Live-Hack-CVE/CVE-2017-20165 A vulnerability classified as problematic has been found in debug-js debug up to 3.0.x. This affects the function useColors of the file src/node.js. The manipulation of the argument str leads to inefficient regular expression complexity. Upgrading to version 3.1.0 is able to address this issue. The name of the patch is CVE project by @Sn0wAlice Create: 2023-01-09 19:52:27 +0000 UTC Push: 2023-01-09 19:52:29 +0000 UTC |

bAuh0lz/CVE-2023-0297_Pre-auth_RCE_in_pyLoad CVE-2023-0297: The Story of Finding Pre-auth RCE in pyLoad Create: 2023-01-09 19:44:09 +0000 UTC Push: 2023-01-14 12:40:47 +0000 UTC |

anldori/CVE-2017-7308 CVE-2017-7308 POC Create: 2023-01-09 17:55:20 +0000 UTC Push: 2023-01-09 17:56:23 +0000 UTC |

anldori/CVE-2017-16995 CVE-2017-16995 Linux POC Create: 2023-01-09 17:50:41 +0000 UTC Push: 2023-01-09 17:50:42 +0000 UTC |

webraybtl/CVE-2022-1068 Modbus Slave缓冲区溢出漏洞CVE-2022-1068分析与复现 Create: 2023-01-09 16:23:37 +0000 UTC Push: 2023-01-09 16:23:38 +0000 UTC |

Live-Hack-CVE/CVE-2022-43662 Kernel subsystem within OpenHarmony-v3.1.4 and prior versions in kernel_liteos_a has a kernel stack overflow vulnerability when call SysTimerGettime. 4 bytes padding data from kernel stack are copied to user space incorrectly and leaked. CVE project by @Sn0wAlice Create: 2023-01-09 14:27:14 +0000 UTC Push: 2023-01-09 14:27:17 +0000 UTC |

Live-Hack-CVE/CVE-2023-0036 platform_callback_stub in misc subsystem within OpenHarmony-v3.0.5 and prior versions has an authentication bypass vulnerability which allows an "SA relay attack".Local attackers can bypass authentication and attack other SAs with high privilege. CVE project by @Sn0wAlice Create: 2023-01-09 14:27:10 +0000 UTC Push: 2023-01-09 14:27:13 +0000 UTC |

Live-Hack-CVE/CVE-2023-0035 softbus_client_stub in communication subsystem within OpenHarmony-v3.0.5 and prior versions has an authentication bypass vulnerability which allows an "SA relay attack".Local attackers can bypass authentication and attack other SAs with high privilege. CVE project by @Sn0wAlice Create: 2023-01-09 14:27:05 +0000 UTC Push: 2023-01-09 14:27:08 +0000 UTC |

Live-Hack-CVE/CVE-2022-45126 Kernel subsystem within OpenHarmony-v3.1.4 and prior versions in kernel_liteos_a has a kernel stack overflow vulnerability when call SysClockGettime. 4 bytes padding data from kernel stack are copied to user space incorrectly and leaked. CVE project by @Sn0wAlice Create: 2023-01-09 14:27:00 +0000 UTC Push: 2023-01-09 14:27:03 +0000 UTC |

Live-Hack-CVE/CVE-2022-25890 All versions of the package wifey are vulnerable to Command Injection via the connect() function due to improper input sanitization. CVE project by @Sn0wAlice Create: 2023-01-09 14:26:56 +0000 UTC Push: 2023-01-09 14:26:59 +0000 UTC |

s0duku/cve-2022-31705 CVE-2022-31705(Geekpwn 2022 Vmware EHCI OOB) POC Create: 2023-01-09 12:27:15 +0000 UTC Push: 2023-01-09 12:27:15 +0000 UTC |

Arrnitage/CVE-2022-23131_exp Create: 2023-01-09 12:10:08 +0000 UTC Push: 2023-01-09 12:10:36 +0000 UTC |

