Live-Hack-CVE/CVE-2022-23639 crossbeam-utils provides atomics, synchronization primitives, scoped threads, and other utilities for concurrent programming in Rust. crossbeam-utils prior to version 0.8.7 incorrectly assumed that the alignment of `{i,u}64` was always the same as `Atomic{I,U}64`. However, the alignment of `{i,u}64` on a 32-bit target CVE project by @Sn0wAlice Create: 2023-02-11 01:36:34 +0000 UTC Push: 2023-02-11 01:36:36 +0000 UTC |

Live-Hack-CVE/CVE-2022-23066 In Solana rBPF versions 0.2.26 and 0.2.27 are affected by Incorrect Calculation which is caused by improper implementation of sdiv instruction. This can lead to the wrong execution path, resulting in huge loss in specific cases. For example, the result of a sdiv instruction may decide whether to transfer tokens or not. CVE project by @Sn0wAlice Create: 2023-02-11 01:36:28 +0000 UTC Push: 2023-02-11 01:36:30 +0000 UTC |

Live-Hack-CVE/CVE-2022-29793 There is a configuration defect in the activation lock of mobile phones.Successful exploitation of this vulnerability may affect application availability. CVE project by @Sn0wAlice Create: 2023-02-11 01:36:22 +0000 UTC Push: 2023-02-11 01:36:25 +0000 UTC |

Live-Hack-CVE/CVE-2021-25263 Local privilege vulnerability in Yandex Browser for Windows prior to 21.9.0.390 allows a local, low privileged, attacker to execute arbitary code with the SYSTEM privileges through manipulating files in directory with insecure permissions during Yandex Browser update process. CVE project by @Sn0wAlice Create: 2023-02-11 01:36:19 +0000 UTC Push: 2023-02-11 01:36:21 +0000 UTC |

Live-Hack-CVE/CVE-2019-19363 An issue was discovered in Ricoh (including Savin and Lanier) Windows printer drivers prior to 2020 that allows attackers local privilege escalation. Affected drivers and versions are: PCL6 Driver for Universal Print - Version 4.0 or later PS Driver for Universal Print - Version 4.0 or later PC FAX Generic Driver - All CVE project by @Sn0wAlice Create: 2023-02-11 01:36:13 +0000 UTC Push: 2023-02-11 01:36:15 +0000 UTC |

gonzxph/CVE-2023-0748 BTCPayServer version 1.7.5 and below is vulnerable for Open Redirection attack. Create: 2023-02-11 00:32:48 +0000 UTC Push: 2023-02-11 00:41:56 +0000 UTC |

Live-Hack-CVE/CVE-2023-22832 The ExtractCCDAAttributes Processor in Apache NiFi 1.2.0 through 1.19.1 does not restrict XML External Entity references. Flow configurations that include the ExtractCCDAAttributes Processor are vulnerable to malicious XML documents that contain Document Type Declarations with XML External Entity references. The resolu CVE project by @Sn0wAlice Create: 2023-02-11 00:31:19 +0000 UTC Push: 2023-02-11 00:31:21 +0000 UTC |

Live-Hack-CVE/CVE-2023-22369 ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2023-25011. Reason: This candidate is a duplicate of CVE-2023-25011. Notes: All CVE users should reference CVE-2023-25011 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. CVE project by @Sn0wAlice Create: 2023-02-11 00:31:15 +0000 UTC Push: 2023-02-11 00:31:17 +0000 UTC |

Live-Hack-CVE/CVE-2022-34454 Dell PowerScale OneFS, versions 8.2.x-9.3.x, contain a heap-based buffer overflow. A local privileged malicious user could potentially exploit this vulnerability, leading to system takeover. This impacts compliance mode clusters. CVE project by @Sn0wAlice Create: 2023-02-11 00:31:11 +0000 UTC Push: 2023-02-11 00:31:13 +0000 UTC |

Live-Hack-CVE/CVE-2022-34452 PowerPath Management Appliance with versions 3.3, 3.2*, 3.1 & 3.0* contains sensitive information disclosure vulnerability. An Authenticated admin user can able to exploit the issue and view sensitive information stored in the logs. CVE project by @Sn0wAlice Create: 2023-02-11 00:31:06 +0000 UTC Push: 2023-02-11 00:31:10 +0000 UTC |

