Live-Hack-CVE/CVE-2015-3239 An off-by-one array indexing error was found in the libunwind API, which could cause an error when reading untrusted binaries or dwarf debug info data. Red Hat products do not call the API in this way; and it is unlikely that any exploitable attack vector exists in current builds or supported usage. CVE project by @Sn0wAlice Create: 2023-02-03 05:41:01 +0000 UTC Push: 2023-02-03 05:41:04 +0000 UTC |

Live-Hack-CVE/CVE-2015-3204 A flaw was discovered in the way Libreswan's IKE daemon processed certain IKEv1 payloads. A remote attacker could send specially crafted IKEv1 payloads that, when processed, would lead to a denial of service (daemon crash). CVE project by @Sn0wAlice Create: 2023-02-03 05:40:58 +0000 UTC Push: 2023-02-03 05:41:00 +0000 UTC |

Live-Hack-CVE/CVE-2015-5188 It was discovered that when uploading a file using a multipart/form-data submission to the EAP Web Console, the Console was vulnerable to Cross-Site Request Forgery (CSRF). This meant that an attacker could use the flaw together with a forgery attack to make changes to an authenticated instance. CVE project by @Sn0wAlice Create: 2023-02-03 05:40:54 +0000 UTC Push: 2023-02-03 05:40:56 +0000 UTC |

Live-Hack-CVE/CVE-2015-5194 It was found that ntpd could crash due to an uninitialized variable when processing malformed logconfig configuration commands. CVE project by @Sn0wAlice Create: 2023-02-03 05:40:50 +0000 UTC Push: 2023-02-03 05:40:53 +0000 UTC |

Live-Hack-CVE/CVE-2015-5195 It was found that ntpd would exit with a segmentation fault when a statistics type that was not enabled during compilation (e.g. timingstats) was referenced by the statistics or filegen configuration command. CVE project by @Sn0wAlice Create: 2023-02-03 05:40:47 +0000 UTC Push: 2023-02-03 05:40:49 +0000 UTC |

Live-Hack-CVE/CVE-2015-3258 A heap-based buffer overflow was discovered in the way the texttopdf utility of cups-filter processed print jobs with a specially crafted line size. An attacker able to submit print jobs could use this flaw to crash texttopdf or, possibly, execute arbitrary code with the privileges of the "lp" user. CVE project by @Sn0wAlice Create: 2023-02-03 05:40:43 +0000 UTC Push: 2023-02-03 05:40:45 +0000 UTC |

Live-Hack-CVE/CVE-2015-5189 A race condition was found in the way the pcsd web UI backend performed authorization of user requests. An attacker could use this flaw to send a request that would be evaluated as originating from a different user, potentially allowing the attacker to perform actions with permissions of a more privileged user. CVE project by @Sn0wAlice Create: 2023-02-03 05:40:38 +0000 UTC Push: 2023-02-03 05:40:41 +0000 UTC |

Live-Hack-CVE/CVE-2018-3859 An exploitable out-of-bounds write exists in the TIFF parsing functionality of Canvas Draw version 4.0.0. A specially crafted TIFF image processed via the application can lead to an out-of-bounds write, overwriting arbitrary data. An attacker can deliver a TIFF image to trigger this vulnerability and gain code executio CVE project by @Sn0wAlice Create: 2023-02-03 05:40:35 +0000 UTC Push: 2023-02-03 05:40:37 +0000 UTC |

Live-Hack-CVE/CVE-2018-3871 An exploitable out-of-bounds write exists in the PCX parsing functionality of Canvas Draw version 4.0.0. A specially crafted PCX image processed via the application can lead to an out-of-bounds write, overwriting arbitrary data. An attacker can deliver a PCX image to trigger this vulnerability and gain code execution. CVE project by @Sn0wAlice Create: 2023-02-03 05:40:31 +0000 UTC Push: 2023-02-03 05:40:33 +0000 UTC |

Live-Hack-CVE/CVE-2018-3858 An exploitable heap overflow exists in the TIFF parsing functionality of Canvas Draw version 4.0.0. A specially crafted TIFF image processed via the application can lead to an out-of-bounds write, overwriting arbitrary data. An attacker can deliver a TIFF image to trigger this vulnerability and gain the ability to exec CVE project by @Sn0wAlice Create: 2023-02-03 05:40:27 +0000 UTC Push: 2023-02-03 05:40:29 +0000 UTC |

