Live-Hack-CVE/CVE-2022-38725 An integer overflow in the RFC3164 parser in One Identity syslog-ng 3.0 through 3.37 allows remote attackers to cause a Denial of Service via crafted syslog input that is mishandled by the tcp or network function. syslog-ng Premium Edition 7.0.30 and syslog-ng Store Box 6.10.0 are also affected. CVE project by @Sn0wAlice Create: 2023-01-24 01:23:01 +0000 UTC Push: 2023-01-24 01:23:03 +0000 UTC |

Live-Hack-CVE/CVE-2022-46472 Helmet Store Showroom Site v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /hss/classes/Users.php?f=delete. CVE project by @Sn0wAlice Create: 2023-01-24 01:22:51 +0000 UTC Push: 2023-01-24 01:22:53 +0000 UTC |

Live-Hack-CVE/CVE-2022-46371 Alotcer - AR7088H-A firmware version 16.10.3 Information disclosure. Unspecified error message contains the default administrator user name. CVE project by @Sn0wAlice Create: 2023-01-24 01:22:47 +0000 UTC Push: 2023-01-24 01:22:50 +0000 UTC |

Live-Hack-CVE/CVE-2023-22597 InHand Networks InRouter 302, prior to version IR302 V3.5.56, and InRouter 615, prior to version InRouter6XX-S-V2.3.0.r5542, contain vulnerability CWE-319: Cleartext Transmission of Sensitive Information. They use an unsecured channel to communicate with the cloud platform by default. An unauthorized user could interce CVE project by @Sn0wAlice Create: 2023-01-24 01:22:44 +0000 UTC Push: 2023-01-24 01:22:46 +0000 UTC |

Live-Hack-CVE/CVE-2022-25027 The Forgotten Password functionality of Rocket TRUfusion Portal v7.9.2.1 allows remote attackers to bypass authentication and access restricted pages by validating the user's session token when the "Password forgotten?" button is clicked. CVE project by @Sn0wAlice Create: 2023-01-24 01:22:38 +0000 UTC Push: 2023-01-24 01:22:41 +0000 UTC |

Live-Hack-CVE/CVE-2017-16299 Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authentica CVE project by @Sn0wAlice Create: 2023-01-24 01:22:35 +0000 UTC Push: 2023-01-24 01:22:37 +0000 UTC |

Live-Hack-CVE/CVE-2017-16297 Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authentica CVE project by @Sn0wAlice Create: 2023-01-24 01:22:31 +0000 UTC Push: 2023-01-24 01:22:33 +0000 UTC |

Live-Hack-CVE/CVE-2017-16298 Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authentica CVE project by @Sn0wAlice Create: 2023-01-24 01:22:26 +0000 UTC Push: 2023-01-24 01:22:29 +0000 UTC |

Live-Hack-CVE/CVE-2017-16296 Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authentica CVE project by @Sn0wAlice Create: 2023-01-24 01:22:21 +0000 UTC Push: 2023-01-24 01:22:25 +0000 UTC |

Live-Hack-CVE/CVE-2017-16295 Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authentica CVE project by @Sn0wAlice Create: 2023-01-24 01:22:18 +0000 UTC Push: 2023-01-24 01:22:20 +0000 UTC |

Live-Hack-CVE/CVE-2022-46372 Alotcer - AR7088H-A firmware version 16.10.3 Command execution Improper validation of unspecified input field may allow Authenticated command execution. CVE project by @Sn0wAlice Create: 2023-01-24 01:22:14 +0000 UTC Push: 2023-01-24 01:22:16 +0000 UTC |

Live-Hack-CVE/CVE-2023-0440 Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository healthchecks/healthchecks prior to v2.6. CVE project by @Sn0wAlice Create: 2023-01-24 00:16:46 +0000 UTC Push: 2023-01-24 00:16:48 +0000 UTC |

Live-Hack-CVE/CVE-2023-0438 Cross-Site Request Forgery (CSRF) in GitHub repository modoboa/modoboa prior to 2.0.4. CVE project by @Sn0wAlice Create: 2023-01-24 00:16:42 +0000 UTC Push: 2023-01-24 00:16:44 +0000 UTC |

vonahisec/CVE-2022-47966-Scan Create: 2023-01-23 23:49:10 +0000 UTC Push: 2023-01-24 23:50:57 +0000 UTC |

Live-Hack-CVE/CVE-2017-16322 Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authentica CVE project by @Sn0wAlice Create: 2023-01-23 22:02:59 +0000 UTC Push: 2023-01-23 22:03:02 +0000 UTC |

walnutsecurity/cve-2022-36804 A critical command injection vulnerability was found in multiple API endpoints of the Atlassian Bit bucket Server and Data center. This vulnerability affects all versions of Bitbucket Server and Data Center released before versions <7.6.17, <7.17.10, <7.21.4, <8.0.3, <8.1.2, <8.2.2, and <8.3.1 Create: 2023-01-23 20:51:09 +0000 UTC Push: 2023-01-23 20:51:09 +0000 UTC |

Live-Hack-CVE/CVE-2023-24069 Signal Desktop before 6.2.0 on Windows, Linux, and macOS allows an attacker to obtain potentially sensitive attachments sent in messages from the attachments.noindex directory. Cached attachments are not effectively cleared. In some cases, even after a self-initiated file deletion, an attacker can still recover the fil CVE project by @Sn0wAlice Create: 2023-01-23 19:52:47 +0000 UTC Push: 2023-01-23 19:52:49 +0000 UTC |

Live-Hack-CVE/CVE-2023-24068 Signal Desktop before 6.2.0 on Windows, Linux, and macOS allows an attacker to modify conversation attachments within the attachments.noindex directory. Client mechanisms fail to validate modifications of existing cached files, resulting in an attacker's ability to insert malicious code into pre-existing attachments or CVE project by @Sn0wAlice Create: 2023-01-23 19:52:43 +0000 UTC Push: 2023-01-23 19:52:45 +0000 UTC |

ACE-Responder/CVE-2022-47966_checker Run on your ManageEngine server Create: 2023-01-23 19:33:29 +0000 UTC Push: 2023-01-23 19:33:29 +0000 UTC |

Inplex-sys/CVE-2022-47966 Create: 2023-01-23 18:45:23 +0000 UTC Push: 2023-01-23 18:45:43 +0000 UTC |