Live-Hack-CVE/CVE-2022-45913 An issue was discovered in Zimbra Collaboration (ZCS) 9.0. XSS can occur via one of attributes in webmail URLs to execute arbitrary JavaScript code, leading to information disclosure. CVE project by @Sn0wAlice Create: 2023-01-07 09:51:48 +0000 UTC Push: 2023-01-07 09:51:51 +0000 UTC |

Live-Hack-CVE/CVE-2022-45911 An issue was discovered in Zimbra Collaboration (ZCS) 9.0. XSS can occur on the Classic UI login page by injecting arbitrary JavaScript code in the username field. This occurs before the user logs into the system, which means that even if the attacker executes arbitrary JavaScript, they will not get any sensitive infor CVE project by @Sn0wAlice Create: 2023-01-07 09:51:44 +0000 UTC Push: 2023-01-07 09:51:47 +0000 UTC |

Live-Hack-CVE/CVE-2014-125053 A vulnerability was found in Piwigo-Guest-Book up to 1.3.0. It has been declared as critical. This vulnerability affects unknown code of the file include/guestbook.inc.php of the component Navigation Bar. The manipulation of the argument start leads to sql injection. Upgrading to version 1.3.1 is able to address this i CVE project by @Sn0wAlice Create: 2023-01-07 09:51:36 +0000 UTC Push: 2023-01-07 09:51:39 +0000 UTC |

Live-Hack-CVE/CVE-2022-34683 NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape, where a null-pointer dereference occurs, which may lead to denial of service. CVE project by @Sn0wAlice Create: 2023-01-07 07:41:32 +0000 UTC Push: 2023-01-07 07:41:35 +0000 UTC |

Live-Hack-CVE/CVE-2022-34682 NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer, where an unprivileged regular user can cause a null-pointer dereference, which may lead to denial of service. CVE project by @Sn0wAlice Create: 2023-01-07 07:41:27 +0000 UTC Push: 2023-01-07 07:41:30 +0000 UTC |

Live-Hack-CVE/CVE-2022-34681 NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler, where improper input validation of a display-related data structure may lead to denial of service. CVE project by @Sn0wAlice Create: 2023-01-07 07:41:23 +0000 UTC Push: 2023-01-07 07:41:26 +0000 UTC |

Live-Hack-CVE/CVE-2018-25068 A vulnerability has been found in devent globalpom-utils up to 4.5.0 and classified as critical. This vulnerability affects the function createTmpDir of the file globalpomutils-fileresources/src/main/java/com/anrisoftware/globalpom/fileresourcemanager/FileResourceManagerProvider.java. The manipulation leads to insecure CVE project by @Sn0wAlice Create: 2023-01-07 07:41:19 +0000 UTC Push: 2023-01-07 07:41:22 +0000 UTC |

Live-Hack-CVE/CVE-2018-25067 A vulnerability, which was classified as critical, was found in JoomGallery up to 3.3.3. This affects an unknown part of the file administrator/components/com_joomgallery/views/config/tmpl/default.php of the component Image Sort Handler. The manipulation leads to sql injection. Upgrading to version 3.3.4 is able to add CVE project by @Sn0wAlice Create: 2023-01-07 07:41:15 +0000 UTC Push: 2023-01-07 07:41:18 +0000 UTC |

Live-Hack-CVE/CVE-2014-125052 A vulnerability was found in JervenBolleman sparql-identifiers and classified as critical. This issue affects some unknown processing of the file src/main/java/org/identifiers/db/RegistryDao.java. The manipulation leads to sql injection. The name of the patch is 44bb0db91c064e305b192fc73521d1dfd25bde52. It is recommend CVE project by @Sn0wAlice Create: 2023-01-07 07:41:11 +0000 UTC Push: 2023-01-07 07:41:13 +0000 UTC |

Live-Hack-CVE/CVE-2023-0028 Cross-site Scripting (XSS) - Stored in GitHub repository linagora/twake prior to 2023.Q1.1200+. CVE project by @Sn0wAlice Create: 2023-01-07 07:41:02 +0000 UTC Push: 2023-01-07 07:41:05 +0000 UTC |