Live-Hack-CVE/CVE-2018-3870 An exploitable out-of-bounds write exists in the PCX parsing functionality of Canvas Draw version 4.0.0. A specially crafted PCX image processed via the application can lead to an out-of-bounds write, overwriting arbitrary data. An attacker can deliver a PCX image to trigger this vulnerability and gain code execution. CVE project by @Sn0wAlice Create: 2023-02-03 05:40:24 +0000 UTC Push: 2023-02-03 05:40:26 +0000 UTC |

Live-Hack-CVE/CVE-2018-3860 An exploitable out-of-bounds write exists in the TIFF parsing functionality of Canvas Draw version 4.0.0. A specially crafted TIFF image processed via the application can lead to an out-of-bounds write, overwriting arbitrary data. An attacker can deliver a TIFF image to trigger this vulnerability and gain the ability t CVE project by @Sn0wAlice Create: 2023-02-03 05:40:20 +0000 UTC Push: 2023-02-03 05:40:22 +0000 UTC |

Live-Hack-CVE/CVE-2023-23110 An exploitable firmware modification vulnerability was discovered in certain Netgear products. The data integrity of the uploaded firmware image is ensured with a fixed checksum number. Therefore, an attacker can conduct a MITM attack to modify the user-uploaded firmware image and bypass the checksum verification. This CVE project by @Sn0wAlice Create: 2023-02-03 05:40:16 +0000 UTC Push: 2023-02-03 05:40:19 +0000 UTC |

Live-Hack-CVE/CVE-2022-26500 Improper limitation of path names in Veeam Backup & Replication 9.5U3, 9.5U4,10.x, and 11.x allows remote authenticated users access to internal API functions that allows attackers to upload and execute arbitrary code. CVE project by @Sn0wAlice Create: 2023-02-03 05:40:12 +0000 UTC Push: 2023-02-03 05:40:15 +0000 UTC |

Live-Hack-CVE/CVE-2022-26501 Veeam Backup & Replication 10.x and 11.x has Incorrect Access Control (issue 1 of 2). CVE project by @Sn0wAlice Create: 2023-02-03 05:40:08 +0000 UTC Push: 2023-02-03 05:40:11 +0000 UTC |

Live-Hack-CVE/CVE-2017-12103 An exploitable integer overflow exists in the way that the Blender open-source 3d creation suite v2.78c converts text rendered as a font into a curve. A specially crafted .blend file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context of the application. An CVE project by @Sn0wAlice Create: 2023-02-03 05:40:04 +0000 UTC Push: 2023-02-03 05:40:07 +0000 UTC |

Live-Hack-CVE/CVE-2017-12104 An exploitable integer overflow exists in the way that the Blender open-source 3d creation suite v2.78c draws a Particle object. A specially crafted .blend file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context of the application. An attacker can convince CVE project by @Sn0wAlice Create: 2023-02-03 05:40:00 +0000 UTC Push: 2023-02-03 05:40:03 +0000 UTC |

Live-Hack-CVE/CVE-2017-12105 An exploitable integer overflow exists in the way that the Blender open-source 3d creation suite v2.78c applies a particular object modifier to a Mesh. A specially crafted .blend file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context of the application. An CVE project by @Sn0wAlice Create: 2023-02-03 05:39:57 +0000 UTC Push: 2023-02-03 05:39:59 +0000 UTC |

Live-Hack-CVE/CVE-2017-12082 An exploitable integer overflow exists in the 'CustomData' Mesh loading functionality of the Blender open-source 3d creation suite. A .blend file with a specially crafted external data file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context of the applicati CVE project by @Sn0wAlice Create: 2023-02-03 05:39:53 +0000 UTC Push: 2023-02-03 05:39:55 +0000 UTC |

Live-Hack-CVE/CVE-2017-12086 An exploitable integer overflow exists in the 'BKE_mesh_calc_normals_tessface' functionality of the Blender open-source 3d creation suite. A specially crafted .blend file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context of the application. An attacker can CVE project by @Sn0wAlice Create: 2023-02-03 05:39:49 +0000 UTC Push: 2023-02-03 05:39:52 +0000 UTC |