CVE STALKER

DAILY RANKING 2023-03-21

RANK
(yesterday)
NAME HEAT SCORE DESCRIPTION
👑➡️
(1)
CVE-2023-23397106Microsoft Outlook Elevation of Privilege Vulnerability
2
(-)
CVE-2023-2180035Windows Installer Elevation of Privilege Vulnerability
3
(-)
CVE-2023-2086019N/A
4
(-)
CVE-2020-3662016A vulnerability was found in Brondahl EnumStringValues 4.0.1. It has been declared as problematic. This vulnerability affects the function GetStringValuesWithPreferences_Uncache of the file EnumStringValues/EnumExtensions.cs. The manipulation leads to resource consumption. Upgrading to version 4.0.2 is able to address this issue. The name of the patch is c0fc7806beb24883cc2f9543ebc50c0820297307. It is recommended to upgrade the affected component. VDB-216466 is the identifier assigned to this vulnerability.
5
(-)
CVE-2023-152715Cross-site Scripting (XSS) - Generic in GitHub repository tsolucio/corebos prior to 8.0.
6
(-)
CVE-2023-154515SQL Injection in GitHub repository nilsteampassnet/teampass prior to 3.0.0.23.
7⬇️
(4)
CVE-2022-4109914BitLocker Security Feature Bypass Vulnerability.
8⬇️
(5)
CVE-2022-2471614Icinga Web 2 is an open source monitoring web interface, framework and command-line interface. Unauthenticated users can leak the contents of files of the local system accessible to the web-server user, including `icingaweb2` configuration files with database credentials. This issue has been resolved in versions 2.9.6 and 2.10 of Icinga Web 2. Database credentials should be rotated.
9
(-)
CVE-2023-153514Cross-site Scripting (XSS) - Stored in GitHub repository answerdev/answer prior to 1.0.7.
10
(-)
CVE-2023-153714Authentication Bypass by Capture-replay in GitHub repository answerdev/answer prior to 1.0.6.
11
(-)
CVE-2023-154314Insufficient Session Expiration in GitHub repository answerdev/answer prior to 1.0.6.
12
(-)
CVE-2023-115314Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Pacsrapor allows SQL Injection, Command Line Execution through SQL Injection.This issue affects Pacsrapor: before 1.22.
13
(-)
CVE-2012-1000913A vulnerability was found in 404like Plugin up to 1.0.2. It has been classified as critical. Affected is the function checkPage of the file 404Like.php. The manipulation of the argument searchWord leads to sql injection. It is possible to launch the attack remotely. Upgrading to version 1.0.2 is able to address this issue. The name of the patch is 2c4b589d27554910ab1fd104ddbec9331b540f7f. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-223404.
14⬇️
(3)
CVE-2023-2341513Internet Control Message Protocol (ICMP) Remote Code Execution Vulnerability
15
(-)
CVE-2023-153613Cross-site Scripting (XSS) - Stored in GitHub repository answerdev/answer prior to 1.0.7.
16
(-)
CVE-2023-153813Observable Timing Discrepancy in GitHub repository answerdev/answer prior to 1.0.6.
17
(-)
CVE-2023-153913Guessable CAPTCHA in GitHub repository answerdev/answer prior to 1.0.6.
18
(-)
CVE-2023-154013Observable Response Discrepancy in GitHub repository answerdev/answer prior to 1.0.6.
19
(-)
CVE-2023-154113Business Logic Errors in GitHub repository answerdev/answer prior to 1.0.6.
20
(-)
CVE-2023-154213Business Logic Errors in GitHub repository answerdev/answer prior to 1.0.6.