Live-Hack-CVE/CVE-2022-22549 Dell PowerScale OneFS, 8.2.x-9.3.x, contains a Improper Certificate Validation. A unauthenticated remote attacker could potentially exploit this vulnerability, leading to a man-in-the-middle capture of administrative credentials. CVE project by @Sn0wAlice Create: 2023-02-11 00:31:02 +0000 UTC Push: 2023-02-11 00:31:05 +0000 UTC |

Live-Hack-CVE/CVE-2022-24410 Dell BIOS contains an information exposure vulnerability. An unauthenticated local attacker with physical access to the system and knowledge of the system configuration could potentially exploit this vulnerability to read system information via debug interfaces. CVE project by @Sn0wAlice Create: 2023-02-11 00:30:58 +0000 UTC Push: 2023-02-11 00:31:01 +0000 UTC |

Live-Hack-CVE/CVE-2023-0774 A vulnerability has been found in SourceCodester Medical Certificate Generator App 1.0 and classified as critical. This vulnerability affects unknown code of the file action.php. The manipulation of the argument lastname leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the CVE project by @Sn0wAlice Create: 2023-02-11 00:30:55 +0000 UTC Push: 2023-02-11 00:30:57 +0000 UTC |

Live-Hack-CVE/CVE-2018-7935 There is a vulnerability in 21.328.01.00.00 version of the E5573Cs-322. Remote attackers could exploit this vulnerability to make the network where the E5573Cs-322 is running temporarily unavailable. CVE project by @Sn0wAlice Create: 2023-02-11 00:30:51 +0000 UTC Push: 2023-02-11 00:30:53 +0000 UTC |

Live-Hack-CVE/CVE-2023-25013 An issue was discovered in the femanager extension before 5.5.3, 6.x before 6.3.4, and 7.x before 7.1.0 for TYPO3. Missing access checks in the InvitationController allow an unauthenticated user to set the password of all frontend users. CVE project by @Sn0wAlice Create: 2023-02-11 00:30:46 +0000 UTC Push: 2023-02-11 00:30:48 +0000 UTC |

Live-Hack-CVE/CVE-2023-25014 An issue was discovered in the femanager extension before 5.5.3, 6.x before 6.3.4, and 7.x before 7.1.0 for TYPO3. Missing access checks in the InvitationController allow an unauthenticated user to delete all frontend users. CVE project by @Sn0wAlice Create: 2023-02-11 00:30:42 +0000 UTC Push: 2023-02-11 00:30:45 +0000 UTC |

Live-Hack-CVE/CVE-2023-24573 Dell Command | Monitor versions prior to 10.9 contain an arbitrary folder delete vulnerability during uninstallation. A locally authenticated malicious user may potentially exploit this vulnerability leading to arbitrary folder deletion. CVE project by @Sn0wAlice Create: 2023-02-11 00:30:38 +0000 UTC Push: 2023-02-11 00:30:41 +0000 UTC |

Live-Hack-CVE/CVE-2023-24569 Dell Alienware Command Center versions 5.5.37.0 and prior contain an Improper Input validation vulnerability. A local authenticated malicious user could potentially send malicious input to a named pipe in order to elevate privileges on the system. CVE project by @Sn0wAlice Create: 2023-02-11 00:30:34 +0000 UTC Push: 2023-02-11 00:30:37 +0000 UTC |

Live-Hack-CVE/CVE-2023-23698 Dell Command | Update, Dell Update, and Alienware Update versions before 4.6.0 and 4.7.1 contain Insecure Operation on Windows Junction in the installer component. A local malicious user may potentially exploit this vulnerability leading to arbitrary file delete. CVE project by @Sn0wAlice Create: 2023-02-11 00:30:30 +0000 UTC Push: 2023-02-11 00:30:32 +0000 UTC |

Live-Hack-CVE/CVE-2022-3560 A flaw was found in pesign. The pesign package provides a systemd service used to start the pesign daemon. This service unit runs a script to set ACLs for /etc/pki/pesign and /run/pesign directories to grant access privileges to users in the 'pesign' group. However, the script doesn't check for symbolic links. This cou CVE project by @Sn0wAlice Create: 2023-02-11 00:30:26 +0000 UTC Push: 2023-02-11 00:30:28 +0000 UTC |