Live-Hack-CVE/CVE-2022-46478 The RPC interface in datax-web v1.0.0 and v2.0.0 to v2.1.2 contains no permission checks by default which allows attackers to execute arbitrary commands via crafted Hessian serialized data. CVE project by @Sn0wAlice Create: 2023-01-13 14:14:00 +0000 UTC Push: 2023-01-13 14:14:03 +0000 UTC |

Live-Hack-CVE/CVE-2022-46471 Online Health Care System v1.0 was discovered to contain a SQL injection vulnerability via the consulting_id parameter at /healthcare/Admin/consulting_detail.php. CVE project by @Sn0wAlice Create: 2023-01-13 14:13:57 +0000 UTC Push: 2023-01-13 14:13:59 +0000 UTC |

Live-Hack-CVE/CVE-2022-42275 NVIDIA BMC IPMI handler allows an unauthenticated host to write to a host SPI flash bypassing secureboot protections. This may lead to a loss of integrity and denial of service. CVE project by @Sn0wAlice Create: 2023-01-13 14:13:53 +0000 UTC Push: 2023-01-13 14:13:56 +0000 UTC |

Live-Hack-CVE/CVE-2022-42274 NVIDIA BMC contains a vulnerability in IPMI handler, where an authorized attacker can cause a buffer overflow and cause a denial of service or gain code execution. CVE project by @Sn0wAlice Create: 2023-01-13 14:13:49 +0000 UTC Push: 2023-01-13 14:13:52 +0000 UTC |

Live-Hack-CVE/CVE-2022-3161 The APDFL.dll contains a memory corruption vulnerability while parsing specially crafted PDF files. This could allow an attacker to execute code in the context of the current process. CVE project by @Sn0wAlice Create: 2023-01-13 14:13:45 +0000 UTC Push: 2023-01-13 14:13:48 +0000 UTC |

Live-Hack-CVE/CVE-2022-3160 The APDFL.dll contains an out-of-bounds write past the fixed-length heap-based buffer while parsing specially crafted PDF files. This could allow an attacker to execute code in the context of the current process. CVE project by @Sn0wAlice Create: 2023-01-13 14:13:42 +0000 UTC Push: 2023-01-13 14:13:44 +0000 UTC |

Live-Hack-CVE/CVE-2022-3159 The APDFL.dll contains a stack-based buffer overflow vulnerability that could be triggered while parsing specially crafted PDF files. This could allow an attacker to execute code in the context of the current process. CVE project by @Sn0wAlice Create: 2023-01-13 14:13:38 +0000 UTC Push: 2023-01-13 14:13:40 +0000 UTC |

Live-Hack-CVE/CVE-2023-0237 ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is unused by its CNA. Notes: none. CVE project by @Sn0wAlice Create: 2023-01-13 14:13:34 +0000 UTC Push: 2023-01-13 14:13:36 +0000 UTC |

Live-Hack-CVE/CVE-2023-0235 ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is unused by its CNA. Notes: none. CVE project by @Sn0wAlice Create: 2023-01-13 14:13:30 +0000 UTC Push: 2023-01-13 14:13:32 +0000 UTC |

Live-Hack-CVE/CVE-2022-21191 Versions of the package global-modules-path before 3.0.0 are vulnerable to Command Injection due to missing input sanitization or other checks and sandboxes being employed to the getPath function. CVE project by @Sn0wAlice Create: 2023-01-13 14:13:26 +0000 UTC Push: 2023-01-13 14:13:28 +0000 UTC |

Anthonyc3rb3ru5/CVE-2022-46169 Exploit to CVE-2022-46169 vulnerability Create: 2023-01-13 13:37:56 +0000 UTC Push: 2023-01-13 13:37:56 +0000 UTC |

momika233/CVE-2022-3656 Create: 2023-01-13 11:26:14 +0000 UTC Push: 2023-01-13 11:26:15 +0000 UTC |

