Live-Hack-CVE/CVE-2019-7574 SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in IMA_ADPCM_decode in audio/SDL_wave.c. CVE project by @Sn0wAlice Create: 2023-02-09 14:32:15 +0000 UTC Push: 2023-02-09 14:32:17 +0000 UTC |

Live-Hack-CVE/CVE-2019-7576 SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in InitMS_ADPCM in audio/SDL_wave.c (outside the wNumCoef loop). CVE project by @Sn0wAlice Create: 2023-02-09 14:32:12 +0000 UTC Push: 2023-02-09 14:32:14 +0000 UTC |

Live-Hack-CVE/CVE-2019-7636 SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in SDL_GetRGB in video/SDL_pixels.c. CVE project by @Sn0wAlice Create: 2023-02-09 14:32:08 +0000 UTC Push: 2023-02-09 14:32:10 +0000 UTC |

Live-Hack-CVE/CVE-2019-7638 SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in Map1toN in video/SDL_pixels.c. CVE project by @Sn0wAlice Create: 2023-02-09 14:32:04 +0000 UTC Push: 2023-02-09 14:32:07 +0000 UTC |

Live-Hack-CVE/CVE-2019-7635 SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in Blit1to4 in video/SDL_blit_1.c. CVE project by @Sn0wAlice Create: 2023-02-09 14:32:01 +0000 UTC Push: 2023-02-09 14:32:03 +0000 UTC |

Live-Hack-CVE/CVE-2020-14410 SDL (Simple DirectMedia Layer) through 2.0.12 has a heap-based buffer over-read in Blit_3or4_to_3or4__inversed_rgb in video/SDL_blit_N.c via a crafted .BMP file. CVE project by @Sn0wAlice Create: 2023-02-09 14:31:57 +0000 UTC Push: 2023-02-09 14:31:59 +0000 UTC |

Live-Hack-CVE/CVE-2021-33657 There is a heap overflow problem in video/SDL_pixels.c in SDL (Simple DirectMedia Layer) 2.x to 2.0.18 versions. By crafting a malicious .BMP file, an attacker can cause the application using this library to crash, denial of service or Code execution. CVE project by @Sn0wAlice Create: 2023-02-09 14:31:53 +0000 UTC Push: 2023-02-09 14:31:55 +0000 UTC |

Live-Hack-CVE/CVE-2022-4743 A potential memory leak issue was discovered in SDL2 in GLES_CreateTexture() function in SDL_render_gles.c. The vulnerability allows an attacker to cause a denial of service attack. The vulnerability affects SDL2 v2.0.4 and above. SDL-1.x are not affected. CVE project by @Sn0wAlice Create: 2023-02-09 14:31:49 +0000 UTC Push: 2023-02-09 14:31:52 +0000 UTC |

Live-Hack-CVE/CVE-2018-25012 A heap-based buffer overflow was found in libwebp in versions before 1.0.1 in GetLE24(). CVE project by @Sn0wAlice Create: 2023-02-09 14:31:46 +0000 UTC Push: 2023-02-09 14:31:48 +0000 UTC |

Live-Hack-CVE/CVE-2018-25013 A heap-based buffer overflow was found in libwebp in versions before 1.0.1 in ShiftBytes(). CVE project by @Sn0wAlice Create: 2023-02-09 14:31:43 +0000 UTC Push: 2023-02-09 14:31:45 +0000 UTC |

Live-Hack-CVE/CVE-2018-25014 A use of uninitialized value was found in libwebp in versions before 1.0.1 in ReadSymbol(). CVE project by @Sn0wAlice Create: 2023-02-09 14:31:39 +0000 UTC Push: 2023-02-09 14:31:41 +0000 UTC |

Live-Hack-CVE/CVE-2020-25659 python-cryptography 3.2 is vulnerable to Bleichenbacher timing attacks in the RSA decryption API, via timed processing of valid PKCS#1 v1.5 ciphertext. CVE project by @Sn0wAlice Create: 2023-02-09 14:31:36 +0000 UTC Push: 2023-02-09 14:31:38 +0000 UTC |

Exploitables/CVE-2009-0824 new exploit YIPEEEE Create: 2023-02-09 14:16:56 +0000 UTC Push: 2023-02-09 14:16:58 +0000 UTC |

Live-Hack-CVE/CVE-2017-18539 The weblibrarian plugin before 3.4.8.6 for WordPress has XSS via front-end short codes. CVE project by @Sn0wAlice Create: 2023-02-09 09:58:54 +0000 UTC Push: 2023-02-09 09:58:56 +0000 UTC |

Live-Hack-CVE/CVE-2023-0669 Fortra (formerly, HelpSystems) GoAnywhere MFT suffers from a pre-authentication command injection vulnerability in the License Response Servlet due to deserializing an arbitrary attacker-controlled object. This issue was patched in version 7.1.2. CVE project by @Sn0wAlice Create: 2023-02-09 09:58:50 +0000 UTC Push: 2023-02-09 09:58:53 +0000 UTC |

Live-Hack-CVE/CVE-2023-0251 Delta Electronics DIAScreen versions 1.2.1.23 and prior are vulnerable to a buffer overflow through improper restrictions of operations within memory, which could allow an attacker to remotely execute arbitrary code. CVE project by @Sn0wAlice Create: 2023-02-09 09:58:47 +0000 UTC Push: 2023-02-09 09:58:49 +0000 UTC |

Live-Hack-CVE/CVE-2023-0250 Delta Electronics DIAScreen versions 1.2.1.23 and prior are vulnerable to a stack-based buffer overflow, which could allow an attacker to remotely execute arbitrary code. CVE project by @Sn0wAlice Create: 2023-02-09 09:58:43 +0000 UTC Push: 2023-02-09 09:58:46 +0000 UTC |

Live-Hack-CVE/CVE-2023-0249 Delta Electronics DIAScreen versions 1.2.1.23 and prior are vulnerable to out-of-bounds write, which may allow an attacker to remotely execute arbitrary code. CVE project by @Sn0wAlice Create: 2023-02-09 09:58:40 +0000 UTC Push: 2023-02-09 09:58:42 +0000 UTC |

Live-Hack-CVE/CVE-2023-25168 Wings is Pterodactyl's server control plane. This vulnerability can be used to delete files and directories recursively on the host system. This vulnerability can be combined with `GHSA-p8r3-83r8-jwj5` to overwrite files on the host system. In order to use this exploit, an attacker must have an existing "server" alloca CVE project by @Sn0wAlice Create: 2023-02-09 09:58:29 +0000 UTC Push: 2023-02-09 09:58:32 +0000 UTC |

Live-Hack-CVE/CVE-2022-40692 Cross-Site Request Forgery (CSRF) vulnerability in WP Sunshine Sunshine Photo Cart plugin <= 2.9.13 versions. CVE project by @Sn0wAlice Create: 2023-02-09 07:47:40 +0000 UTC Push: 2023-02-09 07:47:43 +0000 UTC |