Live-Hack-CVE/CVE-2022-34675 NVIDIA Display Driver for Linux contains a vulnerability in the Virtual GPU Manager, where it does not check the return value from a null-pointer dereference, which may lead to denial of service. CVE project by @Sn0wAlice Create: 2023-01-01 00:42:18 +0000 UTC Push: 2023-01-01 00:42:20 +0000 UTC |

Live-Hack-CVE/CVE-2022-34674 NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer handler, where a helper function maps more physical pages than were requested, which may lead to undefined behavior or an information leak. CVE project by @Sn0wAlice Create: 2023-01-01 00:42:14 +0000 UTC Push: 2023-01-01 00:42:17 +0000 UTC |

Live-Hack-CVE/CVE-2022-34673 NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer (nvidia.ko), where an out-of-bounds array access may lead to denial of service, information disclosure, or data tampering. CVE project by @Sn0wAlice Create: 2023-01-01 00:42:11 +0000 UTC Push: 2023-01-01 00:42:13 +0000 UTC |

Live-Hack-CVE/CVE-2022-34672 NVIDIA Control Panel for Windows contains a vulnerability where an unauthorized user or an unprivileged regular user can compromise the security of the software by gaining privileges, reading sensitive information, or executing commands. CVE project by @Sn0wAlice Create: 2023-01-01 00:42:08 +0000 UTC Push: 2023-01-01 00:42:10 +0000 UTC |

Live-Hack-CVE/CVE-2022-34671 NVIDIA GPU Display Driver for Windows contains a vulnerability in the user mode layer, where an unprivileged regular user can cause an out-of-bounds write, which may lead to code execution, denial of service, escalation of privileges, information disclosure, or data tampering. CVE project by @Sn0wAlice Create: 2023-01-01 00:42:04 +0000 UTC Push: 2023-01-01 00:42:06 +0000 UTC |

Live-Hack-CVE/CVE-2022-34670 NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer handler, where an unprivileged regular user can cause truncation errors when casting a primitive to a primitive of smaller size causes data to be lost in the conversion, which may lead to denial of service or information disclosure. CVE project by @Sn0wAlice Create: 2023-01-01 00:42:01 +0000 UTC Push: 2023-01-01 00:42:03 +0000 UTC |

Live-Hack-CVE/CVE-2022-34669 NVIDIA GPU Display Driver for Windows contains a vulnerability in the user mode layer, where an unprivileged regular user can access or modify system files or other files that are critical to the application, which may lead to code execution, denial of service, escalation of privileges, information disclosure, or data CVE project by @Sn0wAlice Create: 2023-01-01 00:41:58 +0000 UTC Push: 2023-01-01 00:41:59 +0000 UTC |

Live-Hack-CVE/CVE-2017-20155 A vulnerability was found in Sterc Google Analytics Dashboard for MODX up to 1.0.5. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file core/components/analyticsdashboardwidget/elements/tpl/widget.analytics.tpl of the component Internal Search. The manipulation le CVE project by @Sn0wAlice Create: 2023-01-01 00:41:54 +0000 UTC Push: 2023-01-01 00:41:56 +0000 UTC |

Live-Hack-CVE/CVE-2022-48195 An issue was discovered in Mellium mellium.im/sasl before 0.3.1. When performing SCRAM-based SASL authentication, if the remote end advertises support for channel binding, no random nonce is generated (instead, the nonce is empty). This causes authentication to fail in the best case, but (if paired with a remote end th CVE project by @Sn0wAlice Create: 2023-01-01 00:41:51 +0000 UTC Push: 2023-01-01 00:41:53 +0000 UTC |

Live-Hack-CVE/CVE-2022-4867 Cross-Site Request Forgery (CSRF) in GitHub repository froxlor/froxlor prior to 2.0.0-beta1. CVE project by @Sn0wAlice Create: 2023-01-01 00:41:47 +0000 UTC Push: 2023-01-01 00:41:49 +0000 UTC |

