Sector Industry

Timeframe: -28 days

Default Categories (66): Access Management Software, Accounting Software, Anti-Malware Software, Anti-Spam Software, Application Server Software, Automation Software, Backup Software, Billing Software, Business Process Management Software, Calendar Software, Chip Software, Cloud Software, Communications System, Connectivity Software, Customer Relationship Management System, Database Administration Software, Database Software, Directory Service Software, Document Management Software, Document Reader Software, Endpoint Management Software, Enterprise Resource Planning Software, File Compression Software, File Transfer Software, Firewall Software, Firmware Software, Groupware Software, Hardware Driver Software, Image Processing Software, Information Management Software, IP Phone Software, Knowledge Base Software, Log Management Software, Mail Client Software, Mail Server Software, Middleware, Network Attached Storage Software, Network Authentication Software, Network Encryption Software, Network Management Software, Network Routing Software, Office Suite Software, Operating System, Presentation Software, Printing Software, Product Lifecycle Management Software, Project Management Software, Remote Access Software, Reporting Software, Router Operating System, SCADA Software, Server Management Software, Service Management Software, Software Library, Software Management Software, Spreadsheet Software, SSH Server Software, Supplier Relationship Management Software, Supply Chain Management Software, Virtualization Software, Warehouse Management System Software, Web Browser, Web Server, Windowing System Software, Wireless LAN Software, Word Processing Software

Curso de tempo

Fabricante

Linux404
Microsoft138
Oracle64
Juniper30
Not Defined28

Produto

Linux Kernel404
Microsoft Windows90
Microsoft SQL Server32
Microsoft OLE DB Driver26
Juniper Junos OS26

Medidas

Official Fix786
Temporary Fix0
Workaround0
Unavailable0
Not Defined128

Explorabilidade

High6
Functional2
Proof-of-Concept26
Unproven126
Not Defined754

Tipo de acesso

Not Defined0
Physical6
Local104
Adjacent446
Network358

Autenticação

Not Defined0
High94
Low568
None252

Actividade do utilizador

Not Defined0
Required144
None770

C3BM Index

CVSSv3 Base

≤10
≤20
≤320
≤476
≤5214
≤6246
≤7124
≤8156
≤972
≤106

CVSSv3 Temp

≤10
≤20
≤320
≤480
≤5220
≤6302
≤7140
≤8120
≤926
≤106

VulDB

≤10
≤22
≤326
≤478
≤5226
≤6240
≤7120
≤8162
≤952
≤108

NVD

≤1914
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

CNA

≤1688
≤22
≤34
≤42
≤540
≤632
≤732
≤866
≤932
≤1016

Fabricante

≤1782
≤20
≤30
≤40
≤52
≤62
≤730
≤850
≤948
≤100

Explorar 0 dia

<1k28
<2k144
<5k30
<10k458
<25k122
<50k112
<100k20
≥100k0

Explorar hoje

<1k288
<2k256
<5k172
<10k98
<25k86
<50k14
<100k0
≥100k0

Explorar o volume do mercado

IOB - Indicator of Behavior (1000)

Curso de tempo

Idioma

en812
ja94
de22
es22
pl12

País

us208
jp144
gb60
au46
de42

Actores

Mirai9
Cobalt Strike8
Bashlite4
RedLine Stealer3
BumbleBee3

Actividades

Interesse

Curso de tempo

Tipo

Operating System172
Cloud Software16
Application Server Software14
Firewall Software12
Web Server12

Fabricante

Linux166
Oracle18
Not Defined12
Microsoft10
IBM10

Produto

Linux Kernel166
Google Chrome8
Oracle Database Enterprise Edition6
cym1102 nginxWebUI6
Apache HTTP Server6

