Live-Hack-CVE/CVE-2016-6926 Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4272, CVE-2016-4279, CVE-2016-6921, CVE-2016-6923, CVE project by @Sn0wAlice Create: 2023-01-19 14:38:00 +0000 UTC Push: 2023-01-19 14:38:03 +0000 UTC |

Live-Hack-CVE/CVE-2016-6927 Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4272, CVE-2016-4279, CVE-2016-6921, CVE-2016-6923, CVE project by @Sn0wAlice Create: 2023-01-19 14:37:56 +0000 UTC Push: 2023-01-19 14:37:59 +0000 UTC |

Live-Hack-CVE/CVE-2022-27223 In drivers/usb/gadget/udc/udc-xilinx.c in the Linux kernel before 5.16.12, the endpoint index is not validated and might be manipulated by the host for out-of-array access. CVE project by @Sn0wAlice Create: 2023-01-19 14:37:51 +0000 UTC Push: 2023-01-19 14:37:54 +0000 UTC |

Live-Hack-CVE/CVE-2021-40052 There is an incorrect buffer size calculation vulnerability in the video framework.Successful exploitation of this vulnerability may affect availability. CVE project by @Sn0wAlice Create: 2023-01-19 14:37:45 +0000 UTC Push: 2023-01-19 14:37:47 +0000 UTC |

Live-Hack-CVE/CVE-2022-0544 An integer underflow in the DDS loader of Blender leads to an out-of-bounds read, possibly allowing an attacker to read sensitive data using a crafted DDS image file. This flaw affects Blender versions prior to 2.83.19, 2.93.8 and 3.1. CVE project by @Sn0wAlice Create: 2023-01-19 14:37:40 +0000 UTC Push: 2023-01-19 14:37:42 +0000 UTC |

SpiralBL0CK/CVE-2022-37332-RCE- CURRENTLY UNDER WORK... ALL I NEED TO IMPLEMENT IS JIT SPRAYING ..... Create: 2023-01-19 10:41:54 +0000 UTC Push: 2023-01-19 10:41:54 +0000 UTC |

Live-Hack-CVE/CVE-2022-43393 An improper check for unusual or exceptional conditions in the HTTP request processing function of Zyxel GS1920-24v2 firmware prior to V4.70(ABMH.8)C0, which could allow an unauthenticated attacker to corrupt the contents of the memory and result in a denial-of-service (DoS) condition on a vulnerable device. CVE project by @Sn0wAlice Create: 2023-01-19 10:09:58 +0000 UTC Push: 2023-01-19 10:10:01 +0000 UTC |

Live-Hack-CVE/CVE-2022-43391 A buffer overflow vulnerability in the parameter of the CGI program in Zyxel NR7101 firmware prior to V1.15(ACCC.3)C0, which could allow an authenticated attacker to cause denial-of-service (DoS) conditions by sending a crafted HTTP request. CVE project by @Sn0wAlice Create: 2023-01-19 10:09:52 +0000 UTC Push: 2023-01-19 10:09:55 +0000 UTC |

Live-Hack-CVE/CVE-2023-0242 Rapid7 Velociraptor allows users to be created with different privileges on the server. Administrators are generally allowed to run any command on the server including writing arbitrary files. However, lower privilege users are generally forbidden from writing or modifying files on the server. The VQL copy() function a CVE project by @Sn0wAlice Create: 2023-01-19 10:09:43 +0000 UTC Push: 2023-01-19 10:09:46 +0000 UTC |

Live-Hack-CVE/CVE-2022-45928 A remote OScript execution issue was discovered in OpenText Content Suite Platform 22.1 (16.2.19.1803). Multiple endpoints allow the user to pass the parameter htmlFile, which is included in the HTML output rendering pipeline of a request. Because the Content Server evaluates and executes Oscript code in HTML files, it CVE project by @Sn0wAlice Create: 2023-01-19 10:09:39 +0000 UTC Push: 2023-01-19 10:09:42 +0000 UTC |

