Live-Hack-CVE/CVE-2023-0781 A vulnerability was found in SourceCodester Canteen Management System 1.0. It has been declared as critical. This vulnerability affects the function query of the file removeOrder.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the CVE project by @Sn0wAlice Create: 2023-02-11 23:25:04 +0000 UTC Push: 2023-02-11 23:25:06 +0000 UTC |

Live-Hack-CVE/CVE-2022-34445 Dell PowerScale OneFS, versions 8.2.x through 9.3.x contain a weak encoding for a password. A malicious local privileged attacker may potentially exploit this vulnerability, leading to information disclosure. CVE project by @Sn0wAlice Create: 2023-02-11 21:13:06 +0000 UTC Push: 2023-02-11 21:13:08 +0000 UTC |

Live-Hack-CVE/CVE-2022-34444 Dell PowerScale OneFS, versions 9.2.0.x through 9.4.0.x contain an information vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability to cause data leak. CVE project by @Sn0wAlice Create: 2023-02-11 21:13:02 +0000 UTC Push: 2023-02-11 21:13:05 +0000 UTC |

Live-Hack-CVE/CVE-2022-34404 Dell System Update, version 2.0.0 and earlier, contains an Improper Certificate Validation in data parser module. A local attacker with high privileges could potentially exploit this vulnerability, leading to credential theft and/or denial of service. CVE project by @Sn0wAlice Create: 2023-02-11 21:12:59 +0000 UTC Push: 2023-02-11 21:13:01 +0000 UTC |

Live-Hack-CVE/CVE-2022-34392 SupportAssist for Home PCs (versions 3.11.4 and prior) contain an insufficient session expiration Vulnerability. An authenticated non-admin user can be able to obtain the refresh token and that leads to reuse the access token and fetch sensitive information. CVE project by @Sn0wAlice Create: 2023-02-11 21:12:56 +0000 UTC Push: 2023-02-11 21:12:58 +0000 UTC |

Live-Hack-CVE/CVE-2022-34389 Dell SupportAssist contains a rate limit bypass issues in screenmeet API third party component. An unauthenticated attacker could potentially exploit this vulnerability and impersonate a legitimate dell customer to a dell support technician. CVE project by @Sn0wAlice Create: 2023-02-11 21:12:52 +0000 UTC Push: 2023-02-11 21:12:54 +0000 UTC |

Live-Hack-CVE/CVE-2022-34388 Dell SupportAssist for Home PCs (version 3.11.4 and prior) and SupportAssist for Business PCs (version 3.2.0 and prior) contain information disclosure vulnerability. A local malicious user with low privileges could exploit this vulnerability to view and modify sensitive information in the database of the affected appli CVE project by @Sn0wAlice Create: 2023-02-11 21:12:49 +0000 UTC Push: 2023-02-11 21:12:51 +0000 UTC |

Live-Hack-CVE/CVE-2022-34387 Dell SupportAssist for Home PCs (version 3.11.4 and prior) and SupportAssist for Business PCs (version 3.2.0 and prior) contain a privilege escalation vulnerability. A local authenticated malicious user could potentially exploit this vulnerability to elevate privileges and gain total control of the system. CVE project by @Sn0wAlice Create: 2023-02-11 21:12:45 +0000 UTC Push: 2023-02-11 21:12:47 +0000 UTC |

Live-Hack-CVE/CVE-2022-34386 Dell SupportAssist for Home PCs (version 3.11.4 and prior) and SupportAssist for Business PCs (version 3.2.0 and prior) contain cryptographic weakness vulnerability. An authenticated non-admin user could potentially exploit the issue and obtain sensitive information. CVE project by @Sn0wAlice Create: 2023-02-11 21:12:42 +0000 UTC Push: 2023-02-11 21:12:44 +0000 UTC |

Live-Hack-CVE/CVE-2022-34385 SupportAssist for Home PCs (version 3.11.4 and prior) and SupportAssist for Business PCs (version 3.2.0 and prior) contain cryptographic weakness vulnerability. An authenticated non-admin user could potentially exploit the issue and obtain sensitive information. CVE project by @Sn0wAlice Create: 2023-02-11 21:12:38 +0000 UTC Push: 2023-02-11 21:12:41 +0000 UTC |