Live-Hack-CVE/CVE-2022-42256 NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer (nvidia.ko), where an integer overflow in index validation may lead to denial of service, information disclosure, or data tampering. CVE project by @Sn0wAlice Create: 2023-01-07 07:40:56 +0000 UTC Push: 2023-01-07 07:40:59 +0000 UTC |

Live-Hack-CVE/CVE-2022-42255 NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer (nvidia.ko), where an out-of-bounds array access may lead to denial of service, information disclosure, or data tampering. CVE project by @Sn0wAlice Create: 2023-01-07 07:40:53 +0000 UTC Push: 2023-01-07 07:40:55 +0000 UTC |

Live-Hack-CVE/CVE-2022-44939 Efs Software Easy Chat Server Version 3.1 was discovered to contain a DLL hijacking vulnerability via the component TextShaping.dll. This vulnerability allows attackers to execute arbitrary code via a crafted DLL. CVE project by @Sn0wAlice Create: 2023-01-07 07:40:48 +0000 UTC Push: 2023-01-07 07:40:50 +0000 UTC |

Live-Hack-CVE/CVE-2022-41613 Bentley Systems MicroStation Connect versions 10.17.0.209 and prior are vulnerable to an Out-of-Bounds Read when when parsing DGN files, which may allow an attacker to crash the product, disclose sensitive information, or execute arbitrary code. CVE project by @Sn0wAlice Create: 2023-01-07 07:40:44 +0000 UTC Push: 2023-01-07 07:40:47 +0000 UTC |

Live-Hack-CVE/CVE-2022-40201 Bentley Systems MicroStation Connect versions 10.17.0.209 and prior are vulnerable to a Stack-Based Buffer Overflow when a malformed design (DGN) file is parsed. This may allow an attacker to execute arbitrary code. CVE project by @Sn0wAlice Create: 2023-01-07 07:40:40 +0000 UTC Push: 2023-01-07 07:40:43 +0000 UTC |

Live-Hack-CVE/CVE-2022-2484 The signature check in the Nokia ASIK AirScale system module version 474021A.101 can be bypassed allowing an attacker to run modified firmware. This could result in the execution of a malicious kernel, arbitrary programs, or modified Nokia programs. CVE project by @Sn0wAlice Create: 2023-01-07 07:40:36 +0000 UTC Push: 2023-01-07 07:40:38 +0000 UTC |

Live-Hack-CVE/CVE-2022-2483 The bootloader in the Nokia ASIK AirScale system module (versions 474021A.101 and 474021A.102) loads public keys for firmware verification signature. If an attacker modifies the flash contents to corrupt the keys, secure boot could be permanently disabled on a given device. CVE project by @Sn0wAlice Create: 2023-01-07 07:40:32 +0000 UTC Push: 2023-01-07 07:40:35 +0000 UTC |

Live-Hack-CVE/CVE-2022-2482 A vulnerability exists in Nokia’s ASIK AirScale system module (versions 474021A.101 and 474021A.102) that could allow an attacker to place a script on the file system accessible from Linux. A script placed in the appropriate place could allow for arbitrary code execution in the bootloader. CVE project by @Sn0wAlice Create: 2023-01-07 07:40:27 +0000 UTC Push: 2023-01-07 07:40:30 +0000 UTC |

Live-Hack-CVE/CVE-2013-10008 A vulnerability was found in sheilazpy eShop. It has been classified as critical. Affected is an unknown function. The manipulation leads to sql injection. The name of the patch is e096c5849c4dc09e1074104531014a62a5413884. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB CVE project by @Sn0wAlice Create: 2023-01-07 07:40:23 +0000 UTC Push: 2023-01-07 07:40:26 +0000 UTC |

Live-Hack-CVE/CVE-2021-4294 A vulnerability was found in OpenShift OSIN. It has been classified as problematic. This affects the function ClientSecretMatches/CheckClientSecret. The manipulation of the argument secret leads to observable timing discrepancy. The name of the patch is 8612686d6dda34ae9ef6b5a974e4b7accb4fea29. It is recommended to app CVE project by @Sn0wAlice Create: 2023-01-07 05:32:17 +0000 UTC Push: 2023-01-07 05:32:20 +0000 UTC |