Live-Hack-CVE/CVE-2023-20916 In getMainActivityLaunchIntent of LauncherAppsService.java, there is a possible way to bypass the restrictions on starting activities from the background due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for CVE project by @Sn0wAlice Create: 2023-02-02 04:18:08 +0000 UTC Push: 2023-02-02 04:18:11 +0000 UTC |

Live-Hack-CVE/CVE-2023-20919 In getStringsForPrefix of Settings.java, there is a possible prevention of package uninstallation due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android CVE project by @Sn0wAlice Create: 2023-02-02 04:18:04 +0000 UTC Push: 2023-02-02 04:18:07 +0000 UTC |

motikan2010/CVE-2023-23924 Create: 2023-02-02 02:21:23 +0000 UTC Push: 2023-02-02 02:21:23 +0000 UTC |

Live-Hack-CVE/CVE-2022-21810 All versions of the package smartctl are vulnerable to Command Injection via the info method due to improper input sanitization. CVE project by @Sn0wAlice Create: 2023-02-02 02:04:11 +0000 UTC Push: 2023-02-02 02:04:13 +0000 UTC |

Live-Hack-CVE/CVE-2023-0416 GNW dissector crash in Wireshark 4.0.0 to 4.0.2 and 3.6.0 to 3.6.10 and allows denial of service via packet injection or crafted capture file CVE project by @Sn0wAlice Create: 2023-02-02 02:04:07 +0000 UTC Push: 2023-02-02 02:04:09 +0000 UTC |

Live-Hack-CVE/CVE-2023-0417 Memory leak in the NFS dissector in Wireshark 4.0.0 to 4.0.2 and 3.6.0 to 3.6.10 and allows denial of service via packet injection or crafted capture file CVE project by @Sn0wAlice Create: 2023-02-02 02:04:03 +0000 UTC Push: 2023-02-02 02:04:06 +0000 UTC |

Live-Hack-CVE/CVE-2023-0415 iSCSI dissector crash in Wireshark 4.0.0 to 4.0.2 and 3.6.0 to 3.6.10 and allows denial of service via packet injection or crafted capture file CVE project by @Sn0wAlice Create: 2023-02-02 02:03:59 +0000 UTC Push: 2023-02-02 02:04:02 +0000 UTC |

Live-Hack-CVE/CVE-2019-13767 Use after free in media picker in Google Chrome prior to 79.0.3945.88 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. CVE project by @Sn0wAlice Create: 2023-02-02 02:03:55 +0000 UTC Push: 2023-02-02 02:03:57 +0000 UTC |

Live-Hack-CVE/CVE-2023-0413 Dissection engine bug in Wireshark 4.0.0 to 4.0.2 and 3.6.0 to 3.6.10 and allows denial of service via packet injection or crafted capture file CVE project by @Sn0wAlice Create: 2023-02-02 02:03:51 +0000 UTC Push: 2023-02-02 02:03:53 +0000 UTC |

Live-Hack-CVE/CVE-2023-0414 Crash in the EAP dissector in Wireshark 4.0.0 to 4.0.2 allows denial of service via packet injection or crafted capture file CVE project by @Sn0wAlice Create: 2023-02-02 02:03:47 +0000 UTC Push: 2023-02-02 02:03:49 +0000 UTC |

Live-Hack-CVE/CVE-2023-0412 TIPC dissector crash in Wireshark 4.0.0 to 4.0.2 and 3.6.0 to 3.6.10 and allows denial of service via packet injection or crafted capture file CVE project by @Sn0wAlice Create: 2023-02-02 02:03:43 +0000 UTC Push: 2023-02-02 02:03:46 +0000 UTC |

Live-Hack-CVE/CVE-2023-0411 Excessive loops in multiple dissectors in Wireshark 4.0.0 to 4.0.2 and 3.6.0 to 3.6.10 and allows denial of service via packet injection or crafted capture file CVE project by @Sn0wAlice Create: 2023-02-02 02:03:40 +0000 UTC Push: 2023-02-02 02:03:42 +0000 UTC |

Live-Hack-CVE/CVE-2019-10957 Geutebruck IP Cameras G-Code(EEC-2xxx), G-Cam(EBC-21xx/EFD-22xx/ETHC-22xx/EWPC-22xx): All versions 1.12.0.25 and prior may allow a remote authenticated attacker with access to event configuration to store malicious code on the server, which could later be triggered by a legitimate user resulting in code execution withi CVE project by @Sn0wAlice Create: 2023-02-02 02:03:36 +0000 UTC Push: 2023-02-02 02:03:39 +0000 UTC |

Live-Hack-CVE/CVE-2022-25350 All versions of the package puppet-facter are vulnerable to Command Injection via the getFact function due to improper input sanitization. CVE project by @Sn0wAlice Create: 2023-02-02 02:03:33 +0000 UTC Push: 2023-02-02 02:03:35 +0000 UTC |

Live-Hack-CVE/CVE-2020-22327 An issue was discovered in HFish 0.5.1. When a payload is inserted where the name is entered, XSS code is triggered when the administrator views the information. CVE project by @Sn0wAlice Create: 2023-02-02 02:03:29 +0000 UTC Push: 2023-02-02 02:03:31 +0000 UTC |

Live-Hack-CVE/CVE-2018-3964 An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's Foxit PDF Reader version 9.1.0.5096. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the user to open the malic CVE project by @Sn0wAlice Create: 2023-02-02 02:03:24 +0000 UTC Push: 2023-02-02 02:03:28 +0000 UTC |

Live-Hack-CVE/CVE-2022-21192 All versions of the package serve-lite are vulnerable to Directory Traversal due to missing input sanitization or other checks and protections employed to the req.url passed as-is to path.join(). CVE project by @Sn0wAlice Create: 2023-02-02 02:03:21 +0000 UTC Push: 2023-02-02 02:03:23 +0000 UTC |

Live-Hack-CVE/CVE-2014-4982 LPAR2RRD ? 4.53 and ? 3.5 has arbitrary command injection on the application server. CVE project by @Sn0wAlice Create: 2023-02-02 02:03:17 +0000 UTC Push: 2023-02-02 02:03:19 +0000 UTC |

Live-Hack-CVE/CVE-2014-4984 Déjà Vu Crescendo Sales CRM has remote SQL Injection CVE project by @Sn0wAlice Create: 2023-02-02 02:03:13 +0000 UTC Push: 2023-02-02 02:03:15 +0000 UTC |

Live-Hack-CVE/CVE-2019-14302 On Ricoh SP C250DN 1.06 devices, a debug port can be used. CVE project by @Sn0wAlice Create: 2023-02-02 02:03:09 +0000 UTC Push: 2023-02-02 02:03:11 +0000 UTC |