Inplex-sys/CVE-2022-47966 Create: 2023-01-23 18:45:23 +0000 UTC Push: 2023-01-23 18:45:43 +0000 UTC |

amit-pathak009/CVE-2018-6389-FIX it is the official Fix of Wordpress CVE-2018-6389. Create: 2023-01-23 17:44:16 +0000 UTC Push: 2023-01-23 17:44:16 +0000 UTC |

Live-Hack-CVE/CVE-2022-48281 processCropSelections in tools/tiffcrop.c in LibTIFF through 4.5.0 has a heap-based buffer overflow (e.g., "WRITE of size 307203") via a crafted TIFF image. CVE project by @Sn0wAlice Create: 2023-01-23 14:23:58 +0000 UTC Push: 2023-01-23 14:24:01 +0000 UTC |

Live-Hack-CVE/CVE-2023-24070 app/View/AuthKeys/authkey_display.ctp in MISP through 2.4.167 has an XSS in authkey add via a Referer field. CVE project by @Sn0wAlice Create: 2023-01-23 14:23:54 +0000 UTC Push: 2023-01-23 14:23:57 +0000 UTC |

Live-Hack-CVE/CVE-2023-23314 An arbitrary file upload vulnerability in the /api/upload component of zdir v3.2.0 allows attackers to execute arbitrary code via a crafted .ssh file. CVE project by @Sn0wAlice Create: 2023-01-23 14:23:50 +0000 UTC Push: 2023-01-23 14:23:53 +0000 UTC |

Live-Hack-CVE/CVE-2022-46959 An issue in the component /admin/backups/work-dir of Sonic v1.0.4 allows attackers to execute a directory traversal. CVE project by @Sn0wAlice Create: 2023-01-23 14:23:46 +0000 UTC Push: 2023-01-23 14:23:49 +0000 UTC |

vadim-a-yegorov/CVE-2022-26766-bootstrap Create: 2023-01-23 13:48:48 +0000 UTC Push: 2023-01-23 13:48:48 +0000 UTC |

Live-Hack-CVE/CVE-2023-0435 Excessive Attack Surface in GitHub repository pyload/pyload prior to 0.5.0b3.dev41. CVE project by @Sn0wAlice Create: 2023-01-23 07:42:40 +0000 UTC Push: 2023-01-23 07:42:42 +0000 UTC |

BLY-Coder/Python-exploit-CVE-2020-25213 Python exploit for RCE in Wordpress Create: 2023-01-23 00:54:25 +0000 UTC Push: 2023-01-23 00:54:26 +0000 UTC |

Live-Hack-CVE/CVE-2023-24058 Booked Scheduler 2.5.5 allows authenticated users to create and schedule events for any other user via a modified userId value to reservation_save.php. NOTE: 2.5.5 is a version from 2014. CVE project by @Sn0wAlice Create: 2023-01-22 19:39:04 +0000 UTC Push: 2023-01-22 19:39:06 +0000 UTC |

Live-Hack-CVE/CVE-2023-24059 Grand Theft Auto V for PC allows attackers to achieve partial remote code execution or modify files on a PC, as exploited in the wild in January 2023. CVE project by @Sn0wAlice Create: 2023-01-22 19:39:00 +0000 UTC Push: 2023-01-22 19:39:03 +0000 UTC |

Live-Hack-CVE/CVE-2023-0434 Improper Input Validation in GitHub repository pyload/pyload prior to 0.5.0b3.dev40. CVE project by @Sn0wAlice Create: 2023-01-22 14:13:04 +0000 UTC Push: 2023-01-22 14:13:06 +0000 UTC |

Live-Hack-CVE/CVE-2023-24044 A Host Header Injection issue on the Login page of Plesk Obsidian through 18.0.49 allows attackers to redirect users to malicious websites via a Host request header. CVE project by @Sn0wAlice Create: 2023-01-22 14:13:00 +0000 UTC Push: 2023-01-22 14:13:03 +0000 UTC |

Live-Hack-CVE/CVE-2023-23457 A Segmentation fault was found in UPX in PackLinuxElf64::invert_pt_dynamic() in p_lx_elf.cpp. An attacker with a crafted input file allows invalid memory address access that could lead to a denial of service. CVE project by @Sn0wAlice Create: 2023-01-22 14:12:56 +0000 UTC Push: 2023-01-22 14:12:58 +0000 UTC |

Live-Hack-CVE/CVE-2023-23456 A heap-based buffer overflow issue was discovered in UPX in PackTmt::pack() in p_tmt.cpp file. The flow allows an attacker to cause a denial of service (abort) via a crafted file. CVE project by @Sn0wAlice Create: 2023-01-22 14:12:53 +0000 UTC Push: 2023-01-22 14:12:55 +0000 UTC |

Live-Hack-CVE/CVE-2023-24056 In pkgconf through 1.9.3, variable duplication can cause unbounded string expansion due to incorrect checks in libpkgconf/tuple.c:pkgconf_tuple_parse. For example, a .pc file containing a few hundred bytes can expand to one billion bytes. CVE project by @Sn0wAlice Create: 2023-01-22 14:12:48 +0000 UTC Push: 2023-01-22 14:12:50 +0000 UTC |

Live-Hack-CVE/CVE-2023-24055 ** DISPUTED ** KeePass through 2.53 (in a default installation) allows an attacker, who has write access to the XML configuration file, to obtain the cleartext passwords by adding an export trigger. NOTE: the vendor's position is that the password database is not intended to be secure against an attacker who has that l CVE project by @Sn0wAlice Create: 2023-01-22 14:12:45 +0000 UTC Push: 2023-01-22 14:12:47 +0000 UTC |

Live-Hack-CVE/CVE-2023-22617 A remote attacker might be able to cause infinite recursion in PowerDNS Recursor 4.8.0 via a DNS query that retrieves DS records for a misconfigured domain, because QName minimization is used in QM fallback mode. This is fixed in 4.8.1. CVE project by @Sn0wAlice Create: 2023-01-22 05:26:32 +0000 UTC Push: 2023-01-22 05:26:34 +0000 UTC |

Live-Hack-CVE/CVE-2023-0433 Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1225. CVE project by @Sn0wAlice Create: 2023-01-22 02:10:26 +0000 UTC Push: 2023-01-22 02:10:28 +0000 UTC |

Live-Hack-CVE/CVE-2023-22884 Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in Apache Software Foundation Apache Airflow, Apache Software Foundation Apache Airflow MySQL Provider.This issue affects Apache Airflow: before 2.5.1; Apache Airflow MySQL Provider: before 4.0.0. CVE project by @Sn0wAlice Create: 2023-01-21 23:56:15 +0000 UTC Push: 2023-01-21 23:56:17 +0000 UTC |