CVE STALKER
Hot Vulnerabilities

Check which one is burning🔥🔥🔥

Weekly Ranking

HOT VULNERABILITY

Top 4 vulnerabilities

CVE-2022-34689

Windows CryptoAPI Spoofing Vulnerability.

CVE-2022-47966

Multiple Zoho ManageEngine on-premise products, such as ServiceDesk Plus through 14003, allow remote code execution due to use of Apache xmlsec (aka XML Security for Java) 1.4.1, because the xmlsec XSLT features, by design in that version, make the application responsible for certain security protections, and the ManageEngine applications did not provide those protections.

CVE-2023-24055

** DISPUTED ** KeePass through 2.53 (in a default installation) allows an attacker, who has write access to the XML configuration file, to obtain the cleartext passwords by adding an export trigger. NOTE: the vendor's position is that the password database is not intended to be secure against an attacker who has that level of access to the local PC.

CVE-2022-31704

The vRealize Log Insight contains a broken access control vulnerability. An unauthenticated malicious actor can remotely inject code into sensitive files of an impacted appliance which can result in remote code execution.

How it works

We collect the tweet related to vulnerability, then process them to create rankings and graphs.

Why CVE STALKER?

The CVSS is a good value to think about the severity of the vulnerability. But the popularity is also should be considered as a good barometer. Because when the vulnerability becomes very popular, it is very likely to have more attacks.

Buildings

DISCLAIMER