Live-Hack-CVE/CVE-2018-7935 There is a vulnerability in 21.328.01.00.00 version of the E5573Cs-322. Remote attackers could exploit this vulnerability to make the network where the E5573Cs-322 is running temporarily unavailable. CVE project by @Sn0wAlice Create: 2023-02-11 00:30:51 +0000 UTC Push: 2023-02-11 00:30:53 +0000 UTC |

Live-Hack-CVE/CVE-2023-25013 An issue was discovered in the femanager extension before 5.5.3, 6.x before 6.3.4, and 7.x before 7.1.0 for TYPO3. Missing access checks in the InvitationController allow an unauthenticated user to set the password of all frontend users. CVE project by @Sn0wAlice Create: 2023-02-11 00:30:46 +0000 UTC Push: 2023-02-11 00:30:48 +0000 UTC |

Live-Hack-CVE/CVE-2023-25014 An issue was discovered in the femanager extension before 5.5.3, 6.x before 6.3.4, and 7.x before 7.1.0 for TYPO3. Missing access checks in the InvitationController allow an unauthenticated user to delete all frontend users. CVE project by @Sn0wAlice Create: 2023-02-11 00:30:42 +0000 UTC Push: 2023-02-11 00:30:45 +0000 UTC |

Live-Hack-CVE/CVE-2023-24573 Dell Command | Monitor versions prior to 10.9 contain an arbitrary folder delete vulnerability during uninstallation. A locally authenticated malicious user may potentially exploit this vulnerability leading to arbitrary folder deletion. CVE project by @Sn0wAlice Create: 2023-02-11 00:30:38 +0000 UTC Push: 2023-02-11 00:30:41 +0000 UTC |

Live-Hack-CVE/CVE-2023-24569 Dell Alienware Command Center versions 5.5.37.0 and prior contain an Improper Input validation vulnerability. A local authenticated malicious user could potentially send malicious input to a named pipe in order to elevate privileges on the system. CVE project by @Sn0wAlice Create: 2023-02-11 00:30:34 +0000 UTC Push: 2023-02-11 00:30:37 +0000 UTC |

Live-Hack-CVE/CVE-2023-23698 Dell Command | Update, Dell Update, and Alienware Update versions before 4.6.0 and 4.7.1 contain Insecure Operation on Windows Junction in the installer component. A local malicious user may potentially exploit this vulnerability leading to arbitrary file delete. CVE project by @Sn0wAlice Create: 2023-02-11 00:30:30 +0000 UTC Push: 2023-02-11 00:30:32 +0000 UTC |

Live-Hack-CVE/CVE-2022-3560 A flaw was found in pesign. The pesign package provides a systemd service used to start the pesign daemon. This service unit runs a script to set ACLs for /etc/pki/pesign and /run/pesign directories to grant access privileges to users in the 'pesign' group. However, the script doesn't check for symbolic links. This cou CVE project by @Sn0wAlice Create: 2023-02-11 00:30:26 +0000 UTC Push: 2023-02-11 00:30:28 +0000 UTC |

Live-Hack-CVE/CVE-2023-24153 A command injection vulnerability in the version parameter in the function recvSlaveCloudCheckStatus of TOTOLINK T8 V4.1.5cu allows attackers to execute arbitrary commands via a crafted MQTT packet. CVE project by @Sn0wAlice Create: 2023-02-11 00:30:22 +0000 UTC Push: 2023-02-11 00:30:24 +0000 UTC |

Live-Hack-CVE/CVE-2023-24139 TOTOLINK CA300-PoE V6.2c.884 was discovered to contain a command injection vulnerability via the NetDiagHost parameter in the setNetworkDiag function. CVE project by @Sn0wAlice Create: 2023-02-11 00:30:17 +0000 UTC Push: 2023-02-11 00:30:19 +0000 UTC |

Live-Hack-CVE/CVE-2023-24140 TOTOLINK CA300-PoE V6.2c.884 was discovered to contain a command injection vulnerability via the NetDiagPingNum parameter in the setNetworkDiag function. CVE project by @Sn0wAlice Create: 2023-02-11 00:30:13 +0000 UTC Push: 2023-02-11 00:30:16 +0000 UTC |

Live-Hack-CVE/CVE-2023-24141 TOTOLINK CA300-PoE V6.2c.884 was discovered to contain a command injection vulnerability via the NetDiagPingTimeOut parameter in the setNetworkDiag function. CVE project by @Sn0wAlice Create: 2023-02-11 00:30:08 +0000 UTC Push: 2023-02-11 00:30:11 +0000 UTC |

Live-Hack-CVE/CVE-2023-24142 TOTOLINK CA300-PoE V6.2c.884 was discovered to contain a command injection vulnerability via the NetDiagPingSize parameter in the setNetworkDiag function. CVE project by @Sn0wAlice Create: 2023-02-11 00:30:04 +0000 UTC Push: 2023-02-11 00:30:06 +0000 UTC |

Live-Hack-CVE/CVE-2023-24144 TOTOLINK CA300-PoE V6.2c.884 was discovered to contain a command injection vulnerability via the hour parameter in the setRebootScheCfg function. CVE project by @Sn0wAlice Create: 2023-02-11 00:30:00 +0000 UTC Push: 2023-02-11 00:30:02 +0000 UTC |

Live-Hack-CVE/CVE-2023-24143 TOTOLINK CA300-PoE V6.2c.884 was discovered to contain a command injection vulnerability via the NetDiagTracertHop parameter in the setNetworkDiag function. CVE project by @Sn0wAlice Create: 2023-02-11 00:29:56 +0000 UTC Push: 2023-02-11 00:29:58 +0000 UTC |

dhina016/CVE-2022-47986 Create: 2023-02-10 21:16:42 +0000 UTC Push: 2023-02-10 21:17:09 +0000 UTC |

0xf4n9x/CVE-2023-0669 CVE-2023-0669 GoAnywhere MFT suffers from a pre-authentication command injection vulnerability in the License Response Servlet due to deserializing an arbitrary attacker-controlled object. Create: 2023-02-10 21:02:55 +0000 UTC Push: 2023-02-11 15:18:39 +0000 UTC |

PyterSmithDarkGhost/CVE-2023-24055-PoC-KeePass-2.5x- Create: 2023-02-10 20:04:29 +0000 UTC Push: 2023-02-10 20:04:29 +0000 UTC |

DickDock/CVE-2022-46166 CVE-2022-46166 靶场环境 Create: 2023-02-10 16:29:24 +0000 UTC Push: 2023-02-10 16:29:30 +0000 UTC |

houquanen/POC_CVE-2018-19518 Create: 2023-02-10 15:47:54 +0000 UTC Push: 2023-02-10 15:47:55 +0000 UTC |

UNICORDev/exploit-CVE-2022-25765 Exploit for CVE-2022–25765 (pdfkit) - Command Injection Create: 2023-02-10 08:50:35 +0000 UTC Push: 2023-02-24 10:29:15 +0000 UTC |