Live-Hack-CVE/CVE-2023-0638 A vulnerability has been found in TRENDnet TEW-811DRU 1.0.10.0 and classified as critical. This vulnerability affects unknown code of the component Web Interface. The manipulation leads to command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-220018 i CVE project by @Sn0wAlice Create: 2023-02-02 19:48:59 +0000 UTC Push: 2023-02-02 19:49:01 +0000 UTC |

Live-Hack-CVE/CVE-2023-0637 A vulnerability, which was classified as critical, was found in TRENDnet TEW-811DRU 1.0.10.0. This affects an unknown part of the file wan.asp of the component Web Management Interface. The manipulation leads to memory corruption. It is possible to initiate the attack remotely. The exploit has been disclosed to the pub CVE project by @Sn0wAlice Create: 2023-02-02 19:48:55 +0000 UTC Push: 2023-02-02 19:48:57 +0000 UTC |

Live-Hack-CVE/CVE-2023-0400 The protection bypass vulnerability in DLP for Windows 11.9.x is addressed in version 11.10.0. This allowed a local user to bypass DLP controls when uploading sensitive data from a mapped drive into a web email client. Loading from a local driver was correctly prevented. Versions prior to 11.9 correctly detected and bl CVE project by @Sn0wAlice Create: 2023-02-02 19:48:51 +0000 UTC Push: 2023-02-02 19:48:53 +0000 UTC |

Live-Hack-CVE/CVE-2022-2546 The All-in-One WP Migration WordPress plugin before 7.63 uses the wrong content type, and does not properly escape the response from the ai1wm_export AJAX action, allowing an attacker to craft a request that when submitted by any visitor will inject arbitrary html or javascript into the response that will be executed i CVE project by @Sn0wAlice Create: 2023-02-02 19:48:47 +0000 UTC Push: 2023-02-02 19:48:50 +0000 UTC |

Live-Hack-CVE/CVE-2022-43665 A denial of service vulnerability exists in the malware scan functionality of ESTsoft Alyac 2.5.8.645. A specially-crafted PE file can lead to killing target process. An attacker can provide a malicious file to trigger this vulnerability. CVE project by @Sn0wAlice Create: 2023-02-02 19:48:44 +0000 UTC Push: 2023-02-02 19:48:46 +0000 UTC |

ColdFusionX/CVE-20204-4877-CWP7 Control Web Panel 7 (CWP7) Remote Code Execution (RCE) (CVE-2022-44877) (Unauthenticated) Create: 2023-02-02 19:00:32 +0000 UTC Push: 2023-02-02 19:00:33 +0000 UTC |

ColdFusionX/CVE-2022-44877-CWP7 Control Web Panel 7 (CWP7) Remote Code Execution (RCE) (CVE-2022-44877) (Unauthenticated) Create: 2023-02-02 19:00:32 +0000 UTC Push: 2023-02-02 19:01:51 +0000 UTC |

Kimorea/CVE-2020-27955-LFS Create: 2023-02-02 17:28:33 +0000 UTC Push: 2023-02-02 17:28:33 +0000 UTC |

Trinadh465/linux-4.1.15_CVE-2017-1000371 Create: 2023-02-02 15:22:19 +0000 UTC Push: 2023-02-02 15:22:20 +0000 UTC |

Live-Hack-CVE/CVE-2018-3965 An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's Foxit PDF Reader version 9.1.0.5096. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the user to open the malic CVE project by @Sn0wAlice Create: 2023-02-02 14:22:27 +0000 UTC Push: 2023-02-02 14:22:29 +0000 UTC |

Live-Hack-CVE/CVE-2018-3967 An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's Foxit PDF Reader version 9.1.0.5096. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the user to open the malic CVE project by @Sn0wAlice Create: 2023-02-02 14:22:23 +0000 UTC Push: 2023-02-02 14:22:25 +0000 UTC |

