セクター Police

Timeframe: -28 days

Default Categories (69): Access Management Software, Android App Software, Anti-Malware Software, Anti-Spam Software, Application Server Software, Appointment Software, Asset Management Software, Audio Processing Software, Backup Software, Big Data Software, Business Process Management Software, Calendar Software, Chat Software, Communications System, Connectivity Software, Customer Relationship Management System, Database Administration Software, Database Software, Digital Media Player, Directory Service Software, Document Management Software, Document Processing Software, Document Reader Software, Enterprise Resource Planning Software, File Compression Software, File Transfer Software, Firewall Software, Groupware Software, Human Capital Management Software, Image Processing Software, Information Management Software, IP Phone Software, Learning Management Software, Mail Client Software, Mail Server Software, Messaging Software, Multimedia Player Software, Multimedia Processing Software, Network Attached Storage Software, Network Authentication Software, Network Camera Software, Network Encryption Software, Network Management Software, Network Routing Software, Office Suite Software, Operating System, Operating System Utility Software, Packet Analyzer Software, Photo Gallery Software, Policy Management Software, Presentation Software, Printing Software, Project Management Software, Remote Access Software, Reporting Software, Router Operating System, Server Management Software, Service Management Software, Smartphone Operating System, Spreadsheet Software, SSH Server Software, Ticket Tracking Software, Unified Communication Software, Video Surveillance Software, Virtualization Software, Web Browser, Web Server, Wireless LAN Software, Word Processing Software

タイムライン

ベンダー

Linux230
Apple186
Microsoft66
Google64
Not Defined58

製品

Linux Kernel230
Apple macOS90
Microsoft Windows58
Apple iOS56
Apple iPadOS56

修復

Official Fix704
Temporary Fix0
Workaround4
Unavailable0
Not Defined100

悪用可能性

High4
Functional0
Proof-of-Concept30
Unproven58
Not Defined716

アクセスベクター

Not Defined0
Physical16
Local216
Adjacent286
Network290

認証

Not Defined0
High36
Low532
None240

ユーザー操作

Not Defined0
Required186
None622

C3BM Index

CVSSv3 Base

≤10
≤26
≤328
≤4102
≤5136
≤6284
≤7152
≤872
≤922
≤106

CVSSv3 Temp

≤10
≤26
≤334
≤4104
≤5138
≤6370
≤794
≤854
≤92
≤106

VulDB

≤10
≤28
≤332
≤4120
≤5128
≤6276
≤7148
≤866
≤926
≤104

NVD

≤1808
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

CNA

≤1700
≤20
≤30
≤42
≤516
≤616
≤720
≤832
≤914
≤108

ベンダー

≤1746
≤20
≤30
≤40
≤50
≤68
≤714
≤820
≤920
≤100

0dayエクスプロイト

<1k32
<2k176
<5k82
<10k260
<25k158
<50k72
<100k28
≥100k0

本日のエクスプロイト

<1k294
<2k208
<5k132
<10k110
<25k62
<50k2
<100k0
≥100k0

闇ツールの市場規模

IOB - Indicator of Behavior (1000)

タイムライン

言語

en760
zh60
de30
ru26
it20

国・地域

us188
cn136
de34
fr34
ru34

アクター

Cobalt Strike7
Mirai3
RedLine Stealer3
Sliver2
BumbleBee2

アクティビティ

関心

タイムライン

タイプ

Operating System64
Web Browser18
Smartphone Operating System18
Document Reader Software18
Router Operating System16

