Live-Hack-CVE/CVE-2021-37374 ** UNSUPPORTED WHEN ASSIGNED ** Cross Site Scripting (XSS) vulnerability in Teradek Clip all firmware versions allows remote attackers to run arbitrary code via the Friendly Name field in System Information Settings. NOTE: Vedor states the product has reached End of Life and will not be receiving any firmware updates t CVE project by @Sn0wAlice Create: 2023-02-14 02:06:24 +0000 UTC Push: 2023-02-14 02:06:26 +0000 UTC |

Live-Hack-CVE/CVE-2022-45725 Improper Input Validation in Comfast router CF-WR6110N V2.3.1 allows a remote attacker on the same network to execute arbitrary code on the target via an HTTP POST request CVE project by @Sn0wAlice Create: 2023-02-13 23:54:53 +0000 UTC Push: 2023-02-13 23:54:55 +0000 UTC |

Live-Hack-CVE/CVE-2022-45724 Incorrect Access Control in Comfast router CF-WR6110N V2.3.1 allows a remote attacker on the same network to perform any HTTP request to an unauthenticated page to force the server to generate a SESSION_ID, and using this SESSION_ID an attacker can then perform authenticated requests. CVE project by @Sn0wAlice Create: 2023-02-13 23:54:49 +0000 UTC Push: 2023-02-13 23:54:51 +0000 UTC |

Live-Hack-CVE/CVE-2021-37315 Incorrect Access Control issue discoverd in Cloud Disk in ASUS RT-AC68U router firmware version before 3.0.0.4.386.41634 allows remote attackers to write arbitrary files via improper sanitation on the source for COPY and MOVE operations. CVE project by @Sn0wAlice Create: 2023-02-13 23:54:43 +0000 UTC Push: 2023-02-13 23:54:45 +0000 UTC |

Live-Hack-CVE/CVE-2021-37317 Directory Traversal vulnerability in Cloud Disk in ASUS RT-AC68U router firmware version before 3.0.0.4.386.41634 allows remote attackers to write arbitrary files via improper sanitation on the target for COPY and MOVE operations. CVE project by @Sn0wAlice Create: 2023-02-13 23:54:36 +0000 UTC Push: 2023-02-13 23:54:38 +0000 UTC |

Live-Hack-CVE/CVE-2020-36661 A vulnerability was found in Kong lua-multipart 0.5.8-1. It has been declared as problematic. This vulnerability affects the function is_header of the file src/multipart.lua. The manipulation leads to inefficient regular expression complexity. Upgrading to version 0.5.9-1 is able to address this issue. The name of the CVE project by @Sn0wAlice Create: 2023-02-13 21:42:38 +0000 UTC Push: 2023-02-13 21:42:40 +0000 UTC |

Live-Hack-CVE/CVE-2023-22367 Ichiran App for iOS versions prior to 3.1.0 and Ichiran App for Android versions prior to 3.1.0 improperly verify server certificates, which may allow a remote unauthenticated attacker to eavesdrop on an encrypted communication via a man-in-the-middle attack. CVE project by @Sn0wAlice Create: 2023-02-13 21:42:31 +0000 UTC Push: 2023-02-13 21:42:34 +0000 UTC |

Live-Hack-CVE/CVE-2023-22362 SUSHIRO App for Android outputs sensitive information to the log file, which may result in an attacker obtaining a credential information from the log file. Affected products/versions are as follows: SUSHIRO Ver.4.0.31, Thailand SUSHIRO Ver.1.0.0, Hong Kong SUSHIRO Ver.3.0.2, Singapore SUSHIRO Ver.2.0.0, and Taiwan SUS CVE project by @Sn0wAlice Create: 2023-02-13 21:42:28 +0000 UTC Push: 2023-02-13 21:42:30 +0000 UTC |

Live-Hack-CVE/CVE-2023-22360 Use-after free vulnerability exists in Screen Creator Advance 2 Ver.0.1.1.4 Build01 and earlier due to lack of error handling process even when an error was detected. Having a user of Screen Creator Advance 2 to open a specially crafted project file may lead to information disclosure and/or arbitrary code execution. CVE project by @Sn0wAlice Create: 2023-02-13 21:42:23 +0000 UTC Push: 2023-02-13 21:42:26 +0000 UTC |

Live-Hack-CVE/CVE-2023-22353 Out-of-bound read vulnerability exists in Screen Creator Advance 2 Ver.0.1.1.4 Build01 and earlier because the end of data cannot be verified when processing control management information. Having a user of Screen Creator Advance 2 to open a specially crafted project file may lead to information disclosure and/or arbit CVE project by @Sn0wAlice Create: 2023-02-13 21:42:19 +0000 UTC Push: 2023-02-13 21:42:22 +0000 UTC |