Vulnerabilidades

#VulnerabilidadeBaseTemp0dayHojeExpMasEPSSCTICVE
1Contemporary Controls BASrouter BACnet BASRT-B Device-Communication-Control Service Negação de Serviço6.55.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.000452.85CVE-2024-4292
2Nagios XI Dashlet Privilege Escalation6.35.7$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.000001.30-CVE-2024-33775
3SonicWall GMS Fraca autenticação7.37.0$0-$5k$0-$5kNot DefinedOfficial Fix0.000000.34CVE-2024-29011
4Google Chrome Picture In Picture Excesso de tampão6.36.0$25k-$100k$5k-$25kNot DefinedOfficial Fix0.000001.05-CVE-2024-4331
5Google Chrome ANGLE direitos alargados6.36.0$25k-$100k$5k-$25kNot DefinedOfficial Fix0.000000.75CVE-2024-4058
6SonicWall GMS Policy XML External Entity6.36.0$0-$5k$0-$5kNot DefinedOfficial Fix0.000000.46CVE-2024-29010
7Microsoft Windows SmartScreen Prompt direitos alargados8.88.2$25k-$100k$25k-$100kHighOfficial Fix0.008750.88CVE-2024-29988
8The R Project RDS direitos alargados7.57.4$0-$5k$0-$5kNot DefinedOfficial Fix0.000450.72CVE-2024-27322
9GNU C Library iconv Excesso de tampão5.35.1$0-$5k$0-$5kNot DefinedOfficial Fix0.000450.42CVE-2024-2961
10Linux Kernel Netfilter nft_gc_seq_begin direitos alargados6.36.0$5k-$25k$0-$5kNot DefinedOfficial Fix0.000440.55CVE-2024-26925
11Google Chrome Dawn Excesso de tampão6.36.0$25k-$100k$5k-$25kNot DefinedOfficial Fix0.000000.63-CVE-2024-4368
12QNAP QTS/QuTS hero/QuTScloud direitos alargados9.99.7$0-$5k$0-$5kNot DefinedOfficial Fix0.000430.51CVE-2024-32766
13Linux Kernel nilfs2 submit_bh_wbc Excesso de tampão8.07.6$5k-$25k$0-$5kNot DefinedOfficial Fix0.000440.46-CVE-2024-26955
14Red Hat OpenShift cluster-image-registry-operator Divulgação de Informação3.53.5$5k-$25k$0-$5kNot DefinedNot Defined0.000430.21CVE-2024-4369
15iboss Secure Web Gateway Login Portal login Roteiro Cruzado de Sítios4.33.9$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.000450.31CVE-2024-3378
16Linux Kernel zoned do_zone_finish Excesso de tampão8.07.6$5k-$25k$0-$5kNot DefinedOfficial Fix0.000430.46-CVE-2024-26944
17Microsoft Azure Synapse Analytics direitos alargados8.07.6$5k-$25k$0-$5kNot DefinedOfficial Fix0.000000.17
18Xiamen Four-Faith RMP Router Management Platform Injecção SQL6.35.7$0-$5k$0-$5kProof-of-ConceptNot Defined0.000450.35CVE-2024-3688
19Linux Kernel refcount.c mac802154_llsec_key_del Excesso de tampão8.07.6$5k-$25k$0-$5kNot DefinedOfficial Fix0.000440.38-CVE-2024-26961
20Linux Kernel wifi Negação de Serviço4.34.1$5k-$25k$0-$5kNot DefinedOfficial Fix0.000000.30-CVE-2024-27056

IOC - Indicator of Compromise (43)

These indicators of compromise highlight associated network ranges which are known to be part of research and attack activities.

