Live-Hack-CVE/CVE-2017-16256 Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authentica CVE project by @Sn0wAlice Create: 2023-01-12 07:17:45 +0000 UTC Push: 2023-01-12 07:17:48 +0000 UTC |

Live-Hack-CVE/CVE-2014-125076 A vulnerability was found in NoxxieNl Criminals. It has been classified as critical. Affected is an unknown function of the file ingame/roulette.php. The manipulation of the argument gambleMoney leads to sql injection. The name of the patch is 0a60b31271d4cbf8babe4be993d2a3a1617f0897. It is recommended to apply a patch CVE project by @Sn0wAlice Create: 2023-01-12 06:12:37 +0000 UTC Push: 2023-01-12 06:12:39 +0000 UTC |

Live-Hack-CVE/CVE-2014-125075 A vulnerability was found in gmail-servlet and classified as critical. This issue affects the function search of the file src/Model.java. The manipulation leads to sql injection. The name of the patch is 5d72753c2e95bb373aa86824939397dc25f679ea. It is recommended to apply a patch to fix this issue. The identifier VDB-2 CVE project by @Sn0wAlice Create: 2023-01-12 06:12:33 +0000 UTC Push: 2023-01-12 06:12:35 +0000 UTC |

Live-Hack-CVE/CVE-2023-22492 ZITADEL is a combination of Auth0 and Keycloak. RefreshTokens is an OAuth 2.0 feature that allows applications to retrieve new access tokens and refresh the user's session without the need for interacting with a UI. RefreshTokens were not invalidated when a user was locked or deactivated. The deactivated or locked user CVE project by @Sn0wAlice Create: 2023-01-12 06:12:27 +0000 UTC Push: 2023-01-12 06:12:30 +0000 UTC |

Live-Hack-CVE/CVE-2023-22487 Flarum is a forum software for building communities. Using the mentions feature provided by the flarum/mentions extension, users can mention any post ID on the forum with the special `@"<username>"#p<id>` syntax. The following behavior never changes no matter if the actor should be able to read the mentioned post or no CVE project by @Sn0wAlice Create: 2023-01-12 06:12:23 +0000 UTC Push: 2023-01-12 06:12:26 +0000 UTC |

Live-Hack-CVE/CVE-2022-34684 NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer (nvidia.ko), where an off-by-one error may lead to data tampering or information disclosure. CVE project by @Sn0wAlice Create: 2023-01-12 06:12:19 +0000 UTC Push: 2023-01-12 06:12:21 +0000 UTC |

Live-Hack-CVE/CVE-2022-42254 NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer (nvidia.ko), where an out-of-bounds array access may lead to denial of service, data tampering, or information disclosure. CVE project by @Sn0wAlice Create: 2023-01-12 06:12:13 +0000 UTC Push: 2023-01-12 06:12:17 +0000 UTC |

Live-Hack-CVE/CVE-2015-10015 A vulnerability, which was classified as critical, has been found in glidernet ogn-live. This issue affects some unknown processing. The manipulation leads to sql injection. The name of the patch is bc0f19965f760587645583b7624d66a260946e01. It is recommended to apply a patch to fix this issue. The associated identifier CVE project by @Sn0wAlice Create: 2023-01-12 06:12:09 +0000 UTC Push: 2023-01-12 06:12:12 +0000 UTC |

Live-Hack-CVE/CVE-2022-42260 NVIDIA vGPU Display Driver for Linux guest contains a vulnerability in a D-Bus configuration file, where an unauthorized user in the guest VM can impact protected D-Bus endpoints, which may lead to code execution, denial of service, escalation of privileges, information disclosure, or data tampering. CVE project by @Sn0wAlice Create: 2023-01-12 06:12:05 +0000 UTC Push: 2023-01-12 06:12:08 +0000 UTC |