Live-Hack-CVE/CVE-2022-4866 Cross-site Scripting (XSS) - Stored in GitHub repository usememos/memos prior to 0.9.1. CVE project by @Sn0wAlice Create: 2023-01-01 00:41:43 +0000 UTC Push: 2023-01-01 00:41:46 +0000 UTC |

Live-Hack-CVE/CVE-2022-4865 Cross-site Scripting (XSS) - Stored in GitHub repository usememos/memos prior to 0.9.1. CVE project by @Sn0wAlice Create: 2023-01-01 00:41:40 +0000 UTC Push: 2023-01-01 00:41:42 +0000 UTC |

Live-Hack-CVE/CVE-2022-4868 Improper Authorization in GitHub repository froxlor/froxlor prior to 2.0.0-beta1. CVE project by @Sn0wAlice Create: 2023-01-01 00:41:37 +0000 UTC Push: 2023-01-01 00:41:39 +0000 UTC |

Live-Hack-CVE/CVE-2017-20157 A vulnerability was found in Ariadne Component Library up to 2.x. It has been classified as critical. Affected is an unknown function of the file src/url/Url.php. The manipulation leads to server-side request forgery. Upgrading to version 3.0 is able to address this issue. It is recommended to upgrade the affected comp CVE project by @Sn0wAlice Create: 2023-01-01 00:41:34 +0000 UTC Push: 2023-01-01 00:41:36 +0000 UTC |

Live-Hack-CVE/CVE-2017-20156 A vulnerability was found in Exciting Printer and classified as critical. This issue affects some unknown processing of the file lib/printer/jobs/prepare_page.rb of the component Argument Handler. The manipulation of the argument URL leads to command injection. The name of the patch is 5f8c715d6e2cc000f621a6833f0a86a67 CVE project by @Sn0wAlice Create: 2023-01-01 00:41:30 +0000 UTC Push: 2023-01-01 00:41:32 +0000 UTC |

Live-Hack-CVE/CVE-2017-20159 A vulnerability was found in rf Keynote up to 0.x. It has been rated as problematic. Affected by this issue is some unknown functionality of the file lib/keynote/rumble.rb. The manipulation of the argument value leads to cross site scripting. The attack may be launched remotely. Upgrading to version 1.0.0 is able to ad CVE project by @Sn0wAlice Create: 2023-01-01 00:41:27 +0000 UTC Push: 2023-01-01 00:41:29 +0000 UTC |

Live-Hack-CVE/CVE-2017-20158 ** UNSUPPPORTED WHEN ASSIGNED **** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in vova07 Yii2 FileAPI Widget up to 0.1.8. It has been declared as problematic. Affected by this vulnerability is the function run of the file actions/UploadAction.php. The manipulation of the argument file leads to cross site scr CVE project by @Sn0wAlice Create: 2023-01-01 00:41:24 +0000 UTC Push: 2023-01-01 00:41:26 +0000 UTC |

Live-Hack-CVE/CVE-2020-8813 graph_realtime.php in Cacti 1.2.8 allows remote attackers to execute arbitrary OS commands via shell metacharacters in a cookie, if a guest user has the graph real-time privilege. CVE project by @Sn0wAlice Create: 2023-01-01 00:41:20 +0000 UTC Push: 2023-01-01 00:41:22 +0000 UTC |

Live-Hack-CVE/CVE-2020-25706 A cross-site scripting (XSS) vulnerability exists in templates_import.php (Cacti 1.2.13) due to Improper escaping of error message during template import preview in the xml_path field CVE project by @Sn0wAlice Create: 2023-01-01 00:41:17 +0000 UTC Push: 2023-01-01 00:41:19 +0000 UTC |

Live-Hack-CVE/CVE-2020-23226 Multiple Cross Site Scripting (XSS) vulneratiblities exist in Cacti 1.2.12 in (1) reports_admin.php, (2) data_queries.php, (3) data_input.php, (4) graph_templates.php, (5) graphs.php, (6) reports_admin.php, and (7) data_input.php. CVE project by @Sn0wAlice Create: 2023-01-01 00:37:42 +0000 UTC Push: 2023-01-01 00:37:44 +0000 UTC |