IDIP rangeActorTipoAceitação
12.57.122.0/24MiraipredictiveAlto
223.154.177.0/24B1txor20predictiveAlto
331.10.174.0/24MiraipredictiveAlto
431.42.185.0/24Saint BotpredictiveAlto
537.228.129.0/24BianLianpredictiveAlto
6XX.XX.XXX.X/XXXxxxxpredictiveAlto
7XX.XX.XXX.X/XXXxxxxxxxpredictiveAlto
8XX.XXX.XXX.X/XXXxxxxpredictiveAlto
9XX.XXX.XX.X/XXXxxxxxxxpredictiveAlto
10XX.XX.XXX.X/XXXxxxxxxxpredictiveAlto
11XX.XXX.XXX.X/XXXxxxxxxpredictiveAlto
12XX.XXX.XXX.X/XXXxxxxxpredictiveAlto
13XX.XXX.X.X/XXXxxxxxxpredictiveAlto
14XX.XX.XX.X/XXXxxxxxpredictiveAlto
15XX.XXX.XXX.X/XXXxxxxxxxxxxpredictiveAlto
16XX.XXX.XXX.X/XXXxxxxxxxpredictiveAlto
17XX.XXX.XX.X/XXXxxxxx XxxxxxpredictiveAlto
18XXX.XXX.XXX.X/XXXxxxxpredictiveAlto
19XXX.XXX.XX.X/XXXxxxxxxxpredictiveAlto
20XXX.XXX.XX.X/XXXxxxxxpredictiveAlto
21XXX.XXX.X.X/XXXxxxxx XxxxxxpredictiveAlto
22XXX.XXX.X.X/XXXxxxxx XxxxxxpredictiveAlto
23XXX.XXX.XX.X/XXXxxxxpredictiveAlto
24XXX.XXX.XX.X/XXXxxxxpredictiveAlto
25XXX.XX.XXX.X/XXXxxxxxx XxxxxxxpredictiveAlto
26XXX.XX.XXX.X/XXXxxxxx XxxpredictiveAlto
27XXX.XX.XX.X/XXXxxxxxxxxxxxpredictiveAlto
28XXX.XXX.XX.X/XXXxxxxxpredictiveAlto
29XXX.XX.XX.X/XXXxxxxxxxxxpredictiveAlto
30XXX.XX.XXX.X/XXXxxxxxxxx XxxxxxpredictiveAlto
31XXX.XX.XXX.X/XXXxxxxpredictiveAlto
32XXX.XXX.XX.X/XXXxxxxxx XxxxxxpredictiveAlto
33XXX.XXX.XXX.X/XXXxxxxxxpredictiveAlto
34XXX.XXX.XXX.X/XXXxxxxxxxpredictiveAlto
35XXX.XXX.XXX.X/XXXxxxxxxxpredictiveAlto
36XXX.XXX.XXX.X/XXXxxxxxxxpredictiveAlto
37XXX.XX.XX.X/XXXxxxxx_xxxpredictiveAlto
38XXX.XXX.XXX.X/XXXxxxpredictiveAlto
39XXX.XX.XXX.X/XXXxxxxpredictiveAlto
40XXX.XXX.XXX.X/XXXxxxx_xxxxpredictiveAlto
41XXX.XXX.XXX.X/XXXxxxxxx XxxxxxxpredictiveAlto
42XXX.XXX.XXX.X/XXXxxxxxxx XxxpredictiveAlto
43XXX.XXX.XX.X/XXXxxxxxpredictiveAlto

TTP - Tactics, Techniques, Procedures (21)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueClassificaçãoVulnerabilidadesTipo de acessoTipoAceitação
1T1006CAPEC-126CWE-22, CWE-35Path TraversalpredictiveAlto
2T1055CAPEC-10CWE-74Improper Neutralization of Data within XPath ExpressionspredictiveAlto
3T1059CAPEC-137CWE-88, CWE-94, CWE-1321Argument InjectionpredictiveAlto
4T1059.007CAPEC-209CWE-79, CWE-80Cross Site ScriptingpredictiveAlto
5T1068CAPEC-122CWE-269, CWE-284Execution with Unnecessary PrivilegespredictiveAlto
6TXXXX.XXXCAPEC-CWE-XXXXxx Xx Xxxx-xxxxx XxxxxxxxpredictiveAlto
7TXXXX.XXXCAPEC-16CWE-XXX, CWE-XXXXxxx-xxxxx XxxxxxxxxxxpredictiveAlto
8TXXXXCAPEC-136CWE-XX, CWE-XXXxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx XxxxxxxxxpredictiveAlto
9TXXXXCAPEC-1CWE-XXX, CWE-XXXXxxxxxxxxx XxxxxxpredictiveAlto
10TXXXXCAPEC-108CWE-XXXxx XxxxxxxxxpredictiveAlto
11TXXXX.XXXCAPEC-1CWE-XXXXxxxxxxx XxxxxxxxxxxxxpredictiveAlto
12TXXXXCAPEC-102CWE-XXXXxxxxxxxxxx XxxxxxxxxxpredictiveAlto
13TXXXXCAPEC-37CWE-XXX, CWE-XXXXxxxxxxxx Xxxxxxx Xx Xxxxxxxxx XxxxxxxxxxxpredictiveAlto
14TXXXXCAPEC-38CWE-XXXXxxxxxxxx Xxxxxx XxxxpredictiveAlto
15TXXXX.XXXCAPEC-CWE-XXXXxxxxxxx Xxxxxx XxxxpredictiveAlto
16TXXXX.XXXCAPEC-459CWE-XXXXxxxxxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveAlto
17TXXXXCAPEC-464CWE-XXXXxxxxxxx Xx Xxxxxxx Xxxxxxxx Xxxxxxxxxxx Xx Xx Xxxxxxxxxxxx XxxxxpredictiveAlto
18TXXXXCAPEC-116CWE-XXX, CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx XxxxxxxxxxxpredictiveAlto
19TXXXXCAPEC-112CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxxxxx XxxxxxpredictiveAlto
20TXXXX.XXXCAPEC-CWE-XXXXxx Xxxxxxxxxx XxxxxpredictiveAlto
21TXXXX.XXXCAPEC-1CWE-XXXXxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx XxxxxxxxxpredictiveAlto

