Live-Hack-CVE/CVE-2023-0412 TIPC dissector crash in Wireshark 4.0.0 to 4.0.2 and 3.6.0 to 3.6.10 and allows denial of service via packet injection or crafted capture file CVE project by @Sn0wAlice Create: 2023-02-02 02:03:43 +0000 UTC Push: 2023-02-02 02:03:46 +0000 UTC |

Live-Hack-CVE/CVE-2023-0411 Excessive loops in multiple dissectors in Wireshark 4.0.0 to 4.0.2 and 3.6.0 to 3.6.10 and allows denial of service via packet injection or crafted capture file CVE project by @Sn0wAlice Create: 2023-02-02 02:03:40 +0000 UTC Push: 2023-02-02 02:03:42 +0000 UTC |

Live-Hack-CVE/CVE-2019-10957 Geutebruck IP Cameras G-Code(EEC-2xxx), G-Cam(EBC-21xx/EFD-22xx/ETHC-22xx/EWPC-22xx): All versions 1.12.0.25 and prior may allow a remote authenticated attacker with access to event configuration to store malicious code on the server, which could later be triggered by a legitimate user resulting in code execution withi CVE project by @Sn0wAlice Create: 2023-02-02 02:03:36 +0000 UTC Push: 2023-02-02 02:03:39 +0000 UTC |

Live-Hack-CVE/CVE-2022-25350 All versions of the package puppet-facter are vulnerable to Command Injection via the getFact function due to improper input sanitization. CVE project by @Sn0wAlice Create: 2023-02-02 02:03:33 +0000 UTC Push: 2023-02-02 02:03:35 +0000 UTC |

Live-Hack-CVE/CVE-2020-22327 An issue was discovered in HFish 0.5.1. When a payload is inserted where the name is entered, XSS code is triggered when the administrator views the information. CVE project by @Sn0wAlice Create: 2023-02-02 02:03:29 +0000 UTC Push: 2023-02-02 02:03:31 +0000 UTC |

Live-Hack-CVE/CVE-2018-3964 An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's Foxit PDF Reader version 9.1.0.5096. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the user to open the malic CVE project by @Sn0wAlice Create: 2023-02-02 02:03:24 +0000 UTC Push: 2023-02-02 02:03:28 +0000 UTC |

Live-Hack-CVE/CVE-2022-21192 All versions of the package serve-lite are vulnerable to Directory Traversal due to missing input sanitization or other checks and protections employed to the req.url passed as-is to path.join(). CVE project by @Sn0wAlice Create: 2023-02-02 02:03:21 +0000 UTC Push: 2023-02-02 02:03:23 +0000 UTC |

Live-Hack-CVE/CVE-2014-4982 LPAR2RRD ? 4.53 and ? 3.5 has arbitrary command injection on the application server. CVE project by @Sn0wAlice Create: 2023-02-02 02:03:17 +0000 UTC Push: 2023-02-02 02:03:19 +0000 UTC |

Live-Hack-CVE/CVE-2014-4984 Déjà Vu Crescendo Sales CRM has remote SQL Injection CVE project by @Sn0wAlice Create: 2023-02-02 02:03:13 +0000 UTC Push: 2023-02-02 02:03:15 +0000 UTC |

Live-Hack-CVE/CVE-2019-14302 On Ricoh SP C250DN 1.06 devices, a debug port can be used. CVE project by @Sn0wAlice Create: 2023-02-02 02:03:09 +0000 UTC Push: 2023-02-02 02:03:11 +0000 UTC |

Live-Hack-CVE/CVE-2022-29843 A command injection vulnerability in the DDNS service configuration of Western Digital My Cloud OS 5 devices running firmware versions prior to 5.26.119 allows an attacker to execute code in the context of the root user. CVE project by @Sn0wAlice Create: 2023-02-02 02:03:05 +0000 UTC Push: 2023-02-02 02:03:08 +0000 UTC |

Live-Hack-CVE/CVE-2019-14301 Ricoh SP C250DN 1.06 devices have Incorrect Access Control (issue 1 of 2). CVE project by @Sn0wAlice Create: 2023-02-02 02:03:02 +0000 UTC Push: 2023-02-02 02:03:04 +0000 UTC |

Live-Hack-CVE/CVE-2022-29844 A vulnerability in the FTP service of Western Digital My Cloud OS 5 devices running firmware versions prior to 5.26.119 allows an attacker to read and write arbitrary files. This could lead to a full NAS compromise and would give remote execution capabilities to the attacker. CVE project by @Sn0wAlice Create: 2023-02-02 02:02:58 +0000 UTC Push: 2023-02-02 02:03:00 +0000 UTC |

Live-Hack-CVE/CVE-2020-22452 SQL Injection vulnerability in function getTableCreationQuery in CreateAddField.php in phpMyAdmin 5.x before 5.2.0 via the tbl_storage_engine or tbl_collation parameters to tbl_create.php. CVE project by @Sn0wAlice Create: 2023-02-02 02:02:54 +0000 UTC Push: 2023-02-02 02:02:56 +0000 UTC |

Live-Hack-CVE/CVE-2022-31704 The vRealize Log Insight contains a broken access control vulnerability. An unauthenticated malicious actor can remotely inject code into sensitive files of an impacted appliance which can result in remote code execution. CVE project by @Sn0wAlice Create: 2023-02-02 02:02:50 +0000 UTC Push: 2023-02-02 02:02:52 +0000 UTC |

Live-Hack-CVE/CVE-2022-31706 The vRealize Log Insight contains a Directory Traversal Vulnerability. An unauthenticated, malicious actor can inject files into the operating system of an impacted appliance which can result in remote code execution. CVE project by @Sn0wAlice Create: 2023-02-02 02:02:46 +0000 UTC Push: 2023-02-02 02:02:49 +0000 UTC |

Live-Hack-CVE/CVE-2022-31710 vRealize Log Insight contains a deserialization vulnerability. An unauthenticated malicious actor can remotely trigger the deserialization of untrusted data which could result in a denial of service. CVE project by @Sn0wAlice Create: 2023-02-02 02:02:42 +0000 UTC Push: 2023-02-02 02:02:45 +0000 UTC |

paulotrindadec/CVE-2019-9193 Create: 2023-02-02 00:41:15 +0000 UTC Push: 2023-02-02 00:41:16 +0000 UTC |

Live-Hack-CVE/CVE-2023-22574 Dell PowerScale OneFS 9.0.0.x - 9.4.0.x contain an insertion of sensitive information into log file vulnerability in platform API of IPMI module. A low-privileged user with permission to read logs on the cluster could potentially exploit this vulnerability, leading to Information disclosure and denial of service. CVE project by @Sn0wAlice Create: 2023-02-01 23:52:15 +0000 UTC Push: 2023-02-01 23:52:18 +0000 UTC |

Live-Hack-CVE/CVE-2023-22573 Dell PowerScale OneFS 9.0.0.x-9.4.0.x contain an insertion of sensitive information into log file vulnerability in cloudpool. A low privileged local attacker could potentially exploit this vulnerability, leading to sensitive information disclosure. CVE project by @Sn0wAlice Create: 2023-02-01 23:52:11 +0000 UTC Push: 2023-02-01 23:52:13 +0000 UTC |