rahulpatwari/-CVE-2023-23162 Create: 2023-01-20 19:29:54 +0000 UTC Push: 2023-01-20 19:30:35 +0000 UTC |

rahulpatwari/CVE-2023-23162 Create: 2023-01-20 19:29:54 +0000 UTC Push: 2023-01-20 19:30:35 +0000 UTC |

rahulpatwari/CVE-2023-23161 Create: 2023-01-20 19:28:30 +0000 UTC Push: 2023-01-20 19:29:07 +0000 UTC |

Live-Hack-CVE/CVE-2022-4616 The webserver in Delta DX-3021 versions prior to 1.24 is vulnerable to command injection through the network diagnosis page. This vulnerability could allow a remote unauthenticated user to add files, delete files, and change file permissions. CVE project by @Sn0wAlice Create: 2023-01-20 19:18:46 +0000 UTC Push: 2023-01-20 19:18:49 +0000 UTC |

Live-Hack-CVE/CVE-2022-39186 EXFO - BV-10 Performance Endpoint Unit misconfiguration. System configuration file has misconfigured permissions CVE project by @Sn0wAlice Create: 2023-01-20 19:18:42 +0000 UTC Push: 2023-01-20 19:18:45 +0000 UTC |

Live-Hack-CVE/CVE-2022-3592 A symlink following vulnerability was found in Samba, where a user can create a symbolic link that will make 'smbd' escape the configured share path. This flaw allows a remote user with access to the exported part of the file system under a share via SMB1 unix extensions or NFS to create symlinks to files outside the ' CVE project by @Sn0wAlice Create: 2023-01-20 19:18:35 +0000 UTC Push: 2023-01-20 19:18:38 +0000 UTC |

Live-Hack-CVE/CVE-2023-0227 Insufficient Session Expiration in GitHub repository pyload/pyload prior to 0.5.0b3.dev36. CVE project by @Sn0wAlice Create: 2023-01-20 19:18:31 +0000 UTC Push: 2023-01-20 19:18:34 +0000 UTC |

Live-Hack-CVE/CVE-2022-3437 A heap-based buffer overflow vulnerability was found in Samba within the GSSAPI unwrap_des() and unwrap_des3() routines of Heimdal. The DES and Triple-DES decryption routines in the Heimdal GSSAPI library allow a length-limited write buffer overflow on malloc() allocated memory when presented with a maliciously small p CVE project by @Sn0wAlice Create: 2023-01-20 19:18:27 +0000 UTC Push: 2023-01-20 19:18:30 +0000 UTC |

Live-Hack-CVE/CVE-2023-23691 Dell EMC PV ME5, versions ME5.1.0.0.0 and ME5.1.0.1.0, contains a Client-side desync Vulnerability. An unauthenticated attacker could potentially exploit this vulnerability to force a victim's browser to desynchronize its connection with the website, typically leading to XSS and DoS. CVE project by @Sn0wAlice Create: 2023-01-20 19:18:23 +0000 UTC Push: 2023-01-20 19:18:25 +0000 UTC |

Live-Hack-CVE/CVE-2023-23596 jc21 NGINX Proxy Manager through 2.9.19 allows OS command injection. When creating an access list, the backend builds an htpasswd file with crafted username and/or password input that is concatenated without any validation, and is directly passed to the exec command, potentially allowing an authenticated attacker to ex CVE project by @Sn0wAlice Create: 2023-01-20 19:18:19 +0000 UTC Push: 2023-01-20 19:18:21 +0000 UTC |

Live-Hack-CVE/CVE-2022-40267 Predictable Seed in Pseudo-Random Number Generator (PRNG) vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series FX5U-xMy/z (x=32,64,80, y=T,R, z=ES,DS,ESS,DSS) with serial number 17X**** or later, and versions 1.280 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5U-xMy/z (x=32,64,80, y=T, CVE project by @Sn0wAlice Create: 2023-01-20 19:18:15 +0000 UTC Push: 2023-01-20 19:18:17 +0000 UTC |

Trinadh465/linux-4.1.15_CVE-2022-45934 Create: 2023-01-20 18:03:07 +0000 UTC Push: 2023-01-20 18:03:07 +0000 UTC |

Live-Hack-CVE/CVE-2022-32036 Tenda M3 V1.0.0.12 was discovered to contain multiple stack overflow vulnerabilities via the ssidList, storeName, and trademark parameters in the function formSetStoreWeb. CVE project by @Sn0wAlice Create: 2023-01-20 14:56:48 +0000 UTC Push: 2023-01-20 14:56:51 +0000 UTC |

Live-Hack-CVE/CVE-2015-4003 The oz_usb_handle_ep_data function in drivers/staging/ozwpan/ozusbsvc1.c in the OZWPAN driver in the Linux kernel through 4.0.5 allows remote attackers to cause a denial of service (divide-by-zero error and system crash) via a crafted packet. CVE project by @Sn0wAlice Create: 2023-01-20 14:56:43 +0000 UTC Push: 2023-01-20 14:56:47 +0000 UTC |

Live-Hack-CVE/CVE-2014-9428 The batadv_frag_merge_packets function in net/batman-adv/fragmentation.c in the B.A.T.M.A.N. implementation in the Linux kernel through 3.18.1 uses an incorrect length field during a calculation of an amount of memory, which allows remote attackers to cause a denial of service (mesh-node system crash) via fragmented pa CVE project by @Sn0wAlice Create: 2023-01-20 14:56:39 +0000 UTC Push: 2023-01-20 14:56:42 +0000 UTC |

Live-Hack-CVE/CVE-2016-4153 Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083. CVE project by @Sn0wAlice Create: 2023-01-20 14:56:34 +0000 UTC Push: 2023-01-20 14:56:37 +0000 UTC |

Live-Hack-CVE/CVE-2016-1033 Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1012, CVE-2016-1020, CVE-2016-102 CVE project by @Sn0wAlice Create: 2023-01-20 14:56:30 +0000 UTC Push: 2023-01-20 14:56:33 +0000 UTC |

Live-Hack-CVE/CVE-2016-4154 Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083. CVE project by @Sn0wAlice Create: 2023-01-20 14:56:27 +0000 UTC Push: 2023-01-20 14:56:29 +0000 UTC |

Live-Hack-CVE/CVE-2023-22373 Cross-site scripting vulnerability in CONPROSYS HMI System (CHS) Ver.3.4.5 and earlier allows a remote authenticated attacker to inject an arbitrary script and obtain the sensitive information. CVE project by @Sn0wAlice Create: 2023-01-20 14:56:22 +0000 UTC Push: 2023-01-20 14:56:24 +0000 UTC |

Live-Hack-CVE/CVE-2023-22339 Improper access control vulnerability in CONPROSYS HMI System (CHS) Ver.3.4.5 and earlier allows a remote unauthenticated attacker to bypass access restriction and obtain the server certificate including the private key of the product. CVE project by @Sn0wAlice Create: 2023-01-20 14:56:18 +0000 UTC Push: 2023-01-20 14:56:21 +0000 UTC |