Live-Hack-CVE/CVE-2023-21780 3D Builder Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2023-21781, CVE-2023-21782, CVE-2023-21783, CVE-2023-21784, CVE-2023-21785, CVE-2023-21786, CVE-2023-21787, CVE-2023-21788, CVE-2023-21789, CVE-2023-21790, CVE-2023-21791, CVE-2023-21792, CVE-2023-21793. CVE project by @Sn0wAlice Create: 2023-01-14 09:59:14 +0000 UTC Push: 2023-01-14 09:59:17 +0000 UTC |

Live-Hack-CVE/CVE-2023-21781 3D Builder Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2023-21780, CVE-2023-21782, CVE-2023-21783, CVE-2023-21784, CVE-2023-21785, CVE-2023-21786, CVE-2023-21787, CVE-2023-21788, CVE-2023-21789, CVE-2023-21790, CVE-2023-21791, CVE-2023-21792, CVE-2023-21793. CVE project by @Sn0wAlice Create: 2023-01-14 09:59:10 +0000 UTC Push: 2023-01-14 09:59:13 +0000 UTC |

Live-Hack-CVE/CVE-2017-10617 The ifmap service that comes bundled with Contrail has an XML External Entity (XXE) vulnerability that may allow an attacker to retrieve sensitive system files. Affected releases are Juniper Networks Contrail 2.2 prior to 2.21.4; 3.0 prior to 3.0.3.4; 3.1 prior to 3.1.4.0; 3.2 prior to 3.2.5.0. CVE-2017-10616 and CVE-2 CVE project by @Sn0wAlice Create: 2023-01-14 07:49:04 +0000 UTC Push: 2023-01-14 07:49:08 +0000 UTC |

Live-Hack-CVE/CVE-2017-10616 The ifmap service that comes bundled with Juniper Networks Contrail releases uses hard coded credentials. Affected releases are Contrail releases 2.2 prior to 2.21.4; 3.0 prior to 3.0.3.4; 3.1 prior to 3.1.4.0; 3.2 prior to 3.2.5.0. CVE-2017-10616 and CVE-2017-10617 can be chained together and have a combined CVSSv3 sc CVE project by @Sn0wAlice Create: 2023-01-14 07:48:59 +0000 UTC Push: 2023-01-14 07:49:03 +0000 UTC |

Live-Hack-CVE/CVE-2023-21599 Adobe InCopy versions 18.0 (and earlier), 17.4 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must CVE project by @Sn0wAlice Create: 2023-01-14 07:48:54 +0000 UTC Push: 2023-01-14 07:48:57 +0000 UTC |

Live-Hack-CVE/CVE-2023-21598 Adobe InCopy versions 18.0 (and earlier), 17.4 (and earlier) are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open CVE project by @Sn0wAlice Create: 2023-01-14 07:48:50 +0000 UTC Push: 2023-01-14 07:48:53 +0000 UTC |

Live-Hack-CVE/CVE-2023-21597 Adobe InCopy versions 18.0 (and earlier), 17.4 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. CVE project by @Sn0wAlice Create: 2023-01-14 07:48:47 +0000 UTC Push: 2023-01-14 07:48:49 +0000 UTC |

Live-Hack-CVE/CVE-2023-21596 Adobe InCopy versions 18.0 (and earlier), 17.4 (and earlier) are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. CVE project by @Sn0wAlice Create: 2023-01-14 07:48:43 +0000 UTC Push: 2023-01-14 07:48:45 +0000 UTC |

Live-Hack-CVE/CVE-2023-21595 Adobe InCopy versions 18.0 (and earlier), 17.4 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. CVE project by @Sn0wAlice Create: 2023-01-14 07:48:39 +0000 UTC Push: 2023-01-14 07:48:41 +0000 UTC |

Live-Hack-CVE/CVE-2023-21594 Adobe InCopy versions 18.0 (and earlier), 17.4 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. CVE project by @Sn0wAlice Create: 2023-01-14 07:48:34 +0000 UTC Push: 2023-01-14 07:48:37 +0000 UTC |