Live-Hack-CVE/CVE-2022-34384 Dell SupportAssist Client Consumer (version 3.11.1 and prior), SupportAssist Client Commercial (version 3.2 and prior), Dell Command | Update, Dell Update, and Alienware Update versions before 4.5 contain a Local Privilege Escalation Vulnerability in the Advanced Driver Restore component. A local malicious user may pot CVE project by @Sn0wAlice Create: 2023-02-11 21:12:35 +0000 UTC Push: 2023-02-11 21:12:37 +0000 UTC |

Live-Hack-CVE/CVE-2020-3299 Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured File Policy for HTTP. The vulnerability is due to incorrect detection of modified HTTP packets used in chunked responses. An attacker could exploit this vulne CVE project by @Sn0wAlice Create: 2023-02-11 21:12:31 +0000 UTC Push: 2023-02-11 21:12:33 +0000 UTC |

Live-Hack-CVE/CVE-2021-1236 Multiple Cisco products are affected by a vulnerability in the Snort application detection engine that could allow an unauthenticated, remote attacker to bypass the configured policies on an affected system. The vulnerability is due to a flaw in the detection algorithm. An attacker could exploit this vulnerability by s CVE project by @Sn0wAlice Create: 2023-02-11 21:12:27 +0000 UTC Push: 2023-02-11 21:12:29 +0000 UTC |

Live-Hack-CVE/CVE-2021-1224 Multiple Cisco products are affected by a vulnerability with TCP Fast Open (TFO) when used in conjunction with the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured file policy for HTTP. The vulnerability is due to incorrect detection of the HTTP payload if it is contain CVE project by @Sn0wAlice Create: 2023-02-11 21:12:24 +0000 UTC Push: 2023-02-11 21:12:26 +0000 UTC |

Live-Hack-CVE/CVE-2021-1223 Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured file policy for HTTP. The vulnerability is due to incorrect handling of an HTTP range header. An attacker could exploit this vulnerability by sending crafted CVE project by @Sn0wAlice Create: 2023-02-11 21:12:20 +0000 UTC Push: 2023-02-11 21:12:22 +0000 UTC |

Live-Hack-CVE/CVE-2021-34749 A vulnerability in Server Name Identification (SNI) request filtering of Cisco Web Security Appliance (WSA), Cisco Firepower Threat Defense (FTD), and the Snort detection engine could allow an unauthenticated, remote attacker to bypass filtering technology on an affected device and exfiltrate data from a compromised ho CVE project by @Sn0wAlice Create: 2023-02-11 21:12:15 +0000 UTC Push: 2023-02-11 21:12:18 +0000 UTC |

Live-Hack-CVE/CVE-2021-40114 Multiple Cisco products are affected by a vulnerability in the way the Snort detection engine processes ICMP traffic that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper memory resource management while the Snort de CVE project by @Sn0wAlice Create: 2023-02-11 21:12:12 +0000 UTC Push: 2023-02-11 21:12:14 +0000 UTC |

Live-Hack-CVE/CVE-2023-0780 Improper Restriction of Rendered UI Layers or Frames in GitHub repository cockpit-hq/cockpit prior to 2.3.9-dev. CVE project by @Sn0wAlice Create: 2023-02-11 21:12:09 +0000 UTC Push: 2023-02-11 21:12:11 +0000 UTC |

Live-Hack-CVE/CVE-2022-4321 The PDF Generator for WordPress plugin before 1.1.2 includes a vendored dompdf example file which is susceptible to Reflected Cross-Site Scripting and could be used against high privilege users such as admin CVE project by @Sn0wAlice Create: 2023-02-11 21:12:03 +0000 UTC Push: 2023-02-11 21:12:05 +0000 UTC |

Athishpranav2003/CVE-2022-44118 PoC Exploit for RCE vulnerability in DedeCMS v6.1.9 Create: 2023-02-11 15:29:08 +0000 UTC Push: 2023-02-11 15:29:08 +0000 UTC |