Live-Hack-CVE/CVE-2022-44534 A vulnerability in the Aruba EdgeConnect Enterprise Orchestrator web-based management interface allows remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as root on the underlying operating system leading to complete sy CVE project by @Sn0wAlice Create: 2023-01-12 04:00:14 +0000 UTC Push: 2023-01-12 04:00:16 +0000 UTC |

Live-Hack-CVE/CVE-2022-44535 A vulnerability in the Aruba EdgeConnect Enterprise Orchestrator web-based management interface allows remote low-privileged authenticated users to escalate their privileges to those of an administrative user. A successful exploit could allow an attacker to achieve administrative privilege on the web-management interfa CVE project by @Sn0wAlice Create: 2023-01-12 04:00:09 +0000 UTC Push: 2023-01-12 04:00:12 +0000 UTC |

Live-Hack-CVE/CVE-2022-4885 A vulnerability has been found in sviehb jefferson up to 0.3 and classified as critical. This vulnerability affects unknown code of the file src/scripts/jefferson. The manipulation leads to path traversal. The attack can be initiated remotely. Upgrading to version 0.4 is able to address this issue. The name of the patc CVE project by @Sn0wAlice Create: 2023-01-12 03:59:59 +0000 UTC Push: 2023-01-12 04:00:02 +0000 UTC |

Live-Hack-CVE/CVE-2020-36650 A vulnerability, which was classified as critical, was found in IonicaBizau node-gry up to 5.x. This affects an unknown part. The manipulation leads to command injection. Upgrading to version 6.0.0 is able to address this issue. The name of the patch is 5108446c1e23960d65e8b973f1d9486f9f9dbd6c. It is recommended to upg CVE project by @Sn0wAlice Create: 2023-01-12 03:59:54 +0000 UTC Push: 2023-01-12 03:59:57 +0000 UTC |

Live-Hack-CVE/CVE-2022-47094 GPAC MP4box 2.1-DEV-rev574-g9d5bb184b is vulnerable to Null pointer dereference via filters/dmx_m2ts.c:343 in m2tsdmx_declare_pid CVE project by @Sn0wAlice Create: 2023-01-12 03:59:46 +0000 UTC Push: 2023-01-12 03:59:50 +0000 UTC |

Live-Hack-CVE/CVE-2022-47095 GPAC MP4box 2.1-DEV-rev574-g9d5bb184b is vulnerable to Buffer overflow in hevc_parse_vps_extension function of media_tools/av_parsers.c CVE project by @Sn0wAlice Create: 2023-01-12 03:59:42 +0000 UTC Push: 2023-01-12 03:59:45 +0000 UTC |

Live-Hack-CVE/CVE-2023-22622 WordPress through 6.1.1 depends on unpredictable client visits to cause wp-cron.php execution and the resulting security updates, and the source code describes "the scenario where a site may not receive enough visits to execute scheduled tasks in a timely manner," but neither the installation guide nor the security gui CVE project by @Sn0wAlice Create: 2023-01-12 01:49:13 +0000 UTC Push: 2023-01-12 01:49:16 +0000 UTC |

Live-Hack-CVE/CVE-2022-43523 Multiple vulnerabilities in the web-based management interface of Aruba EdgeConnect Enterprise Orchestrator could allow an authenticated remote attacker to conduct SQL injection attacks against the Aruba EdgeConnect Enterprise Orchestrator instance. An attacker could exploit these vulnerabilities to obtain and modify s CVE project by @Sn0wAlice Create: 2023-01-12 01:49:08 +0000 UTC Push: 2023-01-12 01:49:11 +0000 UTC |

Live-Hack-CVE/CVE-2022-43527 Multiple vulnerabilities within the web-based management interface of Aruba EdgeConnect Enterprise Orchestrator could allow a remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the interface. A successful exploit could allow an attacker to execute arbitrary script code in a victi CVE project by @Sn0wAlice Create: 2023-01-12 01:49:04 +0000 UTC Push: 2023-01-12 01:49:07 +0000 UTC |

Live-Hack-CVE/CVE-2022-43534 A vulnerability in the ClearPass OnGuard Linux agent could allow malicious users on a Linux instance to elevate their user privileges. A successful exploit could allow these users to execute arbitrary code with root level privileges on the Linux instance in Aruba ClearPass Policy Manager version(s): ClearPass Policy Ma CVE project by @Sn0wAlice Create: 2023-01-12 01:49:00 +0000 UTC Push: 2023-01-12 01:49:02 +0000 UTC |