Live-Hack-CVE/CVE-2023-22350 Out-of-bound read vulnerability exists in Screen Creator Advance 2 Ver.0.1.1.4 Build01 and earlier because the end of data cannot be verified when processing parts management information. Having a user of Screen Creator Advance 2 to open a specially crafted project file may lead to information disclosure and/or arbitra CVE project by @Sn0wAlice Create: 2023-02-13 21:42:15 +0000 UTC Push: 2023-02-13 21:42:18 +0000 UTC |

Live-Hack-CVE/CVE-2023-22349 Out-of-bound read vulnerability exists in Screen Creator Advance 2 Ver.0.1.1.4 Build01 and earlier because the end of data cannot be verified when processing screen management information. Having a user of Screen Creator Advance 2 to open a specially crafted project file may lead to information disclosure and/or arbitr CVE project by @Sn0wAlice Create: 2023-02-13 21:42:11 +0000 UTC Push: 2023-02-13 21:42:14 +0000 UTC |

Live-Hack-CVE/CVE-2023-22347 Out-of-bound read vulnerability exists in Screen Creator Advance 2 Ver.0.1.1.4 Build01 and earlier because the end of data cannot be verified when processing file structure information. Having a user of Screen Creator Advance 2 to open a specially crafted project file may lead to information disclosure and/or arbitrary CVE project by @Sn0wAlice Create: 2023-02-13 21:42:07 +0000 UTC Push: 2023-02-13 21:42:10 +0000 UTC |

Live-Hack-CVE/CVE-2023-22346 Out-of-bound read vulnerability exists in Screen Creator Advance 2 Ver.0.1.1.4 Build01 and earlier because the end of data cannot be verified when processing template information. Having a user of Screen Creator Advance 2 to open a specially crafted project file may lead to information disclosure and/or arbitrary code CVE project by @Sn0wAlice Create: 2023-02-13 21:42:04 +0000 UTC Push: 2023-02-13 21:42:06 +0000 UTC |

Live-Hack-CVE/CVE-2023-22345 Out-of-bound write vulnerability exists in Screen Creator Advance 2 Ver.0.1.1.4 Build01 and earlier due to lack of error handling process when out of specification errors are detected. Having a user of Screen Creator Advance 2 to open a specially crafted project file may lead to information disclosure and/or arbitrary CVE project by @Sn0wAlice Create: 2023-02-13 21:42:00 +0000 UTC Push: 2023-02-13 21:42:02 +0000 UTC |

Live-Hack-CVE/CVE-2022-43460 Driver Distributor v2.2.3.1 and earlier contains a vulnerability where passwords are stored in a recoverable format. If an attacker obtains a configuration file of Driver Distributor, the encrypted administrator's credentials may be decrypted. CVE project by @Sn0wAlice Create: 2023-02-13 21:41:56 +0000 UTC Push: 2023-02-13 21:41:58 +0000 UTC |

Live-Hack-CVE/CVE-2023-0808 A vulnerability was found in Deye/Revolt/Bosswerk Inverter MW3_15U_5406_1.47/MW3_15U_5406_1.471. It has been rated as problematic. This issue affects some unknown processing of the component Access Point Setting Handler. The manipulation with the input 12345678 leads to use of hard-coded password. It is possible to lau CVE project by @Sn0wAlice Create: 2023-02-13 21:41:46 +0000 UTC Push: 2023-02-13 21:41:49 +0000 UTC |

Live-Hack-CVE/CVE-2023-25727 In phpMyAdmin before 4.9.11 and 5.x before 5.2.1, an authenticated user can trigger XSS by uploading a crafted .sql file through the drag-and-drop interface. CVE project by @Sn0wAlice Create: 2023-02-13 20:31:33 +0000 UTC Push: 2023-02-13 20:31:35 +0000 UTC |

Live-Hack-CVE/CVE-2023-24572 Dell Command | Integration Suite for System Center, versions before 6.4.0 contain an arbitrary folder delete vulnerability during uninstallation. A locally authenticated malicious user may potentially exploit this vulnerability leading to arbitrary folder deletion. CVE project by @Sn0wAlice Create: 2023-02-13 20:31:29 +0000 UTC Push: 2023-02-13 20:31:31 +0000 UTC |

Live-Hack-CVE/CVE-2023-23697 Dell Command | Intel vPro Out of Band, versions before 4.4.0, contain an arbitrary folder delete vulnerability during uninstallation. A locally authenticated malicious user may potentially exploit this vulnerability leading to arbitrary folder deletion. CVE project by @Sn0wAlice Create: 2023-02-13 20:31:26 +0000 UTC Push: 2023-02-13 20:31:28 +0000 UTC |