CVE STALKER

DAILY RANKING 2021-06-09

RANK
(yesterday)
NAME HEAT SCORE DESCRIPTION
👑➡️
(1)
CVE-2021-3195692Windows NTFS Elevation of Privilege Vulnerability
2➡️
(2)
CVE-2021-3195571Windows Kernel Information Disclosure Vulnerability
3⬆️
(9)
CVE-2021-3373967Microsoft DWM Core Library Elevation of Privilege Vulnerability
4
(-)
CVE-2020-3628966Affected versions of Atlassian Jira Server and Data Center allow an unauthenticated user to enumerate users via an Information Disclosure vulnerability in the QueryComponentRendererValue!Default.jspa endpoint. The affected versions are before version 8.5.13, from version 8.6.0 before 8.13.5, and from version 8.14.0 before 8.15.1.
5⬇️
(3)
CVE-2021-2198556The vSphere Client (HTML5) contains a remote code execution vulnerability due to lack of input validation in the Virtual SAN Health Check plug-in which is enabled by default in vCenter Server. A malicious actor with network access to port 443 may exploit this issue to execute commands with unrestricted privileges on the underlying operating system that hosts vCenter Server.
6⬆️
(10)
CVE-2021-3374243Windows MSHTML Platform Remote Code Execution Vulnerability
7
(-)
CVE-2021-2641433Windows DCOM Server Security Feature Bypass
8
(-)
CVE-2021-2844730Windows Early Launch Antimalware Driver Security Feature Bypass Vulnerability This CVE ID is unique from CVE-2021-27094.
9
(-)
CVE-2021-3055130Type confusion in V8 in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
10
(-)
CVE-2021-2709428Windows Early Launch Antimalware Driver Security Feature Bypass Vulnerability This CVE ID is unique from CVE-2021-28447.
11
(-)
CVE-2021-3119927Microsoft Enhanced Cryptographic Provider Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-31201.
12
(-)
CVE-2021-2855427N/A
13
(-)
CVE-2021-3120126Microsoft Enhanced Cryptographic Provider Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-31199.
14
(-)
CVE-2021-2790525The ReplicationHandler (normally registered at "/replication" under a Solr core) in Apache Solr has a "masterUrl" (also "leaderUrl" alias) parameter that is used to designate another ReplicationHandler on another Solr core to replicate index data into the local core. To prevent a SSRF vulnerability, Solr ought to check these parameters against a similar configuration it uses for the "shards" parameter. Prior to this bug getting fixed, it did not. This problem affects essentially all Solr versions prior to it getting fixed in 8.8.2.
15⬇️
(5)
CVE-2021-008921Observable response discrepancy in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.
16⬇️
(7)
CVE-2021-008618Improper permissions in the installer for the Intel(R) Brand Verification Tool before version 11.0.0.1225 may allow an authenticated user to potentially enable escalation of privilege via local access.
17
(-)
CVE-2021-3366918Under certain conditions, SAP Mobile SDK Certificate Provider allows a local unprivileged attacker to exploit an insecure temporary file storage. For a successful exploitation user interaction from another user is required and could lead to complete impact of confidentiality integrity and availability.
18
(-)
CVE-2021-2686818Windows Graphics Component Elevation of Privilege Vulnerability
19
(-)
CVE-2021-3196216Kerberos AppContainer Security Feature Bypass Vulnerability
20
(-)
CVE-2021-3194513Paint 3D Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-31946, CVE-2021-31983.