Live-Hack-CVE/CVE-2023-21446 Improper input validation in MyFiles prior to version 12.2.09 in Android R(11), 13.1.03.501 in Android S( 12) and 14.1.00.422 in Android T(13) allows local attacker to access data of MyFiles. CVE project by @Sn0wAlice Create: 2023-02-18 06:12:41 +0000 UTC Push: 2023-02-18 06:12:44 +0000 UTC |

Live-Hack-CVE/CVE-2023-24348 D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the curTime parameter at /goform/formSetACLFilter. CVE project by @Sn0wAlice Create: 2023-02-18 06:12:38 +0000 UTC Push: 2023-02-18 06:12:40 +0000 UTC |

Live-Hack-CVE/CVE-2023-24349 D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the curTime parameter at /goform/formSetRoute. CVE project by @Sn0wAlice Create: 2023-02-18 06:12:35 +0000 UTC Push: 2023-02-18 06:12:37 +0000 UTC |

Live-Hack-CVE/CVE-2023-24352 D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the webpage parameter at /goform/formWPS. CVE project by @Sn0wAlice Create: 2023-02-18 06:12:31 +0000 UTC Push: 2023-02-18 06:12:33 +0000 UTC |

Live-Hack-CVE/CVE-2023-21445 Improper access control vulnerability in MyFiles prior to versions 12.2.09 in Android R(11), 13.1.03.501 in Android S(12) and 14.1.00.422 in Android T(13) allows local attacker to write file with MyFiles privilege via implicit intent. CVE project by @Sn0wAlice Create: 2023-02-18 06:12:28 +0000 UTC Push: 2023-02-18 06:12:30 +0000 UTC |

Live-Hack-CVE/CVE-2023-24350 D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the config.smtp_email_subject parameter at /goform/formSetEmail. CVE project by @Sn0wAlice Create: 2023-02-18 06:12:24 +0000 UTC Push: 2023-02-18 06:12:26 +0000 UTC |

eduardosantos1989/CVE-2023-22941 In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, an improperly-formatted ‘INGEST_EVAL’ parameter in a [Field Transformation](https://docs.splunk.com/Documentation/Splunk/latest/Knowledge/Managefieldtransforms) crashes the Splunk daemon (splunkd). CVE project by @Sn0wAlice Create: 2023-02-18 05:26:05 +0000 UTC Push: 2023-02-18 05:27:43 +0000 UTC |

Live-Hack-CVE/CVE-2021-35261 File Upload Vulnerability in Yupoxion BearAdmin before commit 10176153528b0a914eb4d726e200fd506b73b075 allows attacker to execute arbitrary remote code via the Upfile function of the extend/tools/Ueditor endpoint. CVE project by @Sn0wAlice Create: 2023-02-18 04:02:39 +0000 UTC Push: 2023-02-18 04:02:41 +0000 UTC |

Live-Hack-CVE/CVE-2021-33949 An issue in FeMiner WMS v1.1 allows attackers to execute arbitrary code via the filename parameter and the exec function. CVE project by @Sn0wAlice Create: 2023-02-18 04:02:35 +0000 UTC Push: 2023-02-18 04:02:37 +0000 UTC |

Live-Hack-CVE/CVE-2021-34182 An issue in ttyd v.1.6.3 allows attacker to execute arbitrary code via default configuration permissions. CVE project by @Sn0wAlice Create: 2023-02-18 04:02:31 +0000 UTC Push: 2023-02-18 04:02:34 +0000 UTC |

Live-Hack-CVE/CVE-2021-33948 SQL injection vulnerability in FantasticLBP Hotels Server v1.0 allows attacker to execute arbitrary code via the username parameter. CVE project by @Sn0wAlice Create: 2023-02-18 04:02:28 +0000 UTC Push: 2023-02-18 04:02:30 +0000 UTC |

