Live-Hack-CVE/CVE-2023-22501 An authentication vulnerability was discovered in Jira Service Management Server and Data Center which allows an attacker to impersonate another user and gain access to a Jira Service Management instance under certain circumstances_._ With write access to a User Directory and outgoing email enabled on a Jira Service Ma CVE project by @Sn0wAlice Create: 2023-02-02 05:28:54 +0000 UTC Push: 2023-02-02 05:28:56 +0000 UTC |

Live-Hack-CVE/CVE-2019-19648 In the macho_parse_file functionality in macho/macho.c of YARA 3.11.0, command_size may be inconsistent with the real size. A specially crafted MachO file can cause an out-of-bounds memory access, resulting in Denial of Service (application crash) or potential code execution. CVE project by @Sn0wAlice Create: 2023-02-02 05:28:50 +0000 UTC Push: 2023-02-02 05:28:53 +0000 UTC |

Live-Hack-CVE/CVE-2023-24170 Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via /goform/fromSetWirelessRepeat. CVE project by @Sn0wAlice Create: 2023-02-02 05:28:47 +0000 UTC Push: 2023-02-02 05:28:49 +0000 UTC |

Live-Hack-CVE/CVE-2022-47073 A cross-site scripting (XSS) vulnerability in the Create Ticket page of Small CRM v3.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Subject parameter. CVE project by @Sn0wAlice Create: 2023-02-02 05:28:43 +0000 UTC Push: 2023-02-02 05:28:46 +0000 UTC |

Live-Hack-CVE/CVE-2023-24167 Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via /goform/add_white_node. CVE project by @Sn0wAlice Create: 2023-02-02 05:28:40 +0000 UTC Push: 2023-02-02 05:28:42 +0000 UTC |

Live-Hack-CVE/CVE-2023-24169 Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via /goform/FUN_0007343c. CVE project by @Sn0wAlice Create: 2023-02-02 05:28:36 +0000 UTC Push: 2023-02-02 05:28:38 +0000 UTC |

Live-Hack-CVE/CVE-2019-9904 An issue was discovered in lib\cdt\dttree.c in libcdt.a in graphviz 2.40.1. Stack consumption occurs because of recursive agclose calls in lib\cgraph\graph.c in libcgraph.a, related to agfstsubg in lib\cgraph\subg.c. CVE project by @Sn0wAlice Create: 2023-02-02 05:28:32 +0000 UTC Push: 2023-02-02 05:28:35 +0000 UTC |

Live-Hack-CVE/CVE-2019-14465 fmt_mtm_load_song in fmt/mtm.c in Schism Tracker 20190722 has a heap-based buffer overflow. CVE project by @Sn0wAlice Create: 2023-02-02 05:28:29 +0000 UTC Push: 2023-02-02 05:28:31 +0000 UTC |

Live-Hack-CVE/CVE-2023-24166 Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via /goform/formWifiBasicSet. CVE project by @Sn0wAlice Create: 2023-02-02 05:28:25 +0000 UTC Push: 2023-02-02 05:28:28 +0000 UTC |

Live-Hack-CVE/CVE-2019-4716 IBM Planning Analytics 2.0.0 through 2.0.8 is vulnerable to a configuration overwrite that allows an unauthenticated user to login as "admin", and then execute code as root or SYSTEM via TM1 scripting. IBM X-Force ID: 172094. CVE project by @Sn0wAlice Create: 2023-02-02 05:28:22 +0000 UTC Push: 2023-02-02 05:28:24 +0000 UTC |

Live-Hack-CVE/CVE-2022-27507 Authenticated denial of service CVE project by @Sn0wAlice Create: 2023-02-02 05:28:18 +0000 UTC Push: 2023-02-02 05:28:20 +0000 UTC |

Live-Hack-CVE/CVE-2022-27508 Unauthenticated denial of service CVE project by @Sn0wAlice Create: 2023-02-02 05:28:14 +0000 UTC Push: 2023-02-02 05:28:17 +0000 UTC |

Live-Hack-CVE/CVE-2023-24165 Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via /goform/initIpAddrInfo. CVE project by @Sn0wAlice Create: 2023-02-02 05:28:10 +0000 UTC Push: 2023-02-02 05:28:13 +0000 UTC |

Live-Hack-CVE/CVE-2023-24164 Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via /goform/FUN_000c2318. CVE project by @Sn0wAlice Create: 2023-02-02 05:28:07 +0000 UTC Push: 2023-02-02 05:28:09 +0000 UTC |

Live-Hack-CVE/CVE-2022-43864 IBM Business Automation Workflow 22.0.2 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 239427. CVE project by @Sn0wAlice Create: 2023-02-02 05:28:03 +0000 UTC Push: 2023-02-02 05:28:05 +0000 UTC |

Live-Hack-CVE/CVE-2022-40036 An issue was discovered in Rawchen blog-ssm v1.0 allows an attacker to obtain sensitive user information by bypassing permission checks via the /adminGetUserList component. CVE project by @Sn0wAlice Create: 2023-02-02 05:28:00 +0000 UTC Push: 2023-02-02 05:28:02 +0000 UTC |

Live-Hack-CVE/CVE-2022-43917 IBM WebSphere Application Server 8.5 and 9.0 traditional container uses weaker than expected cryptographic keys that could allow an attacker to decrypt sensitive information. This affects only the containerized version of WebSphere Application Server traditional. IBM X-Force ID: 241045. CVE project by @Sn0wAlice Create: 2023-02-02 05:27:56 +0000 UTC Push: 2023-02-02 05:27:58 +0000 UTC |

Live-Hack-CVE/CVE-2022-40035 File Upload Vulnerability found in Rawchen Blog-ssm v1.0 allowing attackers to execute arbitrary commands and gain escalated privileges via the /uploadFileList component. CVE project by @Sn0wAlice Create: 2023-02-02 05:27:52 +0000 UTC Push: 2023-02-02 05:27:55 +0000 UTC |

Live-Hack-CVE/CVE-2022-41941 GLPI is a Free Asset and IT Management Software package. Versions 10.0.0 and above, prior to 10.0.6, are subject to Cross-site Scripting. An administrator may store malicious code in help links. This issue is patched in 10.0.6. CVE project by @Sn0wAlice Create: 2023-02-02 05:27:49 +0000 UTC Push: 2023-02-02 05:27:51 +0000 UTC |

Live-Hack-CVE/CVE-2023-22500 GLPI is a Free Asset and IT Management Software package. Versions 10.0.0 and above, prior to 10.0.6 are vulnerable to Incorrect Authorization. This vulnerability allow unauthorized access to inventory files. Thus, if anonymous access to FAQ is allowed, inventory files are accessbile by unauthenticated users. This issue CVE project by @Sn0wAlice Create: 2023-02-02 05:27:45 +0000 UTC Push: 2023-02-02 05:27:48 +0000 UTC |