Live-Hack-CVE/CVE-2022-42261 NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where an input index is not validated, which may lead to buffer overrun, which in turn may cause data tampering, information disclosure, or denial of service. CVE project by @Sn0wAlice Create: 2023-01-12 06:12:00 +0000 UTC Push: 2023-01-12 06:12:03 +0000 UTC |

Live-Hack-CVE/CVE-2022-42262 NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where an input index is not validated, which may lead to buffer overrun, which in turn may cause data tampering, information disclosure, or denial of service. CVE project by @Sn0wAlice Create: 2023-01-12 06:11:56 +0000 UTC Push: 2023-01-12 06:11:58 +0000 UTC |

Live-Hack-CVE/CVE-2022-42263 NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer handler, where an Integer overflow may lead to denial of service or information disclosure. CVE project by @Sn0wAlice Create: 2023-01-12 06:11:52 +0000 UTC Push: 2023-01-12 06:11:55 +0000 UTC |

Live-Hack-CVE/CVE-2022-42264 NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer, where an unprivileged regular user can cause the use of an out-of-range pointer offset, which may lead to data tampering, data loss, information disclosure, or denial of service. CVE project by @Sn0wAlice Create: 2023-01-12 06:11:47 +0000 UTC Push: 2023-01-12 06:11:50 +0000 UTC |

Live-Hack-CVE/CVE-2022-47087 GPAC MP4box 2.1-DEV-rev574-g9d5bb184b has a Buffer overflow in gf_vvc_read_pps_bs_internal function of media_tools/av_parsers.c CVE project by @Sn0wAlice Create: 2023-01-12 06:11:35 +0000 UTC Push: 2023-01-12 06:11:38 +0000 UTC |

emotest1/cve_2023_0110 Create: 2023-01-12 05:35:02 +0000 UTC Push: 2023-01-12 05:35:03 +0000 UTC |

Live-Hack-CVE/CVE-2022-4457 Due to a misconfiguration in the manifest file of the WARP client for Android, it was possible to a perform a task hijacking attack. An attacker could create a malicious mobile application which could hijack legitimate app and steal potentially sensitive information when installed on the victim's device. CVE project by @Sn0wAlice Create: 2023-01-12 04:00:40 +0000 UTC Push: 2023-01-12 04:00:43 +0000 UTC |

Live-Hack-CVE/CVE-2022-4428 support_uri parameter in the WARP client local settings file (mdm.xml) lacked proper validation which allowed for privilege escalation and launching an arbitrary executable on the local machine upon clicking on the "Send feedback" option. An attacker with access to the local file system could use a crafted XML config f CVE project by @Sn0wAlice Create: 2023-01-12 04:00:36 +0000 UTC Push: 2023-01-12 04:00:39 +0000 UTC |

Live-Hack-CVE/CVE-2022-40615 IBM Sterling Partner Engagement Manager 6.1, 6.2, and 6.2.1 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 236208. CVE project by @Sn0wAlice Create: 2023-01-12 04:00:32 +0000 UTC Push: 2023-01-12 04:00:35 +0000 UTC |

Live-Hack-CVE/CVE-2022-34335 IBM Sterling Partner Engagement Manager 6.1.2, 6.2.0, and 6.2.1 could allow an authenticated user to exhaust server resources which could lead to a denial of service. IBM X-Force ID: 229705. CVE project by @Sn0wAlice Create: 2023-01-12 04:00:27 +0000 UTC Push: 2023-01-12 04:00:30 +0000 UTC |

Live-Hack-CVE/CVE-2020-1631 A vulnerability in the HTTP/HTTPS service used by J-Web, Web Authentication, Dynamic-VPN (DVPN), Firewall Authentication Pass-Through with Web-Redirect, and Zero Touch Provisioning (ZTP) allows an unauthenticated attacker to perform local file inclusion (LFI) or path traversal. Using this vulnerability, an attacker may CVE project by @Sn0wAlice Create: 2023-01-12 04:00:23 +0000 UTC Push: 2023-01-12 04:00:26 +0000 UTC |