Live-Hack-CVE/CVE-2022-27778 A use of incorrectly resolved name vulnerability fixed in 7.83.1 might remove the wrong file when `--no-clobber` is used together with `--remove-on-error`. CVE project by @Sn0wAlice Create: 2023-01-19 14:38:53 +0000 UTC Push: 2023-01-19 14:38:56 +0000 UTC |

Live-Hack-CVE/CVE-2013-0796 The WebGL subsystem in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, and SeaMonkey before 2.17 on Linux does not properly interact with Mesa drivers, which allows remote attackers to execute arbitrary code or cause a denial of service (free o CVE project by @Sn0wAlice Create: 2023-01-19 14:38:49 +0000 UTC Push: 2023-01-19 14:38:52 +0000 UTC |

Live-Hack-CVE/CVE-2014-6417 net/ceph/auth_x.c in Ceph, as used in the Linux kernel before 3.16.3, does not properly consider the possibility of kmalloc failure, which allows remote attackers to cause a denial of service (system crash) or possibly have unspecified other impact via a long unencrypted auth ticket. CVE project by @Sn0wAlice Create: 2023-01-19 14:38:45 +0000 UTC Push: 2023-01-19 14:38:47 +0000 UTC |

Live-Hack-CVE/CVE-2016-0991 Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via u CVE project by @Sn0wAlice Create: 2023-01-19 14:38:41 +0000 UTC Push: 2023-01-19 14:38:43 +0000 UTC |

Live-Hack-CVE/CVE-2016-0988 Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via u CVE project by @Sn0wAlice Create: 2023-01-19 14:38:37 +0000 UTC Push: 2023-01-19 14:38:39 +0000 UTC |

Live-Hack-CVE/CVE-2021-39174 Cachet is an open source status page system. Prior to version 2.5.1, authenticated users, regardless of their privileges (User or Admin), can leak the value of any configuration entry of the dotenv file, e.g. the application secret (`APP_KEY`) and various passwords (email, database, etc). This issue was addressed in ve CVE project by @Sn0wAlice Create: 2023-01-19 14:38:32 +0000 UTC Push: 2023-01-19 14:38:35 +0000 UTC |

Live-Hack-CVE/CVE-2016-4272 Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4279, CVE-2016-6921, CVE-2016-6923, CVE-2016-6925, CVE project by @Sn0wAlice Create: 2023-01-19 14:38:28 +0000 UTC Push: 2023-01-19 14:38:31 +0000 UTC |

Live-Hack-CVE/CVE-2016-6923 Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4272, CVE-2016-4279, CVE-2016-6921, CVE-2016-6925, CVE project by @Sn0wAlice Create: 2023-01-19 14:38:24 +0000 UTC Push: 2023-01-19 14:38:27 +0000 UTC |

Live-Hack-CVE/CVE-2019-16781 In WordPress before 5.3.1, authenticated users with lower privileges (like contributors) can inject JavaScript code in the block editor, which is executed within the dashboard. It can lead to an admin opening the affected post in the editor leading to XSS. CVE project by @Sn0wAlice Create: 2023-01-19 14:38:20 +0000 UTC Push: 2023-01-19 14:38:23 +0000 UTC |

Live-Hack-CVE/CVE-2015-5290 A Denial of Service vulnerability exists in ircd-ratbox 3.0.9 in the MONITOR Command Handler. CVE project by @Sn0wAlice Create: 2023-01-19 14:38:17 +0000 UTC Push: 2023-01-19 14:38:19 +0000 UTC |

Live-Hack-CVE/CVE-2016-4166 Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083. CVE project by @Sn0wAlice Create: 2023-01-19 14:38:12 +0000 UTC Push: 2023-01-19 14:38:15 +0000 UTC |

Live-Hack-CVE/CVE-2019-20042 In wp-includes/formatting.php in WordPress 3.7 to 5.3.0, the function wp_targeted_link_rel() can be used in a particular way to result in a stored cross-site scripting (XSS) vulnerability. This has been patched in WordPress 5.3.1, along with all the previous WordPress versions from 3.7 to 5.3 via a minor release. CVE project by @Sn0wAlice Create: 2023-01-19 14:38:08 +0000 UTC Push: 2023-01-19 14:38:11 +0000 UTC |

Live-Hack-CVE/CVE-2016-6925 Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4272, CVE-2016-4279, CVE-2016-6921, CVE-2016-6923, CVE project by @Sn0wAlice Create: 2023-01-19 14:38:04 +0000 UTC Push: 2023-01-19 14:38:07 +0000 UTC |

Live-Hack-CVE/CVE-2016-6926 Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4272, CVE-2016-4279, CVE-2016-6921, CVE-2016-6923, CVE project by @Sn0wAlice Create: 2023-01-19 14:38:00 +0000 UTC Push: 2023-01-19 14:38:03 +0000 UTC |

Live-Hack-CVE/CVE-2016-6927 Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4272, CVE-2016-4279, CVE-2016-6921, CVE-2016-6923, CVE project by @Sn0wAlice Create: 2023-01-19 14:37:56 +0000 UTC Push: 2023-01-19 14:37:59 +0000 UTC |

Live-Hack-CVE/CVE-2022-27223 In drivers/usb/gadget/udc/udc-xilinx.c in the Linux kernel before 5.16.12, the endpoint index is not validated and might be manipulated by the host for out-of-array access. CVE project by @Sn0wAlice Create: 2023-01-19 14:37:51 +0000 UTC Push: 2023-01-19 14:37:54 +0000 UTC |

Live-Hack-CVE/CVE-2021-40052 There is an incorrect buffer size calculation vulnerability in the video framework.Successful exploitation of this vulnerability may affect availability. CVE project by @Sn0wAlice Create: 2023-01-19 14:37:45 +0000 UTC Push: 2023-01-19 14:37:47 +0000 UTC |

Live-Hack-CVE/CVE-2022-0544 An integer underflow in the DDS loader of Blender leads to an out-of-bounds read, possibly allowing an attacker to read sensitive data using a crafted DDS image file. This flaw affects Blender versions prior to 2.83.19, 2.93.8 and 3.1. CVE project by @Sn0wAlice Create: 2023-01-19 14:37:40 +0000 UTC Push: 2023-01-19 14:37:42 +0000 UTC |

SpiralBL0CK/CVE-2022-37332-RCE- CURRENTLY UNDER WORK... ALL I NEED TO IMPLEMENT IS JIT SPRAYING ..... Create: 2023-01-19 10:41:54 +0000 UTC Push: 2023-01-19 10:41:54 +0000 UTC |

Live-Hack-CVE/CVE-2022-43393 An improper check for unusual or exceptional conditions in the HTTP request processing function of Zyxel GS1920-24v2 firmware prior to V4.70(ABMH.8)C0, which could allow an unauthenticated attacker to corrupt the contents of the memory and result in a denial-of-service (DoS) condition on a vulnerable device. CVE project by @Sn0wAlice Create: 2023-01-19 10:09:58 +0000 UTC Push: 2023-01-19 10:10:01 +0000 UTC |