Live-Hack-CVE/CVE-2022-45926 An issue was discovered in OpenText Content Suite Platform 22.1 (16.2.19.1803). The endpoint notify.localizeEmailTemplate allows a low-privilege user to evaluate webreports. CVE project by @Sn0wAlice Create: 2023-01-19 10:09:35 +0000 UTC Push: 2023-01-19 10:09:38 +0000 UTC |

Live-Hack-CVE/CVE-2022-45925 An issue was discovered in OpenText Content Suite Platform 22.1 (16.2.19.1803). The action xmlexport accepts the parameter requestContext. If this parameter is present, the response includes most of the HTTP headers sent to the server and some of the CGI variables like remote_adde and server_name, which is an informati CVE project by @Sn0wAlice Create: 2023-01-19 10:09:31 +0000 UTC Push: 2023-01-19 10:09:33 +0000 UTC |

Live-Hack-CVE/CVE-2022-45924 An issue was discovered in OpenText Content Suite Platform 22.1 (16.2.19.1803). The endpoint itemtemplate.createtemplate2 allows a low-privilege user to delete arbitrary files on the server's local filesystem. CVE project by @Sn0wAlice Create: 2023-01-19 10:09:27 +0000 UTC Push: 2023-01-19 10:09:29 +0000 UTC |

Live-Hack-CVE/CVE-2022-45922 An issue was discovered in OpenText Content Suite Platform 22.1 (16.2.19.1803). The request handler for ll.KeepAliveSession sets a valid AdminPwd cookie even when the Web Admin password was not entered. This allows access to endpoints, which require a valid AdminPwd cookie, without knowing the password. CVE project by @Sn0wAlice Create: 2023-01-19 10:09:23 +0000 UTC Push: 2023-01-19 10:09:26 +0000 UTC |

Live-Hack-CVE/CVE-2021-43113 iTextPDF in iText 7 and up to 7.1.17 allows command injection via a CompareTool filename that is mishandled on the gs (aka Ghostscript) command line in GhostscriptHelper.java. CVE project by @Sn0wAlice Create: 2023-01-19 10:09:17 +0000 UTC Push: 2023-01-19 10:09:20 +0000 UTC |

Live-Hack-CVE/CVE-2023-22809 In Sudo before 1.9.12p2, the sudoedit (aka -e) feature mishandles extra arguments passed in the user-provided environment variables (SUDO_EDITOR, VISUAL, and EDITOR), allowing a local attacker to append arbitrary entries to the list of files to process. This can lead to privilege escalation. Affected versions are 1.8.0 CVE project by @Sn0wAlice Create: 2023-01-19 10:09:12 +0000 UTC Push: 2023-01-19 10:09:15 +0000 UTC |

Live-Hack-CVE/CVE-2022-3085 Fuji Electric Tellus Lite V-Simulator versions 4.0.12.0 and prior are vulnerable to a stack-based buffer overflow which may allow an attacker to execute arbitrary code. CVE project by @Sn0wAlice Create: 2023-01-19 10:09:08 +0000 UTC Push: 2023-01-19 10:09:11 +0000 UTC |

Live-Hack-CVE/CVE-2017-16274 Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authentica CVE project by @Sn0wAlice Create: 2023-01-19 10:09:03 +0000 UTC Push: 2023-01-19 10:09:06 +0000 UTC |

Live-Hack-CVE/CVE-2010-10009 A vulnerability was found in frioux ptome. It has been rated as critical. This issue affects some unknown processing. The manipulation leads to sql injection. The name of the patch is 26829bba67858ca0bd4ce49ad50e7ce653914276. It is recommended to apply a patch to fix this issue. The associated identifier of this vulner CVE project by @Sn0wAlice Create: 2023-01-19 07:58:41 +0000 UTC Push: 2023-01-19 07:58:43 +0000 UTC |

Live-Hack-CVE/CVE-2023-21776 Windows Kernel Information Disclosure Vulnerability. CVE project by @Sn0wAlice Create: 2023-01-19 07:58:37 +0000 UTC Push: 2023-01-19 07:58:40 +0000 UTC |