Live-Hack-CVE/CVE-2022-47747 kraken <= 0.1.4 has an arbitrary file read vulnerability via the component testfs. CVE project by @Sn0wAlice Create: 2023-01-27 21:56:25 +0000 UTC Push: 2023-01-27 21:56:27 +0000 UTC |

Live-Hack-CVE/CVE-2021-44226 Razer Synapse before 3.7.0228.022817 allows privilege escalation because it relies on %PROGRAMDATA%\Razer\Synapse3\Service\bin even if %PROGRAMDATA%\Razer has been created by any unprivileged user before Synapse is installed. The unprivileged user may have placed Trojan horse DLLs there. CVE project by @Sn0wAlice Create: 2023-01-27 19:46:17 +0000 UTC Push: 2023-01-27 19:46:20 +0000 UTC |

Live-Hack-CVE/CVE-2022-2712 In Eclipse GlassFish versions 5.1.0 to 6.2.5, there is a vulnerability in relative path traversal because it does not filter request path starting with './'. Successful exploitation could allow an remote unauthenticated attacker to access critical data, such as configuration files and deployed application source code. CVE project by @Sn0wAlice Create: 2023-01-27 19:46:12 +0000 UTC Push: 2023-01-27 19:46:15 +0000 UTC |

0xlilim/CVE-2021-3129 Create: 2023-01-27 18:23:05 +0000 UTC Push: 2023-01-27 18:23:05 +0000 UTC |

Live-Hack-CVE/CVE-2023-22740 Discourse is an open source platform for community discussion. Versions prior to 3.1.0.beta1 (beta) (tests-passed) are vulnerable to Allocation of Resources Without Limits. Users can create chat drafts of an unlimited length, which can cause a denial of service by generating an excessive load on the server. Additionall CVE project by @Sn0wAlice Create: 2023-01-27 14:21:03 +0000 UTC Push: 2023-01-27 14:21:05 +0000 UTC |

Live-Hack-CVE/CVE-2023-24060 Haven 5d15944 allows Server-Side Request Forgery (SSRF) via the feed[url]= Feeds functionality. Authenticated users with the ability to create new RSS Feeds or add RSS Feeds can supply an arbitrary hostname (or even the hostname of the Haven server itself). NOTE: this product has significant usage but does not have num CVE project by @Sn0wAlice Create: 2023-01-27 14:20:59 +0000 UTC Push: 2023-01-27 14:21:02 +0000 UTC |

Live-Hack-CVE/CVE-2020-36659 In Apache::Session::Browseable before 1.3.6, validity of the X.509 certificate is not checked by default when connecting to remote LDAP backends, because the default configuration of the Net::LDAPS module for Perl is used. NOTE: this can, for example, be fixed in conjunction with the CVE-2020-16093 fix. CVE project by @Sn0wAlice Create: 2023-01-27 14:20:56 +0000 UTC Push: 2023-01-27 14:20:58 +0000 UTC |

Live-Hack-CVE/CVE-2020-36658 In Apache::Session::LDAP before 0.5, validity of the X.509 certificate is not checked by default when connecting to remote LDAP backends, because the default configuration of the Net::LDAPS module for Perl is used. NOTE: this can, for example, be fixed in conjunction with the CVE-2020-16093 fix. CVE project by @Sn0wAlice Create: 2023-01-27 14:20:52 +0000 UTC Push: 2023-01-27 14:20:54 +0000 UTC |

Live-Hack-CVE/CVE-2023-0519 Cross-site Scripting (XSS) - Stored in GitHub repository modoboa/modoboa prior to 2.0.4. CVE project by @Sn0wAlice Create: 2023-01-27 09:47:04 +0000 UTC Push: 2023-01-27 09:47:06 +0000 UTC |

Live-Hack-CVE/CVE-2023-0493 Improper Neutralization of Equivalent Special Elements in GitHub repository btcpayserver/btcpayserver prior to 1.7.5. CVE project by @Sn0wAlice Create: 2023-01-27 09:47:00 +0000 UTC Push: 2023-01-27 09:47:03 +0000 UTC |

Live-Hack-CVE/CVE-2022-46967 An access control issue in Revenue Collection System v1.0 allows unauthenticated attackers to view the contents of /admin/DBbackup/ directory. CVE project by @Sn0wAlice Create: 2023-01-27 09:46:57 +0000 UTC Push: 2023-01-27 09:46:59 +0000 UTC |

Live-Hack-CVE/CVE-2022-46966 Revenue Collection System v1.0 was discovered to contain a SQL injection vulnerability at step1.php. CVE project by @Sn0wAlice Create: 2023-01-27 09:46:53 +0000 UTC Push: 2023-01-27 09:46:56 +0000 UTC |

Live-Hack-CVE/CVE-2022-40997 Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these vulnerabilities.This buffer ove CVE project by @Sn0wAlice Create: 2023-01-27 07:33:48 +0000 UTC Push: 2023-01-27 07:33:50 +0000 UTC |

Live-Hack-CVE/CVE-2022-40996 Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these vulnerabilities.This buffer ove CVE project by @Sn0wAlice Create: 2023-01-27 07:33:43 +0000 UTC Push: 2023-01-27 07:33:45 +0000 UTC |

Live-Hack-CVE/CVE-2022-40995 Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these vulnerabilities.This buffer ove CVE project by @Sn0wAlice Create: 2023-01-27 07:33:39 +0000 UTC Push: 2023-01-27 07:33:41 +0000 UTC |

Live-Hack-CVE/CVE-2022-40994 Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these vulnerabilities.This buffer ove CVE project by @Sn0wAlice Create: 2023-01-27 07:33:34 +0000 UTC Push: 2023-01-27 07:33:36 +0000 UTC |

Live-Hack-CVE/CVE-2022-40992 Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these vulnerabilities.This buffer ove CVE project by @Sn0wAlice Create: 2023-01-27 07:33:30 +0000 UTC Push: 2023-01-27 07:33:32 +0000 UTC |

Live-Hack-CVE/CVE-2022-40991 Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these vulnerabilities.This buffer ove CVE project by @Sn0wAlice Create: 2023-01-27 07:33:25 +0000 UTC Push: 2023-01-27 07:33:27 +0000 UTC |

Live-Hack-CVE/CVE-2022-40990 Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these vulnerabilities.This buffer ove CVE project by @Sn0wAlice Create: 2023-01-27 07:33:21 +0000 UTC Push: 2023-01-27 07:33:23 +0000 UTC |

Live-Hack-CVE/CVE-2022-40986 Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these vulnerabilities.This buffer ove CVE project by @Sn0wAlice Create: 2023-01-27 07:33:17 +0000 UTC Push: 2023-01-27 07:33:19 +0000 UTC |