Live-Hack-CVE/CVE-2023-0221 Product security bypass vulnerability in ACC prior to version 8.3.4 allows a locally logged-in attacker with administrator privileges to bypass the execution controls provided by ACC using the utilman program. CVE project by @Sn0wAlice Create: 2023-01-14 01:15:30 +0000 UTC Push: 2023-01-14 01:15:34 +0000 UTC |

Live-Hack-CVE/CVE-2019-14369 Exiv2::PngImage::readMetadata() in pngimage.cpp in Exiv2 0.27.99.0 allows attackers to cause a denial of service (heap-based buffer over-read) via a crafted image file. CVE project by @Sn0wAlice Create: 2023-01-14 01:15:25 +0000 UTC Push: 2023-01-14 01:15:28 +0000 UTC |

Live-Hack-CVE/CVE-2019-13504 There is an out-of-bounds read in Exiv2::MrwImage::readMetadata in mrwimage.cpp in Exiv2 through 0.27.2. CVE project by @Sn0wAlice Create: 2023-01-14 01:15:21 +0000 UTC Push: 2023-01-14 01:15:24 +0000 UTC |

Live-Hack-CVE/CVE-2019-17402 Exiv2 0.27.2 allows attackers to trigger a crash in Exiv2::getULong in types.cpp when called from Exiv2::Internal::CiffDirectory::readDirectory in crwimage_int.cpp, because there is no validation of the relationship of the total size to the offset and size. CVE project by @Sn0wAlice Create: 2023-01-14 01:15:16 +0000 UTC Push: 2023-01-14 01:15:20 +0000 UTC |

Live-Hack-CVE/CVE-2019-14370 In Exiv2 0.27.99.0, there is an out-of-bounds read in Exiv2::MrwImage::readMetadata() in mrwimage.cpp. It could result in denial of service. CVE project by @Sn0wAlice Create: 2023-01-14 01:15:12 +0000 UTC Push: 2023-01-14 01:15:15 +0000 UTC |

Live-Hack-CVE/CVE-2018-17581 CiffDirectory::readDirectory() at crwimage_int.cpp in Exiv2 0.26 has excessive stack consumption due to a recursive function, leading to Denial of service. CVE project by @Sn0wAlice Create: 2023-01-14 01:15:07 +0000 UTC Push: 2023-01-14 01:15:11 +0000 UTC |

Live-Hack-CVE/CVE-2018-8976 In Exiv2 0.26, jpgimage.cpp allows remote attackers to cause a denial of service (image.cpp Exiv2::Internal::stringFormat out-of-bounds read) via a crafted file. CVE project by @Sn0wAlice Create: 2023-01-14 01:15:03 +0000 UTC Push: 2023-01-14 01:15:06 +0000 UTC |

Live-Hack-CVE/CVE-2018-19535 In Exiv2 0.26 and previous versions, PngChunk::readRawProfile in pngchunk_int.cpp may cause a denial of service (application crash due to a heap-based buffer over-read) via a crafted PNG file. CVE project by @Sn0wAlice Create: 2023-01-14 01:14:59 +0000 UTC Push: 2023-01-14 01:15:02 +0000 UTC |

Live-Hack-CVE/CVE-2018-19108 In Exiv2 0.26, Exiv2::PsdImage::readMetadata in psdimage.cpp in the PSD image reader may suffer from a denial of service (infinite loop) caused by an integer overflow via a crafted PSD image file. CVE project by @Sn0wAlice Create: 2023-01-14 01:14:54 +0000 UTC Push: 2023-01-14 01:14:57 +0000 UTC |

Live-Hack-CVE/CVE-2017-14864 An Invalid memory address dereference was discovered in Exiv2::getULong in types.cpp in Exiv2 0.26. The vulnerability causes a segmentation fault and application crash, which leads to denial of service. CVE project by @Sn0wAlice Create: 2023-01-14 01:14:49 +0000 UTC Push: 2023-01-14 01:14:52 +0000 UTC |

Live-Hack-CVE/CVE-2017-18005 Exiv2 0.26 has a Null Pointer Dereference in the Exiv2::DataValue::toLong function in value.cpp, related to crafted metadata in a TIFF file. CVE project by @Sn0wAlice Create: 2023-01-14 01:14:44 +0000 UTC Push: 2023-01-14 01:14:47 +0000 UTC |

Live-Hack-CVE/CVE-2017-17669 There is a heap-based buffer over-read in the Exiv2::Internal::PngChunk::keyTXTChunk function of pngchunk_int.cpp in Exiv2 0.26. A crafted PNG file will lead to a remote denial of service attack. CVE project by @Sn0wAlice Create: 2023-01-14 01:14:41 +0000 UTC Push: 2023-01-14 01:14:43 +0000 UTC |

Live-Hack-CVE/CVE-2017-11591 There is a Floating point exception in the Exiv2::ValueType function in Exiv2 0.26 that will lead to a remote denial of service attack via crafted input. CVE project by @Sn0wAlice Create: 2023-01-14 01:14:36 +0000 UTC Push: 2023-01-14 01:14:39 +0000 UTC |

Live-Hack-CVE/CVE-2017-14862 An Invalid memory address dereference was discovered in Exiv2::DataValue::read in value.cpp in Exiv2 0.26. The vulnerability causes a segmentation fault and application crash, which leads to denial of service. CVE project by @Sn0wAlice Create: 2023-01-14 01:14:32 +0000 UTC Push: 2023-01-14 01:14:35 +0000 UTC |

Live-Hack-CVE/CVE-2018-20097 There is a SEGV in Exiv2::Internal::TiffParserWorker::findPrimaryGroups of tiffimage_int.cpp in Exiv2 0.27-RC3. A crafted input will lead to a remote denial of service attack. CVE project by @Sn0wAlice Create: 2023-01-14 01:14:28 +0000 UTC Push: 2023-01-14 01:14:31 +0000 UTC |

Live-Hack-CVE/CVE-2022-47860 Lead Management System v1.0 is vulnerable to SQL Injection via the id parameter in removeProduct.php. CVE project by @Sn0wAlice Create: 2023-01-14 00:08:13 +0000 UTC Push: 2023-01-14 00:08:16 +0000 UTC |

Live-Hack-CVE/CVE-2022-47859 Lead Management System v1.0 is vulnerable to SQL Injection via the user_id parameter in changePassword.php. CVE project by @Sn0wAlice Create: 2023-01-14 00:08:08 +0000 UTC Push: 2023-01-14 00:08:11 +0000 UTC |

Live-Hack-CVE/CVE-2022-47864 Lead Management System v1.0 is vulnerable to SQL Injection via the id parameter in removeCategories.php. CVE project by @Sn0wAlice Create: 2023-01-14 00:08:03 +0000 UTC Push: 2023-01-14 00:08:06 +0000 UTC |

Live-Hack-CVE/CVE-2022-47862 Lead Management System v1.0 is vulnerable to SQL Injection via the customer_id parameter in ajax_represent.php. CVE project by @Sn0wAlice Create: 2023-01-14 00:07:57 +0000 UTC Push: 2023-01-14 00:08:02 +0000 UTC |

Live-Hack-CVE/CVE-2022-47861 Lead Management System v1.0 is vulnerable to SQL Injection via the id parameter in removeLead.php. CVE project by @Sn0wAlice Create: 2023-01-14 00:07:52 +0000 UTC Push: 2023-01-14 00:07:56 +0000 UTC |