ベンダー

Apple42
Linux38
Foxit16
Not Defined16
Google12

製品

Linux Kernel38
Apple macOS20
Foxit PDF Reader16
Apple iOS14
Apple iPadOS14

脆弱性

#脆弱性BaseTemp0day本日修復CTIEPSSCVE
1Zimbra zm-admin-ajax Form Textbox Field Error XFormItem.js XFormItem.prototype.setError クロスサイトスクリプティング3.53.4$0-$5k$0-$5kNot DefinedOfficial Fix0.160.00000CVE-2017-20191
2SourceCodester Online Chatting System update_room.php SQLインジェクション6.35.7$0-$5k$0-$5kProof-of-ConceptNot Defined0.770.00045CVE-2024-2932
3Campcodes Online Art Gallery Management System adminHome.php SQLインジェクション6.35.7$0-$5k$0-$5kProof-of-ConceptNot Defined1.220.00045CVE-2024-2999
4code-projects Online Book System Product.php クロスサイトスクリプティング3.53.2$0-$5k$0-$5kProof-of-ConceptNot Defined0.850.00045CVE-2024-3004
5Linux Kernel push-switch flush_work メモリ破損8.07.6$5k-$25k$0-$5kNot DefinedOfficial Fix0.900.00000CVE-2023-52629
6code-projects Online Book System Product.php SQLインジェクション6.35.7$0-$5k$0-$5kProof-of-ConceptNot Defined0.730.00045CVE-2024-3001
7code-projects Online Book System description.php SQLインジェクション6.35.7$0-$5k$0-$5kProof-of-ConceptNot Defined0.900.00045CVE-2024-3002
8code-projects Online Book System cart.php SQLインジェクション6.35.7$0-$5k$0-$5kProof-of-ConceptNot Defined0.690.00045CVE-2024-3003
9code-projects Online Book System index.php SQLインジェクション7.36.6$0-$5k$0-$5kProof-of-ConceptNot Defined0.870.00045CVE-2024-3000
10D-Link DIR-3040us A1 FTP Server メモリ破損7.37.3$5k-$25k$5k-$25kNot DefinedNot Defined1.22-0.00000CVE-2024-27619
11Apple iOS/iPadOS Web Content メモリ破損6.36.0$25k-$100k$5k-$25kNot DefinedOfficial Fix0.550.00045CVE-2023-42950
12Apple iOS/iPadOS サービス拒否6.56.2$25k-$100k$5k-$25kNot DefinedOfficial Fix0.550.00043CVE-2023-42962
13SourceCodester Music Gallery Site 特権昇格7.36.6$0-$5k$0-$5kProof-of-ConceptNot Defined0.600.00045CVE-2024-2930
14jurecapuder AndroidWeatherApp Backup File androidmanifest.xml 情報の漏洩1.81.7$0-$5k$0-$5kProof-of-ConceptNot Defined0.390.00045CVE-2024-2567
15Apple iOS/iPadOS Web Content メモリ破損4.34.1$25k-$100k$5k-$25kNot DefinedOfficial Fix0.350.00045CVE-2023-42956
16All In One WP Security & Firewall Plugin 未知の脆弱性4.34.2$0-$5k$0-$5kNot DefinedNot Defined0.65-0.00000CVE-2024-30468
17Contest Gallery Plugin クロスサイトスクリプティング5.75.6$0-$5k$0-$5kNot DefinedNot Defined0.650.00000CVE-2024-30428
18WP Chat App Plugin Block Image Attribute クロスサイトスクリプティング3.53.4$0-$5k$0-$5kNot DefinedNot Defined0.630.00000CVE-2024-2513
19zephyrproject-rtos Zephyr BLE メモリ破損6.16.1$0-$5k$0-$5kNot DefinedNot Defined0.530.00043CVE-2024-3077
20Apple macOS App 情報の漏洩3.33.2$0-$5k$0-$5kNot DefinedOfficial Fix0.270.00044CVE-2023-42936

IOC - Indicator of Compromise (25)

These indicators of compromise highlight associated network ranges which are known to be part of research and attack activities.

IDIP rangeアクタータイプ信頼度
12.57.122.0/24Miraipredictive
23.75.178.0/24Cobalt Strikepredictive
35.42.65.0/24Zusypredictive
4X.XXX.XX.X/XXXxxxxx Xxxxxxpredictive
5X.XXX.XX.X/XXXxxxxx Xxxxxxpredictive
6X.XXX.XXX.X/XXXxxxxxxxxpredictive
7X.XXX.XXX.X/XXXxxxxx Xxxxxxpredictive
8X.XXX.XXX.X/XXXxxxxpredictive
9X.XXX.XXX.X/XXXxxxxx Xxxxxxpredictive
10X.XXX.XXX.X/XXXxxxxx Xxxxxxpredictive
11X.XXX.XXX.X/XXXxxxxxxpredictive
12X.XXX.XXX.X/XXXxxxxx Xxxxxxpredictive
13XX.XXX.XXX.X/XXXxxxxxxxpredictive
14XX.XXX.XX.X/XXXxx Xxxxxpredictive
15XX.XXX.XXX.X/XXXxxxxxxpredictive
16XXX.XXX.XXX.X/XXXxxxxx Xxxxxxpredictive
17XXX.XX.XXX.X/XXXxxxxpredictive
18XXX.XX.XXX.X/XXXxxxxxxxpredictive
19XXX.XX.XX.X/XXXxxxx Xxxpredictive
20XXX.XXX.XXX.X/XXXxxxxx Xxxxxxpredictive
21XXX.XXX.XX.X/XXXxxxxpredictive
22XXX.XX.XX.X/XXXxxxxxx Xxxxxxpredictive
23XXX.XXX.XXX.X/XXXxxxx Xxxxxxxpredictive
24XXX.XX.XXX.X/XXXxxxxx Xxxpredictive
25XXX.XXX.XXX.X/XXXxxxxxx Xxxxxxxpredictive