Live-Hack-CVE/CVE-2021-4309 A vulnerability, which was classified as problematic, has been found in 01-Scripts 01ACP. This issue affects some unknown processing. The manipulation of the argument $_SERVER['SCRIPT_NAME'] leads to cross site scripting. The attack may be initiated remotely. The name of the patch is a16eb7da46ed22bc61067c212635394f257 CVE project by @Sn0wAlice Create: 2023-01-09 03:26:14 +0000 UTC Push: 2023-01-09 03:26:17 +0000 UTC |

Live-Hack-CVE/CVE-2015-10031 A vulnerability classified as critical was found in purpleparrots 491-Project. This vulnerability affects unknown code of the file update.php of the component Highscore Handler. The manipulation leads to sql injection. The name of the patch is a812a5e4cf72f2a635a716086fe1ee2b8fa0b1ab. It is recommended to apply a patch CVE project by @Sn0wAlice Create: 2023-01-09 03:26:10 +0000 UTC Push: 2023-01-09 03:26:13 +0000 UTC |

Live-Hack-CVE/CVE-2016-15016 A vulnerability was found in mrtnmtth joomla_mod_einsatz_stats up to 0.2. It has been classified as critical. This affects the function getStatsByType of the file helper.php. The manipulation of the argument year leads to sql injection. Upgrading to version 0.3 is able to address this issue. The name of the patch is 27 CVE project by @Sn0wAlice Create: 2023-01-09 03:26:06 +0000 UTC Push: 2023-01-09 03:26:09 +0000 UTC |

Live-Hack-CVE/CVE-2016-15015 A vulnerability, which was classified as problematic, was found in viafintech Barzahlen Payment Module PHP SDK up to 2.0.0. Affected is the function verify of the file src/Webhook.php. The manipulation leads to observable timing discrepancy. Upgrading to version 2.0.1 is able to address this issue. The name of the patc CVE project by @Sn0wAlice Create: 2023-01-09 03:26:02 +0000 UTC Push: 2023-01-09 03:26:05 +0000 UTC |

Live-Hack-CVE/CVE-2014-125070 A vulnerability has been found in yanheven console and classified as problematic. Affected by this vulnerability is the function get_zone_hosts/AvailabilityZonesTable of the file openstack_dashboard/dashboards/admin/aggregates/tables.py. The manipulation leads to cross site scripting. The attack can be launched remotel CVE project by @Sn0wAlice Create: 2023-01-09 03:25:58 +0000 UTC Push: 2023-01-09 03:26:01 +0000 UTC |

Live-Hack-CVE/CVE-2022-0668 JFrog Artifactory prior to 7.37.13 is vulnerable to Authentication Bypass, which can lead to Privilege Escalation when a specially crafted request is sent by an unauthenticated user. CVE project by @Sn0wAlice Create: 2023-01-09 01:15:50 +0000 UTC Push: 2023-01-09 01:15:53 +0000 UTC |

Live-Hack-CVE/CVE-2022-4881 A vulnerability was found in CapsAdmin PAC3. It has been rated as problematic. Affected by this issue is some unknown functionality of the file lua/pac3/core/shared/http.lua. The manipulation of the argument url leads to cross site scripting. The attack may be launched remotely. The name of the patch is 8fc9e12dfa21d75 CVE project by @Sn0wAlice Create: 2023-01-09 00:10:45 +0000 UTC Push: 2023-01-09 00:10:48 +0000 UTC |

Live-Hack-CVE/CVE-2018-25072 A vulnerability classified as critical has been found in lojban jbovlaste. This affects an unknown part of the file dict/listing.html. The manipulation leads to sql injection. It is possible to initiate the attack remotely. The name of the patch is 6ff44c2e87b1113eb07d76ea62e1f64193b04d15. It is recommended to apply a CVE project by @Sn0wAlice Create: 2023-01-09 00:10:41 +0000 UTC Push: 2023-01-09 00:10:44 +0000 UTC |