Live-Hack-CVE/CVE-2020-1771 Attacker is able craft an article with a link to the customer address book with malicious content (JavaScript). When agent opens the link, JavaScript code is executed due to the missing parameter encoding. This issue affects: ((OTRS)) Community Edition: 6.0.26 and prior versions. OTRS: 7.0.15 and prior versions. CVE project by @Sn0wAlice Create: 2023-01-21 04:03:38 +0000 UTC Push: 2023-01-21 04:03:41 +0000 UTC |

Live-Hack-CVE/CVE-2019-18198 In the Linux kernel before 5.3.4, a reference count usage error in the fib6_rule_suppress() function in the fib6 suppression feature of net/ipv6/fib6_rules.c, when handling the FIB_LOOKUP_NOREF flag, can be exploited by a local attacker to corrupt memory, aka CID-ca7a03c41753. CVE project by @Sn0wAlice Create: 2023-01-21 04:03:33 +0000 UTC Push: 2023-01-21 04:03:36 +0000 UTC |

Live-Hack-CVE/CVE-2021-46791 Insufficient input validation during parsing of the System Management Mode (SMM) binary may allow a maliciously crafted SMM executable binary to corrupt Dynamic Root of Trust for Measurement (DRTM) user application memory that may result in a potential denial of service. CVE project by @Sn0wAlice Create: 2023-01-21 04:03:29 +0000 UTC Push: 2023-01-21 04:03:32 +0000 UTC |

Live-Hack-CVE/CVE-2017-16327 Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authentica CVE project by @Sn0wAlice Create: 2023-01-21 04:03:25 +0000 UTC Push: 2023-01-21 04:03:28 +0000 UTC |

Live-Hack-CVE/CVE-2017-16326 Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authentica CVE project by @Sn0wAlice Create: 2023-01-21 04:03:21 +0000 UTC Push: 2023-01-21 04:03:24 +0000 UTC |

Live-Hack-CVE/CVE-2019-10067 An issue was discovered in Open Ticket Request System (OTRS) 7.x through 7.0.6 and Community Edition 5.0.x through 5.0.35 and 6.0.x through 6.0.17. An attacker who is logged into OTRS as an agent user with appropriate permissions may manipulate the URL to cause execution of JavaScript in the context of OTRS. CVE project by @Sn0wAlice Create: 2023-01-21 01:55:45 +0000 UTC Push: 2023-01-21 01:55:48 +0000 UTC |

Live-Hack-CVE/CVE-2019-14464 XMFile::read in XMFile.cpp in milkyplay in MilkyTracker 1.02.00 has a heap-based buffer overflow. CVE project by @Sn0wAlice Create: 2023-01-21 01:55:42 +0000 UTC Push: 2023-01-21 01:55:44 +0000 UTC |

Live-Hack-CVE/CVE-2017-16331 Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authentica CVE project by @Sn0wAlice Create: 2023-01-21 01:55:37 +0000 UTC Push: 2023-01-21 01:55:40 +0000 UTC |

Live-Hack-CVE/CVE-2017-16330 Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authentica CVE project by @Sn0wAlice Create: 2023-01-21 01:55:33 +0000 UTC Push: 2023-01-21 01:55:36 +0000 UTC |

Live-Hack-CVE/CVE-2017-16329 Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authentica CVE project by @Sn0wAlice Create: 2023-01-21 01:55:30 +0000 UTC Push: 2023-01-21 01:55:32 +0000 UTC |

Live-Hack-CVE/CVE-2017-16328 Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authentica CVE project by @Sn0wAlice Create: 2023-01-21 01:55:26 +0000 UTC Push: 2023-01-21 01:55:28 +0000 UTC |

Live-Hack-CVE/CVE-2019-20043 In in wp-includes/rest-api/endpoints/class-wp-rest-posts-controller.php in WordPress 3.7 to 5.3.0, authenticated users who do not have the rights to publish a post are able to mark posts as sticky or unsticky via the REST API. For example, the contributor role does not have such rights, but this allowed them to bypass CVE project by @Sn0wAlice Create: 2023-01-21 01:55:22 +0000 UTC Push: 2023-01-21 01:55:25 +0000 UTC |

Live-Hack-CVE/CVE-2019-9892 An issue was discovered in Open Ticket Request System (OTRS) 5.x through 5.0.34, 6.x through 6.0.17, and 7.x through 7.0.6. An attacker who is logged into OTRS as an agent user with appropriate permissions may try to import carefully crafted Report Statistics XML that will result in reading of arbitrary files on the OT CVE project by @Sn0wAlice Create: 2023-01-21 01:55:19 +0000 UTC Push: 2023-01-21 01:55:21 +0000 UTC |

Live-Hack-CVE/CVE-2019-12497 An issue was discovered in Open Ticket Request System (OTRS) 7.0.x through 7.0.8, Community Edition 6.0.x through 6.0.19, and Community Edition 5.0.x through 5.0.36. In the customer or external frontend, personal information of agents (e.g., Name and mail address) can be disclosed in external notes. CVE project by @Sn0wAlice Create: 2023-01-21 01:55:15 +0000 UTC Push: 2023-01-21 01:55:17 +0000 UTC |

Live-Hack-CVE/CVE-2019-12248 An issue was discovered in Open Ticket Request System (OTRS) 7.0.x through 7.0.7, Community Edition 6.0.x through 6.0.19, and Community Edition 5.0.x through 5.0.36. An attacker could send a malicious email to an OTRS system. If a logged-in agent user quotes it, the email could cause the browser to load external image CVE project by @Sn0wAlice Create: 2023-01-21 01:55:10 +0000 UTC Push: 2023-01-21 01:55:13 +0000 UTC |

Live-Hack-CVE/CVE-2019-14496 LoaderXM::load in LoaderXM.cpp in milkyplay in MilkyTracker 1.02.00 has a stack-based buffer overflow. CVE project by @Sn0wAlice Create: 2023-01-21 01:55:07 +0000 UTC Push: 2023-01-21 01:55:09 +0000 UTC |

Live-Hack-CVE/CVE-2019-19781 An issue was discovered in Citrix Application Delivery Controller (ADC) and Gateway 10.5, 11.1, 12.0, 12.1, and 13.0. They allow Directory Traversal. CVE project by @Sn0wAlice Create: 2023-01-21 01:55:02 +0000 UTC Push: 2023-01-21 01:55:05 +0000 UTC |

Live-Hack-CVE/CVE-2019-20051 A floating-point exception was discovered in PackLinuxElf::elf_hash in p_lx_elf.cpp in UPX 3.95. The vulnerability causes an application crash, which leads to denial of service. CVE project by @Sn0wAlice Create: 2023-01-21 01:54:58 +0000 UTC Push: 2023-01-21 01:55:00 +0000 UTC |

Live-Hack-CVE/CVE-2019-14497 ModuleEditor::convertInstrument in tracker/ModuleEditor.cpp in MilkyTracker 1.02.00 has a heap-based buffer overflow. CVE project by @Sn0wAlice Create: 2023-01-21 01:54:54 +0000 UTC Push: 2023-01-21 01:54:56 +0000 UTC |

Live-Hack-CVE/CVE-2019-12746 An issue was discovered in Open Ticket Request System (OTRS) Community Edition 5.0.x through 5.0.36 and 6.0.x through 6.0.19. A user logged into OTRS as an agent might unknowingly disclose their session ID by sharing the link of an embedded ticket article with third parties. This identifier can be then be potentially a CVE project by @Sn0wAlice Create: 2023-01-21 01:54:50 +0000 UTC Push: 2023-01-21 01:54:53 +0000 UTC |