Live-Hack-CVE/CVE-2022-43520 Multiple vulnerabilities in the web-based management interface of Aruba EdgeConnect Enterprise Orchestrator could allow an authenticated remote attacker to conduct SQL injection attacks against the Aruba EdgeConnect Enterprise Orchestrator instance. An attacker could exploit these vulnerabilities to obtain and modify s CVE project by @Sn0wAlice Create: 2023-01-12 01:48:55 +0000 UTC Push: 2023-01-12 01:48:59 +0000 UTC |

Live-Hack-CVE/CVE-2023-0057 Improper Restriction of Rendered UI Layers or Frames in GitHub repository pyload/pyload prior to 0.5.0b3.dev33. CVE project by @Sn0wAlice Create: 2023-01-12 01:48:51 +0000 UTC Push: 2023-01-12 01:48:54 +0000 UTC |

Live-Hack-CVE/CVE-2022-43521 Multiple vulnerabilities in the web-based management interface of Aruba EdgeConnect Enterprise Orchestrator could allow an authenticated remote attacker to conduct SQL injection attacks against the Aruba EdgeConnect Enterprise Orchestrator instance. An attacker could exploit these vulnerabilities to obtain and modify s CVE project by @Sn0wAlice Create: 2023-01-12 01:48:46 +0000 UTC Push: 2023-01-12 01:48:49 +0000 UTC |

Live-Hack-CVE/CVE-2023-22464 ViewVC is a browser interface for CVS and Subversion version control repositories. Versions prior to 1.2.3 and 1.1.30 are vulnerable to cross-site scripting. The impact of this vulnerability is mitigated by the need for an attacker to have commit privileges to a Subversion repository exposed by an otherwise trusted Vie CVE project by @Sn0wAlice Create: 2023-01-12 01:48:40 +0000 UTC Push: 2023-01-12 01:48:43 +0000 UTC |

Live-Hack-CVE/CVE-2022-43528 Under certain configurations, an attacker can login to Aruba EdgeConnect Enterprise Orchestrator without supplying a multi-factor authentication code. Successful exploitation allows an attacker to login using only a username and password and successfully bypass MFA requirements in Aruba EdgeConnect Enterprise Orchestra CVE project by @Sn0wAlice Create: 2023-01-12 01:48:36 +0000 UTC Push: 2023-01-12 01:48:39 +0000 UTC |

Live-Hack-CVE/CVE-2022-43535 A vulnerability in the ClearPass OnGuard Windows agent could allow malicious users on a Windows instance to elevate their user privileges. A successful exploit could allow these users to execute arbitrary code with NT AUTHORITY\SYSTEM level privileges on the Windows instance in Aruba ClearPass Policy Manager version(s) CVE project by @Sn0wAlice Create: 2023-01-12 01:48:31 +0000 UTC Push: 2023-01-12 01:48:34 +0000 UTC |

Live-Hack-CVE/CVE-2022-43536 Vulnerabilities in the ClearPass Policy Manager web-based management interface allow remote authenticated users to run arbitrary commands on the underlying host. Successful exploits could allow an attacker to execute arbitrary commands as root on the underlying operating system leading to complete system compromise in CVE project by @Sn0wAlice Create: 2023-01-12 01:48:27 +0000 UTC Push: 2023-01-12 01:48:29 +0000 UTC |

Live-Hack-CVE/CVE-2013-10010 A vulnerability classified as problematic has been found in zerochplus. This affects the function PrintResList of the file test/mordor/thread.res.pl. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The name of the patch is 9ddf9ecca8565341d8d26a3b2f64540bde4fa273. It is r CVE project by @Sn0wAlice Create: 2023-01-12 01:48:22 +0000 UTC Push: 2023-01-12 01:48:25 +0000 UTC |

Live-Hack-CVE/CVE-2022-46174 efs-utils is a set of Utilities for Amazon Elastic File System (EFS). A potential race condition issue exists within the Amazon EFS mount helper in efs-utils versions v1.34.3 and below. When using TLS to mount file systems, the mount helper allocates a local port for stunnel to receive NFS connections prior to applying CVE project by @Sn0wAlice Create: 2023-01-12 01:48:18 +0000 UTC Push: 2023-01-12 01:48:21 +0000 UTC |

Live-Hack-CVE/CVE-2022-43537 Vulnerabilities in the ClearPass Policy Manager web-based management interface allow remote authenticated users to run arbitrary commands on the underlying host. Successful exploits could allow an attacker to execute arbitrary commands as root on the underlying operating system leading to complete system compromise in CVE project by @Sn0wAlice Create: 2023-01-12 01:48:12 +0000 UTC Push: 2023-01-12 01:48:15 +0000 UTC |