CVE STALKER

DAILY RANKING 2022-12-01

RANK
(yesterday)
NAME HEAT SCORE DESCRIPTION
👑
(-)
CVE-2022-411648A vulnerability was found in quarkus. This security flaw happens in Dev UI Config Editor which is vulnerable to drive-by localhost attacks leading to remote code execution.
2
(-)
CVE-2017-563847The Jakarta Multipart parser in Apache Struts 2 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1 has incorrect exception handling and error-message generation during file-upload attempts, which allows remote attackers to execute arbitrary commands via a crafted Content-Type, Content-Disposition, or Content-Length HTTP header, as exploited in the wild in March 2017 with a Content-Type header containing a #cmd= string.
3
(-)
CVE-2022-2309342N/A
4
(-)
CVE-2022-332824N/A
5
(-)
CVE-2022-413924N/A
6
(-)
CVE-2022-147119N/A
7
(-)
CVE-2022-327018N/A
8⬇️
(1)
CVE-2022-3109717Grafana is an open-source platform for monitoring and observability. Versions on the 8.x and 9.x branch prior to 9.0.3, 8.5.9, 8.4.10, and 8.3.10 are vulnerable to stored cross-site scripting via the Unified Alerting feature of Grafana. An attacker can exploit this vulnerability to escalate privilege from editor to admin by tricking an authenticated admin to click on a link. Versions 9.0.3, 8.5.9, 8.4.10, and 8.3.10 contain a patch. As a workaround, it is possible to disable alerting or use legacy alerting.
9
(-)
CVE-2022-3052816N/A
10
(-)
CVE-2021-4229815Microsoft Defender Remote Code Execution Vulnerability
11⬇️
(2)
CVE-2022-402014Vulnerability in the HQSwSmiDxe DXE driver on some consumer Acer Notebook devices may allow an attacker with elevated privileges to modify UEFI Secure Boot settings by modifying an NVRAM variable.
12
(-)
CVE-2022-2860714N/A
13
(-)
CVE-2022-3643112N/A
14
(-)
CVE-2022-3696012N/A
15
(-)
CVE-2022-369612N/A
16
(-)
CVE-2022-424712N/A
17
(-)
CVE-2022-425212N/A
18
(-)
CVE-2022-4505012N/A
19
(-)
CVE-2022-3701712N/A
20
(-)
CVE-2022-425712N/A