TTP - Tactics, Techniques, Procedures (19)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechnique脆弱性アクセスベクタータイプ信頼度
1T1006CWE-22, CWE-23Path Traversalpredictive
2T1055CWE-74Improper Neutralization of Data within XPath Expressionspredictive
3T1059.007CWE-79Cross Site Scriptingpredictive
4T1068CWE-269, CWE-274, CWE-284Execution with Unnecessary Privilegespredictive
5TXXXX.XXXCWE-XXXXxxx-xxxxx Xxxxxxxxxxxpredictive
6TXXXXCWE-XX, CWE-XXXxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx Xxxxxxxxxpredictive
7TXXXXCWE-XXXXxxxxxxxxx Xxxxxxpredictive
8TXXXXCWE-XXXxx Xxxxxxxxxpredictive
9TXXXXCWE-XXXXxx Xx Xxxxxxxxxx Xxxxxxx Xxxxxxxxxx Xxxxxxxxx Xxxxxxxxxxxpredictive
10TXXXX.XXXCWE-XXXXxxxxxxx Xxxxxxxxxxxxxpredictive
11TXXXXCWE-XXXXxxxxxxxxxx Xxxxxxxxxxpredictive
12TXXXX.XXXCWE-XXXXxxxxxx Xxxxxxxxxx Xxx Xxxxxxxx Xxxxxxx Xx Xx-xxxx Xxxxxx Xxxxxxxxpredictive
13TXXXX.XXXCWE-XXXXxxxxxxxxxxxpredictive
14TXXXX.XXXCWE-XXXXxxxxxxx Xxxxxxxxxxx Xxxxxxxxxxpredictive
15TXXXX.XXXCWE-XXXXxxxxxxxpredictive
16TXXXXCWE-XXX, CWE-XXX, CWE-XXX, CWE-XXX, CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx Xxxxxxxxxxxpredictive
17TXXXX.XXXCWE-XXXXxx Xxxxxxxxxx Xxxxxpredictive
18TXXXX.XXXCWE-XXXXxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx Xxxxxxxxxpredictive
19TXXXXCWE-XXXXxxxxxxxxxx Xxxxxxpredictive