Live-Hack-CVE/CVE-2018-3966 An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's Foxit PDF Reader version 9.1.0.5096. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the user to open the malic CVE project by @Sn0wAlice Create: 2023-02-02 14:22:20 +0000 UTC Push: 2023-02-02 14:22:22 +0000 UTC |

Live-Hack-CVE/CVE-2018-3890 An exploitable code execution vulnerability exists in the firmware update functionality of Yi Home Camera 27US 1.8.7.0D. A specially crafted file can cause a logic flaw and command injection, resulting in code execution. An attacker can insert an SD card to trigger this vulnerability. CVE project by @Sn0wAlice Create: 2023-02-02 14:22:16 +0000 UTC Push: 2023-02-02 14:22:18 +0000 UTC |

Live-Hack-CVE/CVE-2018-3934 An exploitable code execution vulnerability exists in the firmware update functionality of Yi Home Camera 27US 1.8.7.0D. A specially crafted set of UDP packets can cause a logic flaw, resulting in an authentication bypass. An attacker can sniff network traffic and send a set of packets to trigger this vulnerability. CVE project by @Sn0wAlice Create: 2023-02-02 14:22:12 +0000 UTC Push: 2023-02-02 14:22:14 +0000 UTC |

Live-Hack-CVE/CVE-2018-3935 An exploitable code execution vulnerability exists in the UDP network functionality of Yi Home Camera 27US 1.8.7.0D. A specially crafted set of UDP packets can allocate unlimited memory, resulting in denial of service. An attacker can send a set of packets to trigger this vulnerability. CVE project by @Sn0wAlice Create: 2023-02-02 14:22:09 +0000 UTC Push: 2023-02-02 14:22:11 +0000 UTC |

Live-Hack-CVE/CVE-2018-3928 An exploitable code execution vulnerability exists in the firmware update functionality of Yi Home Camera 27US 1.8.7.0D. A specially crafted set of UDP packets can cause a settings change, resulting in denial of service. An attacker can send a set of packets to trigger this vulnerability. CVE project by @Sn0wAlice Create: 2023-02-02 14:22:05 +0000 UTC Push: 2023-02-02 14:22:07 +0000 UTC |

Live-Hack-CVE/CVE-2018-3920 An exploitable code execution vulnerability exists in the firmware update functionality of the Yi Home Camera 27US 1.8.7.0D. A specially crafted 7-Zip file can cause a CRC collision, resulting in a firmware update and code execution. An attacker can insert an SDcard to trigger this vulnerability. CVE project by @Sn0wAlice Create: 2023-02-02 14:22:02 +0000 UTC Push: 2023-02-02 14:22:04 +0000 UTC |

Live-Hack-CVE/CVE-2018-3910 An exploitable code execution vulnerability exists in the cloud OTA setup functionality of Yi Home Camera 27US 1.8.7.0D. A specially crafted SSID can cause a command injection, resulting in code execution. An attacker can cause a camera to connect to this SSID to trigger this vulnerability. Alternatively, an attacker c CVE project by @Sn0wAlice Create: 2023-02-02 14:21:58 +0000 UTC Push: 2023-02-02 14:22:01 +0000 UTC |

Live-Hack-CVE/CVE-2018-3900 An exploitable code execution vulnerability exists in the QR code scanning functionality of Yi Home Camera 27US 1.8.7.0D. A specially crafted QR Code can cause a buffer overflow, resulting in code execution. An attacker can make the camera scan a QR code to trigger this vulnerability. Alternatively, a user could be con CVE project by @Sn0wAlice Create: 2023-02-02 14:21:55 +0000 UTC Push: 2023-02-02 14:21:57 +0000 UTC |

Live-Hack-CVE/CVE-2018-3892 An exploitable firmware downgrade vulnerability exists in the time syncing functionality of Yi Home Camera 27US 1.8.7.0D. A specially crafted packet can cause a buffer overflow, resulting in code execution. An attacker can intercept and alter network traffic to trigger this vulnerability. CVE project by @Sn0wAlice Create: 2023-02-02 14:21:51 +0000 UTC Push: 2023-02-02 14:21:53 +0000 UTC |