domain Socket File close Pufferüberlauf$5k-$25k$5k-$25kNot DefinedOfficial Fix0.24CVE-2021-4083
20:545.95.7IBM Cloud Pak for Automation Business Automation Studio erweiterte Rechte$5k-$25k$0-$5kNot DefinedOfficial Fix0.00CVE-2021-29872
20:486.56.4NVIDIA Shield TV nvmap erweiterte Rechte$0-$5k$0-$5kNot DefinedOfficial Fix0.04CVE-2021-34401
20:466.35.7SourceCodester Free School Management Software erweiterte Rechte$0-$5k$0-$5kProof-of-ConceptNot Defined0.03CVE-2021-46013
20:454.94.9ProfileGrid Plugin class-profile-magic-admin.php Cross Site Scripting$0-$5k$0-$5kNot DefinedNot Defined0.07CVE-2022-0233
20:443.63.6User Registration, Login & Landing Pages Plugin landing-page.php Cross Site Scripting$0-$5k$0-$5kNot DefinedNot Defined0.04CVE-2022-0232
20:433.63.6Random Banner Plugin model.php Cross Site Scripting$0-$5k$0-$5kNot DefinedNot Defined0.04CVE-2022-0210
20:426.56.5Crisp Live Chat Plugin crisp.php crisp_plugin_settings_page Cross Site Request Forgery$0-$5k$0-$5kNot DefinedNot Defined0.04CVE-2021-43353
20:414.94.9WHMCS Bridge Plugin bridge_cp.php cc_whmcs_bridge_add_admin Cross Site Scripting$0-$5k$0-$5kNot DefinedNot Defined0.00CVE-2021-4074
20:396.46.3WP Import Export Plugin class-wpie-general.php wpie_process_file_download erweiterte Rechte$0-$5k$0-$5kNot DefinedNot Defined0.07CVE-2022-0236
20:386.56.5Login Signup Popup Plugin class-xoo-admin-settings.php save_settings Cross Site Request Forgery$0-$5k$0-$5kNot DefinedNot Defined0.07CVE-2022-0215
16:275.75.5Allwinner R818 SoC Android Q SDK Camera Driver cedar_dev Denial of Service$0-$5k$0-$5kNot DefinedNot Defined0.06CVE-2021-38785
16:265.75.5Allwinner R818 SoC Android Q SDK open_exec Denial of Service$0-$5k$0-$5kNot DefinedNot Defined0.05CVE-2021-38784
16:255.55.3Allwinner R818 SoC Android Q SDK Camera Driver cedar_dev Information Disclosure$0-$5k$0-$5kNot DefinedNot Defined0.04CVE-2021-38783
16:246.35.7SoftVibe SARABAN for INFOMA SQL Injection$0-$5k$0-$5kProof-of-ConceptNot Defined0.00CVE-2021-38694
16:236.36.1China Mobile An Lianbao WF-1 Web Interface set_ZRMesh erweiterte Rechte$0-$5k$0-$5kNot DefinedNot Defined0.08CVE-2021-33965
16:225.55.4Google Fuchsia Kernel mmu_flags_to_s1_pte_attr erweiterte Rechte$5k-$25k$0-$5kNot DefinedOfficial Fix0.04CVE-2021-22566
16:106.36.0Spipu HTML2PDF Link Tag erweiterte Rechte$0-$5k$0-$5kNot DefinedOfficial Fix0.04CVE-2021-45394
16:096.36.1China Mobile An Lianbao WF-1 Web Interface set_firewall_level erweiterte Rechte$0-$5k$0-$5kNot DefinedNot Defined0.00CVE-2021-33964
13:105.04.9livehelperchat Cross Site Request Forgery$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2022-0245
13:096.36.0Zoho ManageEngine Desktop Central ZIP Archive schwache Authentisierung$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2021-44757
07:235.95.8crater-invoice crater erweiterte Rechte$0-$5k$0-$5kNot DefinedOfficial Fix0.08CVE-2022-0242
07:233.53.4FuturePress EPub.js iframe.js Cross Site Scripting$0-$5k$0-$5kNot DefinedOfficial Fix0.05CVE-2021-33040
07:213.53.4Stormshield SSO Agent Installer Information Disclosure$0-$5k$0-$5kNot DefinedOfficial Fix0.03CVE-2022-22703
07:185.55.3Apache Knox SSO Request Parameter Redirect$5k-$25k$0-$5kNot DefinedOfficial Fix0.04CVE-2021-42357
07:156.36.1IBM FileNet Content Manager Privilege Escalation$5k-$25k$0-$5kNot DefinedOfficial Fix0.03CVE-2021-38965

Interested in the pricing of exploits?

See the underground prices here!