IOA - Indicator of Attack (122)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDクラスIndicatorタイプ信頼度
1File/admin/adminHome.phppredictive
2File/cart.phppredictive
3File/cgi-bin/gui.cgipredictive
4File/description.phppredictive
5File/Employer/DeleteJob.php?JobId=1predictive
6File/index.phppredictive
7File/login.phppredictive
8File/Product.phppredictive
9File/secret_coder.sqlpredictive
10File/setup.cgipredictive
11FileAccountManagerService.javapredictive
12Fileadmin/include/functions.phppredictive
13Fileadmin/update_room.phppredictive
14FileadminFormvalidation.phppredictive
15Fileandroidmanifest.xmlpredictive
16Filexxx.xpredictive
17Filexxxx/xxx/xxxxxx/xxx/xxxx.xpredictive
18Filexxxx/xxx/xxx/xxx/xxxxxx.xpredictive
19Filexxx_xxxx.xpredictive
20Filexxx_xxxxxxxx.xxpredictive
21Filexxxx.xpredictive
22Filexxxxxxxxx_xxx.xxpredictive
23Filexxx_xxx.xxpredictive
24Filexxxxxxx/xxxxxx.xxx?x=xxxx_xxxxxpredictive
25Filexxxxxxx.xxxpredictive
26Filexxxxxxx/xxxx/xxxx_xxxxxx.xpredictive
27Filexxxxxxx/xxx/xxx/xxxx_xxxxxx.xpredictive
28Filexxxxxxx/xxx/xxx/xxxxxxxx.xpredictive
29Filexxx_xx.xpredictive
30Filexxxx_xxxxx.xxxpredictive
31Filexxxxxxxxxxxxxxxxxx.xxxxpredictive
32Filexx/xxxxx/xxxxxxxxxxx.xpredictive
33Filexx/xxxxx/xxxx-xxx.xpredictive
34Filexx/xxxx/xxxxxxx_xxxxxx.xpredictive
35Filexx/xxx/xxx_xxxx.xpredictive
36Filexx/xxx/xxx_xxxxx.xpredictive
37Filexx/xxx/xxx_xxxx.xpredictive
38Filexxx.xpredictive
39Filexxx_xxx_xxxx.xpredictive
40Filexxxxxxx/xxxxx/xxxx.xpredictive
41Filexxxxx.xxxpredictive
42Filexxxxxxxxxxxxxxxxxxxx.xxxxpredictive
43Filexx\xxxxxx\xxx\xxxxxxx\xxxxxxxx\xxxxxxx\xxxxxxxxxxxxxxxxxxx.xxxxpredictive
44Filexxxxxx/xxx/xxxxxxx.xpredictive
45Filexxxxxx.xpredictive
46Filexxxx_xx_xxxxxxx.xpredictive
47Filexxxxx.xxxpredictive
48Filexxxxx.xxxpredictive
49Filexxx_xxxxxxxxxxxxx.xpredictive
50Filexxxxxxxxxxxxxxxx.xxxxx.xxxpredictive
51Filexx/xxxx_xxxxx.xpredictive
52Filexxx/xxxx/xxx.xpredictive
53Filexxx/xxxx/xxxxxx.xpredictive
54Filexxx/xxxx/xxx_xxxxxx.xpredictive
55Filexxx/xxxx/xxxxx.xpredictive
56Filexxx/xxxxxxxxx/xx_xxxxxxxxx_xxxxxx.xpredictive
57Filexxx/xxxxxxxxx/xx_xxxxxx_xxx.xpredictive
58Filexxx/xxxxxxxxxxx/xxxx.xpredictive
59Filexxx/xxxxxx/xxxxxxxxxxxxx.xpredictive
60Filexxxxxxxxx.xpredictive
61Filexxxxxxxxxxxxxxxxxxxxxxx.xxxxpredictive
62Filexxxxxxxxxxxx.xxxpredictive
63Filexxxxx_xxx_xxx.xpredictive
64Filexxxxx.xpredictive
65Filexxxxxxxxxxxxxxxxxxx.xxxxpredictive
66Filexxxxxxxxxxxxxxxxx.xxxpredictive
67Filexx.xpredictive
68Filexxxxx_xxxxxxxxxxxxxxxxx.xpredictive
69Filexxxxxxxxxx.xxxpredictive
70Filexxx_xxx.xxpredictive
71Filexxxxxxxxx.xxxpredictive
72Filexxxxxxxxxxxxxxxxxxxxxxxxxxxx.xxxpredictive
73Filexx_xxxxxxxxxxx.xpredictive
74Filexx_xxxxxxxxxxxxxxx.xpredictive
75Filexxxxxxx.xpredictive
76Filexxx.xxxxxxpredictive
77Filexxx.xpredictive
78Filexxx_xxxxxx.xpredictive
79Filexxxxxxxxxxxxxxxxxx.xxxxpredictive
80Filexxxxxxx/xx/xxxx/xxx/xxxxxx/xxxxxxxxx.xxpredictive
81Filexxxxxx.xxxpredictive
82Filexxx/xxxxxxxxxxxx:predictive
83Library/xxxxx/xxxx/xxxx/xxxx/xxx/xxx/xxxxxxxxx.xpredictive
84Libraryxxxx/xxx/xxxxxxx/xxx/xxxx.xpredictive
85Libraryxxxxxxx/xxxxx/xxx.xpredictive
86Libraryxxxxxxx/xxxxx/xxxx.xpredictive
87Libraryxxxxxxx/xxx/xxxx_xxx.xpredictive
88Libraryxxxx_xx.xxpredictive
89Libraryxxx/xxx_xxxx.xpredictive
90Libraryxxx/xxxx_xxxxx.xpredictive
91Libraryxxx/xxxxxxxx.xpredictive
92Libraryxxx/xxxx_xxxxx.xpredictive
93Libraryxxx/xxxpredictive
94Libraryxxx/xxxxxxxx.xpredictive
95Libraryxxxx.xxpredictive
96Argumentxxxxxxxxpredictive
97Argumentxxxxpredictive
98Argumentxxxxxpredictive
99Argumentxxxxxx/xxxxpredictive
100Argumentxxxxxxxxxxx/xxxxxxxxxxxxxxpredictive
101Argumentxxxxxx_xxxxpredictive
102Argumentx_xxxxpredictive
103Argumentxxpredictive
104Argumentxxpredictive
105Argumentxxxxpredictive
106Argumentxxxxxxxpredictive
107Argumentxxxx_xxxxpredictive
108Argumentxxxxx[]predictive
109Argumentxxx_xxxxxxpredictive
110Argumentxx_xxxxx_xxxxxxxpredictive
111Argumentxxxx_xxxxxx_xxxxxpredictive
112Argumentxxxxxxxpredictive
113Argumentxxxxxxxx/xxxxxxpredictive
114Argumentxxxxxxpredictive
115Argumentxxxxxxx xxxx/xxxxxxx xxxxpredictive
116Argumentxxx/xxxxxxpredictive
117Argumentxxxxxpredictive
118Argumentxxxxxpredictive
119Argumentxxxxxxxxpredictive
120Argumentxxxxxxxx/xxxxxxxxpredictive
121Argumentxxxxxxxx/xxxxxxxx/xxxxx_xxxxxxxx/xxxxx_xxxxxxxxpredictive
122Argumentxxxxxpredictive
概要

Do you want to use VulDB in your project?

Use the official API to access entries easily!