CVE STALKER

DAILY RANKING 2021-06-19

RANK
(yesterday)
NAME HEAT SCORE DESCRIPTION
👑⬆️
(3)
CVE-2020-11110109Grafana through 6.7.1 allows stored XSS due to insufficient input protection in the originalUrl field, which allows an attacker to inject JavaScript code that will be executed after clicking on Open Original Dashboard after visiting the snapshot.
2
(-)
CVE-2021-3194522Paint 3D Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-31946, CVE-2021-31983.
3⬇️
(1)
CVE-2021-3055412N/A
4
(-)
CVE-2021-316639RIOT-OS 2021.01 before commit bc59d60be60dfc0a05def57d74985371e4f22d79 contains a buffer overflow which could allow attackers to obtain sensitive information.
5
(-)
CVE-2021-331859SerenityOS contains a buffer overflow in the set_range test in TestBitmap which could allow attackers to obtain sensitive information.
6
(-)
CVE-2021-316649RIOT-OS 2021.01 before commit 44741ff99f7a71df45420635b238b9c22093647a contains a buffer overflow which could allow attackers to obtain sensitive information.
7
(-)
CVE-2021-35609N/A
8
(-)
CVE-2021-312728SerenityOS before commit 3844e8569689dd476064a0759d704bc64fb3ca2c contains a directory traversal vulnerability in tar/unzip that may lead to command execution or privilege escalation.
9
(-)
CVE-2021-316608RIOT-OS 2021.01 before commit 85da504d2dc30188b89f44c3276fc5a25b31251f contains a buffer overflow which could allow attackers to obtain sensitive information.
10
(-)
CVE-2021-331868SerenityOS in test-crypto.cpp contains a stack buffer overflow which could allow attackers to obtain sensitive information.
11
(-)
CVE-2021-316627RIOT-OS 2021.01 before commit 07f1254d8537497552e7dce80364aaead9266bbe contains a buffer overflow which could allow attackers to obtain sensitive information.
12
(-)
CVE-2021-316617RIOT-OS 2021.01 before commit 609c9ada34da5546cffb632a98b7ba157c112658 contains a buffer overflow that could allow attackers to obtain sensitive information.
13
(-)
CVE-2017-159447Palo Alto Networks PAN-OS before 6.1.19, 7.0.x before 7.0.19, 7.1.x before 7.1.14, and 8.0.x before 8.0.6 allows remote attackers to execute arbitrary code via vectors involving the management interface.
14⬆️
(16)
CVE-2021-284766Hyper-V Remote Code Execution Vulnerability
15
(-)
CVE-2021-263146Potential floating point value injection in all supported CPU products, in conjunction with software vulnerabilities relating to speculative execution with incorrect floating point results, may cause the use of incorrect data from FPVI and may result in data leakage.
16
(-)
CVE-2018-205866bitcoind and Bitcoin-Qt prior to 0.17.1 allow injection of arbitrary data into the debug log via an RPC call.
17⬇️
(11)
CVE-2021-34496An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_cert extension then a NULL pointer dereference will result, leading to a crash and a denial of service attack. A server is only vulnerable if it has TLSv1.2 and renegotiation enabled (which is the default configuration). OpenSSL TLS clients are not impacted by this issue. All OpenSSL 1.1.1 versions are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1k. OpenSSL 1.0.2 is not impacted by this issue. Fixed in OpenSSL 1.1.1k (Affected 1.1.1-1.1.1j).
18
(-)
CVE-2019-47816** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none.
19
(-)
CVE-2021-219856The vSphere Client (HTML5) contains a remote code execution vulnerability due to lack of input validation in the Virtual SAN Health Check plug-in which is enabled by default in vCenter Server. A malicious actor with network access to port 443 may exploit this issue to execute commands with unrestricted privileges on the underlying operating system that hosts vCenter Server.
20⬇️
(2)
CVE-2021-319565Windows NTFS Elevation of Privilege Vulnerability