Live-Hack-CVE/CVE-2022-45299 An issue in the IpFile argument of rust-lang webbrowser-rs v0.8.2 allows attackers to access arbitrary files via supplying a crafted URL. CVE project by @Sn0wAlice Create: 2023-01-14 07:48:30 +0000 UTC Push: 2023-01-14 07:48:33 +0000 UTC |

Live-Hack-CVE/CVE-2022-42136 Authenticated mail users, under specific circumstances, could add files with unsanitized content in public folders where the IIS user had permission to access. That action, could lead an attacker to store arbitrary code on that files and execute RCE commands. CVE project by @Sn0wAlice Create: 2023-01-14 07:48:24 +0000 UTC Push: 2023-01-14 07:48:29 +0000 UTC |

Live-Hack-CVE/CVE-2021-36204 Under some circumstances an Insufficiently Protected Credentials vulnerability in Johnson Controls Metasys ADS/ADX/OAS 10 versions prior to 10.1.6 and 11 versions prior to 11.0.3 allows API calls to expose credentials in plain text. CVE project by @Sn0wAlice Create: 2023-01-14 07:48:20 +0000 UTC Push: 2023-01-14 07:48:23 +0000 UTC |

Live-Hack-CVE/CVE-2017-20169 A vulnerability, which was classified as critical, has been found in GGGGGGGG ToN-MasterServer. Affected by this issue is some unknown functionality of the file public_html/irc_updater/svr_request_pub.php. The manipulation leads to sql injection. The name of the patch is 3a4c7e6d51bf95760820e3245e06c6e321a7168a. It is CVE project by @Sn0wAlice Create: 2023-01-14 07:48:15 +0000 UTC Push: 2023-01-14 07:48:18 +0000 UTC |

Live-Hack-CVE/CVE-2015-10042 ** UNSUPPPORTED WHEN ASSIGNED **** UNSUPPORTED WHEN ASSIGNED ** A vulnerability classified as critical was found in Dovgalyuk AIBattle. Affected by this vulnerability is the function registerUser of the file site/procedures.php. The manipulation of the argument postLogin leads to sql injection. The name of the patch is CVE project by @Sn0wAlice Create: 2023-01-14 07:48:11 +0000 UTC Push: 2023-01-14 07:48:14 +0000 UTC |

Live-Hack-CVE/CVE-2022-32294 ** DISPUTED ** Zimbra Collaboration Open Source 8.8.15 does not encrypt the initial-login randomly created password (from the "zmprove ca" command). It is visible in cleartext on port UDP 514 (aka the syslog port). NOTE: a third party reports that this cannot be reproduced. CVE project by @Sn0wAlice Create: 2023-01-14 07:48:07 +0000 UTC Push: 2023-01-14 07:48:10 +0000 UTC |

Live-Hack-CVE/CVE-2022-46093 Hospital Management System v1.0 is vulnerable to SQL Injection. Attackers can gain administrator privileges without the need for a password. CVE project by @Sn0wAlice Create: 2023-01-14 07:48:01 +0000 UTC Push: 2023-01-14 07:48:05 +0000 UTC |

Live-Hack-CVE/CVE-2023-21589 Adobe InDesign version 18.0 (and earlier), 17.4 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. CVE project by @Sn0wAlice Create: 2023-01-14 05:38:03 +0000 UTC Push: 2023-01-14 05:38:05 +0000 UTC |

Live-Hack-CVE/CVE-2023-21588 Adobe InDesign version 18.0 (and earlier), 17.4 (and earlier) are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. CVE project by @Sn0wAlice Create: 2023-01-14 05:37:59 +0000 UTC Push: 2023-01-14 05:38:02 +0000 UTC |

Live-Hack-CVE/CVE-2023-21587 Adobe InDesign version 18.0 (and earlier), 17.4 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. CVE project by @Sn0wAlice Create: 2023-01-14 05:37:55 +0000 UTC Push: 2023-01-14 05:37:57 +0000 UTC |