SmallTown123/Details-for-CVE-2022-46505 MatrixSSL session resume bug Create: 2023-01-13 10:39:50 +0000 UTC Push: 2023-01-13 10:39:50 +0000 UTC |

Live-Hack-CVE/CVE-2023-22417 A Missing Release of Memory after Effective Lifetime vulnerability in the Flow Processing Daemon (flowd) of Juniper Networks Junos OS allows a network-based, unauthenticated attacker to cause a Denial of Service (DoS). In an IPsec VPN environment, a memory leak will be seen if a DH or ECDH group is configured. Eventual CVE project by @Sn0wAlice Create: 2023-01-13 09:46:35 +0000 UTC Push: 2023-01-13 09:46:38 +0000 UTC |

Live-Hack-CVE/CVE-2023-22416 A Buffer Overflow vulnerability in SIP ALG of Juniper Networks Junos OS allows a network-based, unauthenticated attacker to cause a Denial of Service (DoS). On all MX Series and SRX Series platform with SIP ALG enabled, when a malformed SIP packet is received, the flow processing daemon (flowd) will crash and restart. CVE project by @Sn0wAlice Create: 2023-01-13 09:46:30 +0000 UTC Push: 2023-01-13 09:46:34 +0000 UTC |

Live-Hack-CVE/CVE-2023-22415 An Out-of-Bounds Write vulnerability in the H.323 ALG of Juniper Networks Junos OS allows an unauthenticated, network-based attacker to cause Denial of Service (DoS). On all MX Series and SRX Series platform, when H.323 ALG is enabled and specific H.323 packets are received simultaneously, a flow processing daemon (flo CVE project by @Sn0wAlice Create: 2023-01-13 09:46:26 +0000 UTC Push: 2023-01-13 09:46:29 +0000 UTC |

Live-Hack-CVE/CVE-2023-22414 A Missing Release of Memory after Effective Lifetime vulnerability in Flexible PIC Concentrator (FPC) of Juniper Networks Junos OS allows an adjacent, unauthenticated attacker from the same shared physical or logical network, to cause a heap memory leak and leading to FPC crash. On all Junos PTX Series and QFX10000 Ser CVE project by @Sn0wAlice Create: 2023-01-13 09:46:22 +0000 UTC Push: 2023-01-13 09:46:25 +0000 UTC |

Live-Hack-CVE/CVE-2023-22413 An Improper Check or Handling of Exceptional Conditions vulnerability in the IPsec library of Juniper Networks Junos OS allows a network-based, unauthenticated attacker to cause Denial of Service (DoS). On all MX platforms with MS-MPC or MS-MIC card, when specific IPv4 packets are processed by an IPsec6 tunnel, the Mul CVE project by @Sn0wAlice Create: 2023-01-13 09:46:18 +0000 UTC Push: 2023-01-13 09:46:21 +0000 UTC |

Live-Hack-CVE/CVE-2023-22412 An Improper Locking vulnerability in the SIP ALG of Juniper Networks Junos OS on MX Series with MS-MPC or MS-MIC card and SRX Series allows an unauthenticated, network-based attacker to cause a flow processing daemon (flowd) crash and thereby a Denial of Service (DoS). Continued receipt of these specific packets will c CVE project by @Sn0wAlice Create: 2023-01-13 09:46:14 +0000 UTC Push: 2023-01-13 09:46:16 +0000 UTC |

Live-Hack-CVE/CVE-2023-22411 An Out-of-Bounds Write vulnerability in Flow Processing Daemon (flowd) of Juniper Networks Junos OS allows an unauthenticated, network-based attacker to cause Denial of Service (DoS). On SRX Series devices using Unified Policies with IPv6, when a specific IPv6 packet goes through a dynamic-application filter which will CVE project by @Sn0wAlice Create: 2023-01-13 09:46:09 +0000 UTC Push: 2023-01-13 09:46:13 +0000 UTC |