IOA - Indicator of Attack (114)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClasseIndicatorTipoAceitação
1File/adminPage/conf/reloadpredictiveAlto
2File/adminPage/conf/saveCmdpredictiveAlto
3File/adminPage/main/uploadpredictiveAlto
4File/adminPage/www/addOverpredictiveAlto
5File/CMD0/xml_modes.xmlpredictiveAlto
6File/Device/Device/GetDeviceInfoList?deviceCode=&searchField=&deviceState=predictiveAlto
7File/drivers/tty/serial/serial_core.cpredictiveAlto
8File/etc/passwdpredictiveMédio
9File/loginpredictiveBaixo
10File/proc/scsi/${proc_name}predictiveAlto
11File/Public/webuploader/0.1.5/server/fileupload.phppredictiveAlto
12File/Public/webuploader/0.1.5/server/fileupload2.phppredictiveAlto
13File/sys/bus/i2c/devices/i2c-2/new_devicepredictiveAlto
14File/sys/kernel/notespredictiveAlto
15File/webeditor/predictiveMédio
16Filexxx-xxxxxxx.xxxpredictiveAlto
17Filexxxxx/xxxxx/xxxxxxxxxx.xxxpredictiveAlto
18Filexxxxx/xxxxx/xxxxxxxxxxxx.xxxpredictiveAlto
19Filexxxxx/xxxxx/xxxxx.xxxpredictiveAlto
20Filexxxxx/xxxxxxxx/xxxxx.xxxpredictiveAlto
21Filexxxxx/xxxxx.xxxpredictiveAlto
22Filexxxxx/xxxxx/xxxxxxxxxx.xxxpredictiveAlto
23Filex:\xxxxxxxxpredictiveMédio
24Filexxxx_xxxxxxx.xxpredictiveAlto
25Filexxxxxx/xxxxxx_xxxxxx.xpredictiveAlto
26Filexx_xxx.xpredictiveMédio
27Filexxxxxxx/xxxxxx/xxxxxxx/xxxxxx_xxxx.xpredictiveAlto
28Filexxxxxxx/xxx/xxxx/xxx.xpredictiveAlto
29Filexxxxxxx/xxxx/xxxx_xxxx.xpredictiveAlto
30Filexxxxxxx/xxxxx/xxxxxxx/xx_xxxxxxxxx.xpredictiveAlto
31Filexxxxxxx/xxxxx/xxx-xxxxxxxxx/xxxxxxx.xpredictiveAlto
32Filexxxxxxx/xxx/xxxxxxxx/xxx/xx.xpredictiveAlto
33Filexxxxxxx/xxx/xxxxxxxx/xxxxxxxxx/xxxxxxxx/xxx.xpredictiveAlto
34Filexxxxxxx/xxxx/xxx/xxxxxx.xpredictiveAlto
35Filexxxxxxx/xxx/xxxxxx/xxxx/xxxx_xxxx.xpredictiveAlto
36Filexxxxxxx/xxx/xxxx/xxxxx.xpredictiveAlto
37Filexxxxxxx/xxx/xxxx/xxx.xpredictiveAlto
38Filexx/xxxxxx.xpredictiveMédio
39Filexx/xxxx/xxxxxxx.xpredictiveAlto
40Filexx/xxxxx/xxxx.xpredictiveAlto
41Filexx/xxxxxx/xxx.xpredictiveAlto
42Filexxxxxxx.xxpredictiveMédio
43FilexxxxxpredictiveBaixo
44Filexxxxx_xxxxxxpredictiveMédio
45Filexx/xxx/xxx_xx_xxx.xpredictiveAlto
46Filexxxxxxx/xxxxx/xxxxxxxxxxxx.xpredictiveAlto
47Filexxxxxxx/xxxxx/xxxxxx.xpredictiveAlto
48Filexxxx/xxxx.xpredictiveMédio
49Filexxxxx.xpredictiveBaixo
50Filexxxxxx/xxx/xxxxxx.xpredictiveAlto
51Filexxxxxx/xxx/xxxxx.xpredictiveAlto
52Filexxxxxx/xxxx_xxxxx.xpredictiveAlto
