Live-Hack-CVE/CVE-2022-34459 Dell Command | Update, Dell Update, and Alienware Update versions prior to 4.7 contain a improper verification of cryptographic signature in get applicable driver component. A local malicious user could potentially exploit this vulnerability leading to malicious payload execution. CVE project by @Sn0wAlice Create: 2023-02-01 15:02:00 +0000 UTC Push: 2023-02-01 15:02:02 +0000 UTC |

Live-Hack-CVE/CVE-2022-34443 Dell Rugged Control Center, versions prior to 4.5, contain an Improper Input Validation in the Service EndPoint. A Local Low Privilege attacker could potentially exploit this vulnerability, leading to an Escalation of privileges. CVE project by @Sn0wAlice Create: 2023-02-01 15:01:56 +0000 UTC Push: 2023-02-01 15:01:59 +0000 UTC |

Live-Hack-CVE/CVE-2022-34458 Dell Command | Update, Dell Update, and Alienware Update versions prior to 4.7 contain a Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in download operation component. A local malicious user could potentially exploit this vulnerability leading to the disclosure of confidential CVE project by @Sn0wAlice Create: 2023-02-01 15:01:53 +0000 UTC Push: 2023-02-01 15:01:55 +0000 UTC |

Live-Hack-CVE/CVE-2022-25916 Versions of the package mt7688-wiscan before 0.8.3 are vulnerable to Command Injection due to improper input sanitization in the 'wiscan.scan' function. CVE project by @Sn0wAlice Create: 2023-02-01 15:01:49 +0000 UTC Push: 2023-02-01 15:01:52 +0000 UTC |

Live-Hack-CVE/CVE-2022-34400 Dell BIOS contains a heap buffer overflow vulnerability. A local attacker with admin privileges could potentially exploit this vulnerability to perform an arbitrary write to SMRAM during SMM. CVE project by @Sn0wAlice Create: 2023-02-01 15:01:46 +0000 UTC Push: 2023-02-01 15:01:48 +0000 UTC |

Live-Hack-CVE/CVE-2022-25906 All versions of the package is-http2 are vulnerable to Command Injection due to missing input sanitization or other checks, and sandboxes being employed to the isH2 function. CVE project by @Sn0wAlice Create: 2023-02-01 15:01:42 +0000 UTC Push: 2023-02-01 15:01:44 +0000 UTC |

masahiro331/cve-2022-25927 Create: 2023-02-01 12:16:47 +0000 UTC Push: 2023-02-01 12:16:47 +0000 UTC |

Cedric1314/CVE-2022-47872 Create: 2023-02-01 10:34:19 +0000 UTC Push: 2023-02-01 10:34:19 +0000 UTC |

Live-Hack-CVE/CVE-2020-21532 fig2dev 3.2.7b contains a global buffer overflow in the setfigfont function in genepic.c. CVE project by @Sn0wAlice Create: 2023-02-01 09:26:00 +0000 UTC Push: 2023-02-01 09:26:03 +0000 UTC |

Live-Hack-CVE/CVE-2020-21531 fig2dev 3.2.7b contains a global buffer overflow in the conv_pattern_index function in gencgm.c. CVE project by @Sn0wAlice Create: 2023-02-01 09:25:57 +0000 UTC Push: 2023-02-01 09:25:59 +0000 UTC |

Live-Hack-CVE/CVE-2020-21529 fig2dev 3.2.7b contains a stack buffer overflow in the bezier_spline function in genepic.c. CVE project by @Sn0wAlice Create: 2023-02-01 09:25:53 +0000 UTC Push: 2023-02-01 09:25:55 +0000 UTC |

Live-Hack-CVE/CVE-2021-32280 An issue was discovered in fig2dev before 3.2.8.. A NULL pointer dereference exists in the function compute_closed_spline() located in trans_spline.c. It allows an attacker to cause Denial of Service. The fixed version of fig2dev is 3.2.8. CVE project by @Sn0wAlice Create: 2023-02-01 09:25:50 +0000 UTC Push: 2023-02-01 09:25:52 +0000 UTC |

Live-Hack-CVE/CVE-2022-47873 Netcad KEOS 1.0 is vulnerable to XML External Entity (XXE) resulting in SSRF with XXE (remote). CVE project by @Sn0wAlice Create: 2023-02-01 09:25:46 +0000 UTC Push: 2023-02-01 09:25:49 +0000 UTC |

Live-Hack-CVE/CVE-2019-13221 A stack buffer overflow in the compute_codewords function in stb_vorbis through 2019-03-04 allows an attacker to cause a denial of service or execute arbitrary code by opening a crafted Ogg Vorbis file. CVE project by @Sn0wAlice Create: 2023-02-01 09:25:43 +0000 UTC Push: 2023-02-01 09:25:45 +0000 UTC |

Live-Hack-CVE/CVE-2019-13223 A reachable assertion in the lookup1_values function in stb_vorbis through 2019-03-04 allows an attacker to cause a denial of service by opening a crafted Ogg Vorbis file. CVE project by @Sn0wAlice Create: 2023-02-01 09:25:39 +0000 UTC Push: 2023-02-01 09:25:41 +0000 UTC |

Live-Hack-CVE/CVE-2019-13222 An out-of-bounds read of a global buffer in the draw_line function in stb_vorbis through 2019-03-04 allows an attacker to cause a denial of service or disclose sensitive information by opening a crafted Ogg Vorbis file. CVE project by @Sn0wAlice Create: 2023-02-01 09:25:36 +0000 UTC Push: 2023-02-01 09:25:38 +0000 UTC |

Live-Hack-CVE/CVE-2019-13219 A NULL pointer dereference in the get_window function in stb_vorbis through 2019-03-04 allows an attacker to cause a denial of service by opening a crafted Ogg Vorbis file. CVE project by @Sn0wAlice Create: 2023-02-01 09:25:32 +0000 UTC Push: 2023-02-01 09:25:34 +0000 UTC |

Live-Hack-CVE/CVE-2019-13218 Division by zero in the predict_point function in stb_vorbis through 2019-03-04 allows an attacker to cause a denial of service by opening a crafted Ogg Vorbis file. CVE project by @Sn0wAlice Create: 2023-02-01 09:25:28 +0000 UTC Push: 2023-02-01 09:25:31 +0000 UTC |

Live-Hack-CVE/CVE-2019-13220 Use of uninitialized stack variables in the start_decoder function in stb_vorbis through 2019-03-04 allows an attacker to cause a denial of service or disclose sensitive information by opening a crafted Ogg Vorbis file. CVE project by @Sn0wAlice Create: 2023-02-01 09:25:25 +0000 UTC Push: 2023-02-01 09:25:27 +0000 UTC |

Live-Hack-CVE/CVE-2018-16981 stb stb_image.h 2.19, as used in catimg, Emscripten, and other products, has a heap-based buffer overflow in the stbi__out_gif_code function. CVE project by @Sn0wAlice Create: 2023-02-01 09:25:21 +0000 UTC Push: 2023-02-01 09:25:24 +0000 UTC |