Live-Hack-CVE/CVE-2021-34164 Permissions vulnerability in LIZHIFAKA v.2.2.0 allows authenticated attacker to execute arbitrary commands via the set password function in the admin/index/email location. CVE project by @Sn0wAlice Create: 2023-02-18 04:02:24 +0000 UTC Push: 2023-02-18 04:02:27 +0000 UTC |

Live-Hack-CVE/CVE-2021-33237 Cross Site Scripting vulnerability in YMFE yapo v1.9.1 allows attacker to execute arbitrary code via the remark parameter of the interface edit page. CVE project by @Sn0wAlice Create: 2023-02-18 04:02:21 +0000 UTC Push: 2023-02-18 04:02:23 +0000 UTC |

Live-Hack-CVE/CVE-2021-33226 Buffer Overflow vulnerability in Saltstack v.3003 and before allows attacker to execute arbitrary code via the func variable in salt/salt/modules/status.py file. CVE project by @Sn0wAlice Create: 2023-02-18 04:02:17 +0000 UTC Push: 2023-02-18 04:02:20 +0000 UTC |

Live-Hack-CVE/CVE-2021-33983 Buffer Overflow vulnerability in Dvidelabs flatcc v.0.6.0 allows local attacker to execute arbitrary code via the fltacc execution of the error_ref_sym function. CVE project by @Sn0wAlice Create: 2023-02-18 04:02:14 +0000 UTC Push: 2023-02-18 04:02:16 +0000 UTC |

Live-Hack-CVE/CVE-2021-33926 An issue in Plone CMS v. 5.2.4, 5.2.3, 5.2.2, 5.2.1, 5.2.0, 5.1rc2, 5.1rc1, 5.1b4, 5.1b3, 5.1b2, 5.1a2, 5.1a1, 5.1.7, 5.1.6, 5.1.5, 5.1.4, 5.1.2, 5.1.1 5.1, 5.0rc3, 5.0rc2, 5.0rc1, 5.0.9, 5.0.8, 5.0.7, 5.0.6, 5.0.5, 5.0.4, 5.0.3, 5.0.2, 5.0.10, 5.0.1, 5.0, 4.3.9, 4.3.8, 4.3.7, 4.3.6, 4.3.5, 4.3.4, 4.3.3, 4.3.20, 4 allo CVE project by @Sn0wAlice Create: 2023-02-18 04:02:09 +0000 UTC Push: 2023-02-18 04:02:11 +0000 UTC |

Live-Hack-CVE/CVE-2021-33391 An issue in HTACG HTML Tidy v5.7.28 allows attacker to execute arbitrary code via the -g option of the CleanNode() function in gdoc.c. CVE project by @Sn0wAlice Create: 2023-02-18 04:02:04 +0000 UTC Push: 2023-02-18 04:02:07 +0000 UTC |

Live-Hack-CVE/CVE-2021-32142 Buffer Overflow vulnerability in LibRaw linux/unix v0.20.0 allows attacker to escalate privileges via the LibRaw_buffer_datastream::gets(char*, int) in /src/libraw/src/libraw_datastream.cpp. CVE project by @Sn0wAlice Create: 2023-02-18 04:02:01 +0000 UTC Push: 2023-02-18 04:02:03 +0000 UTC |

Live-Hack-CVE/CVE-2021-32441 SQL Injection vulnerability in Exponent-CMS v.2.6.0 fixed in 2.7.0 allows attackers to gain access to sensitive information via the selectValue function in the expConfig class. CVE project by @Sn0wAlice Create: 2023-02-18 04:01:58 +0000 UTC Push: 2023-02-18 04:02:00 +0000 UTC |

Live-Hack-CVE/CVE-2021-32419 An issue in Schism Tracker v20200412 fixed in v.20200412 allows attacker to obtain sensitive information via the fmt_mtm_load_song function in fmt/mtm.c. CVE project by @Sn0wAlice Create: 2023-02-18 04:01:53 +0000 UTC Push: 2023-02-18 04:01:55 +0000 UTC |