53Filexxxxxxxxxxxxx.xxxpredictiveAlto
54Filexx/xxxx.xpredictiveMédio
55Filexx/xxxxxxxx.xpredictiveAlto
56Filexxxxxxx/xxxxx/xxxxxx/xxxxxx.xxxpredictiveAlto
57Filexxx/xxxxxx/xx_xxxxxxxxx_xxxxx.xpredictiveAlto
58Filexxx/xxxx/xxx.xpredictiveAlto
59Filexxx/xxxxxxxxx/xx_xxxxxx_xxx.xpredictiveAlto
60Filexxxx.xpredictiveBaixo
61Filexxxx.xxxpredictiveMédio
62Filexxx.xpredictiveBaixo
63Filexxxxx/xxx/xxxx/xxxxx-xxx-xxx.xpredictiveAlto
64Filexxxxx_xxxx.xpredictiveMédio
65Filexxxx_xxxxxx.xxpredictiveAlto
66Filexxxxxx_xxxxxxxx.xxxpredictiveAlto
67Filexxxx.xxxpredictiveMédio
68Libraryxxxxx-xx.xxpredictiveMédio
69Libraryxxxx.xxxpredictiveMédio
70Libraryxxxxxxx/xxx/xxxx_xxx.xpredictiveAlto
71Libraryxxx/xxxxxxxxxxxx.xpredictiveAlto
72Libraryxxx/xxxx_xxxxx.xpredictiveAlto
73Libraryxxx/xxx_xxxx.xpredictiveAlto
74Libraryxxx/xxxx_xxxxx.xpredictiveAlto
75Libraryxxx/xxxxxx.xpredictiveMédio
76Libraryxxx/xxxxxxxx.xpredictiveAlto
77Libraryxxx/xxx_xxxxxxx.xpredictiveAlto
78Libraryxxx/xxxxxxxxxxx.xpredictiveAlto
79Libraryxxx/xxxxxxxx.xpredictiveAlto
80Libraryxxxxxxxx.xxxpredictiveMédio
81Libraryxxxx-xxxxxx.xxxpredictiveAlto
82ArgumentxxxxxxpredictiveBaixo
83ArgumentxxxxpredictiveBaixo
84ArgumentxxxxxxxxxxxxxxxxpredictiveAlto
85Argumentxxxxxxxxxxxxx/xxxxxxxxxpredictiveAlto
86ArgumentxxxxxxxxpredictiveMédio
87ArgumentxxxpredictiveBaixo
88ArgumentxxxpredictiveBaixo
89ArgumentxxxxxxxpredictiveBaixo
90Argumentxxxxxxx_xxxxpredictiveMédio
91ArgumentxxxxpredictiveBaixo
92Argumentxxx_xxxx/xx_xxx_xxxxpredictiveAlto
93ArgumentxxxxxxxpredictiveBaixo
94ArgumentxxxxpredictiveBaixo
95ArgumentxxpredictiveBaixo
96Argumentxx/xxx/xxxxxpredictiveMédio
97ArgumentxxxxxpredictiveBaixo
98Argumentxxx_xxxxxxxpredictiveMédio
99ArgumentxxxxxxxxpredictiveMédio
100ArgumentxxxxxxxxxpredictiveMédio
101Argumentxxxxxxx_xxxxx_xxxxxxpredictiveAlto
102ArgumentxxxxxxxpredictiveBaixo
103ArgumentxxxxxpredictiveBaixo
104ArgumentxxxxxxxxxxxpredictiveMédio
105ArgumentxxxxpredictiveBaixo
106Argumentxxxx/xxxxxxxxpredictiveAlto
107ArgumentxxxxxxxxpredictiveMédio
108Argumentxx_xxxxxpredictiveMédio
109Argumentxxxxxx xxxxxpredictiveMédio
110Argumentxxxx_xxxxxpredictiveMédio
111Argumentxxxx_xxxxpredictiveMédio
112Argumentx-xxxxxxxxx-xxxpredictiveAlto
113Argumentxxx_xx_xxx_xxxxpredictiveAlto
114Input ValuexxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxpredictiveAlto
VoltarVisão GeralPróximo

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!