CVE STALKER
Hot Vulnerabilities

Check which one is burning🔥🔥🔥

Weekly Ranking

HOT VULNERABILITY

Top 4 vulnerabilities

CVE-2022-1388

On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x versions prior to 14.1.4.6, 13.1.x versions prior to 13.1.5, and all 12.1.x and 11.6.x versions, undisclosed requests may bypass iControl REST authentication. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated

CVE-2022-22978

In Spring Security versions 5.5.6 and 5.5.7 and older unsupported versions, RegexRequestMatcher can easily be misconfigured to be bypassed on some servlet containers. Applications using RegexRequestMatcher with `.` in the regular expression are possibly vulnerable to an authorization bypass.

CVE-2022-22972

VMware Workspace ONE Access, Identity Manager and vRealize Automation contain an authentication bypass vulnerability affecting local domain users. A malicious actor with network access to the UI may be able to obtain administrative access without the need to authenticate.

CVE-2022-22973

VMware Workspace ONE Access and Identity Manager contain a privilege escalation vulnerability. A malicious actor with local access can escalate privileges to 'root'.

How it works

We collect the tweet related to vulnerability, then process them to create rankings and graphs.

Why CVE STALKER?

The CVSS is a good value to think about the severity of the vulnerability. But the popularity is also should be considered as a good barometer. Because when the vulnerability becomes very popular, it is very likely to have more attacks.

Buildings

DISCLAIMER