Live-Hack-CVE/CVE-2021-4200 A Improper Privilege Management vulnerability in SUSE Rancher allows write access to the Catalog for any user when restricted-admin role is enabled. This issue affects: SUSE Rancher Rancher versions prior to 2.5.13; Rancher versions prior to 2.6.4. CVE project by @Sn0wAlice Create: 2023-01-19 00:16:35 +0000 UTC Push: 2023-01-19 00:16:38 +0000 UTC |

Live-Hack-CVE/CVE-2023-21732 Microsoft ODBC Driver Remote Code Execution Vulnerability. CVE project by @Sn0wAlice Create: 2023-01-19 00:16:30 +0000 UTC Push: 2023-01-19 00:16:33 +0000 UTC |

Live-Hack-CVE/CVE-2023-21733 Windows Bind Filter Driver Elevation of Privilege Vulnerability. CVE project by @Sn0wAlice Create: 2023-01-19 00:16:26 +0000 UTC Push: 2023-01-19 00:16:29 +0000 UTC |

Live-Hack-CVE/CVE-2023-21728 Windows Netlogon Denial of Service Vulnerability. CVE project by @Sn0wAlice Create: 2023-01-19 00:16:21 +0000 UTC Push: 2023-01-19 00:16:24 +0000 UTC |

Live-Hack-CVE/CVE-2023-0214 A cross-site scripting vulnerability in Skyhigh SWG in main releases 11.x prior to 11.2.6, 10.x prior to 10.2.17, and controlled release 12.x prior to 12.0.1 allows a remote attacker to craft SWG-specific internal requests with URL paths to any third-party website, causing arbitrary content to be injected into the resp CVE project by @Sn0wAlice Create: 2023-01-18 22:02:51 +0000 UTC Push: 2023-01-18 22:02:53 +0000 UTC |

Live-Hack-CVE/CVE-2022-34457 Dell command configuration, version 4.8 and prior, contains improper folder permission when installed not to default path but to non-secured path which leads to privilege escalation. This is critical severity vulnerability as it allows non-admin to modify the files inside installed directory and able to make applicatio CVE project by @Sn0wAlice Create: 2023-01-18 22:02:46 +0000 UTC Push: 2023-01-18 22:02:49 +0000 UTC |

Live-Hack-CVE/CVE-2022-34436 Dell iDRAC8 version 2.83.83.83 and prior contain an improper input validation vulnerability in Racadm when the firmware lock-down configuration is set. A remote high privileged attacker could exploit this vulnerability to bypass the firmware lock-down configuration and perform a firmware update. CVE project by @Sn0wAlice Create: 2023-01-18 22:02:41 +0000 UTC Push: 2023-01-18 22:02:44 +0000 UTC |

Live-Hack-CVE/CVE-2022-34435 Dell iDRAC9 version 6.00.02.00 and prior contain an improper input validation vulnerability in Racadm when the firmware lock-down configuration is set. A remote high privileged attacker could exploit this vulnerability to bypass the firmware lock-down configuration and perform a firmware update. CVE project by @Sn0wAlice Create: 2023-01-18 22:02:37 +0000 UTC Push: 2023-01-18 22:02:40 +0000 UTC |

Live-Hack-CVE/CVE-2022-34399 Dell Alienware m17 R5 BIOS version prior to 1.2.2 contain a buffer access vulnerability. A malicious user with admin privileges could potentially exploit this vulnerability by sending input larger than expected in order to leak certain sections of SMRAM. CVE project by @Sn0wAlice Create: 2023-01-18 22:02:32 +0000 UTC Push: 2023-01-18 22:02:36 +0000 UTC |

Live-Hack-CVE/CVE-2022-34460 Prior Dell BIOS versions contain an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM. CVE project by @Sn0wAlice Create: 2023-01-18 19:52:29 +0000 UTC Push: 2023-01-18 19:52:31 +0000 UTC |

Live-Hack-CVE/CVE-2022-34456 Dell EMC Metro node, Version(s) prior to 7.1, contain a Code Injection Vulnerability. An authenticated nonprivileged attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the application. CVE project by @Sn0wAlice Create: 2023-01-18 19:52:25 +0000 UTC Push: 2023-01-18 19:52:28 +0000 UTC |

Live-Hack-CVE/CVE-2022-34401 Dell BIOS contains a stack based buffer overflow vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to send larger than expected input to a parameter in order to gain arbitrary code execution in SMRAM. CVE project by @Sn0wAlice Create: 2023-01-18 19:52:21 +0000 UTC Push: 2023-01-18 19:52:24 +0000 UTC |

Live-Hack-CVE/CVE-2022-34393 Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM. CVE project by @Sn0wAlice Create: 2023-01-18 19:52:17 +0000 UTC Push: 2023-01-18 19:52:19 +0000 UTC |

Live-Hack-CVE/CVE-2022-32490 Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM. CVE project by @Sn0wAlice Create: 2023-01-18 19:52:12 +0000 UTC Push: 2023-01-18 19:52:15 +0000 UTC |

Live-Hack-CVE/CVE-2010-10007 ** UNSUPPPORTED WHEN ASSIGNED **** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in lierdakil click-reminder. It has been rated as critical. This issue affects the function db_query of the file src/backend/include/BaseAction.php. The manipulation leads to sql injection. The name of the patch is 41213b660e8eb01 CVE project by @Sn0wAlice Create: 2023-01-18 19:52:08 +0000 UTC Push: 2023-01-18 19:52:11 +0000 UTC |

Live-Hack-CVE/CVE-2022-34462 Dell EMC SCG Policy Manager, versions from 5.10 to 5.12, contain(s) a Hard-coded Password Vulnerability. An attacker, with the knowledge of the hard-coded credentials, could potentially exploit this vulnerability to login to the system to gain admin privileges. CVE project by @Sn0wAlice Create: 2023-01-18 19:52:03 +0000 UTC Push: 2023-01-18 19:52:07 +0000 UTC |

Live-Hack-CVE/CVE-2022-34442 Dell EMC SCG Policy Manager, versions from 5.10 to 5.12, contain(s) a contain a Hard-coded Cryptographic Key vulnerability. An attacker with the knowledge of the hard-coded sensitive information, could potentially exploit this vulnerability to login to the system to gain LDAP user privileges. CVE project by @Sn0wAlice Create: 2023-01-18 19:51:59 +0000 UTC Push: 2023-01-18 19:52:02 +0000 UTC |

Live-Hack-CVE/CVE-2020-36654 A vulnerability classified as problematic has been found in GENI Portal. This affects the function no_invocation_id_error of the file portal/www/portal/sliceresource.php. The manipulation of the argument invocation_id/invocation_user leads to cross site scripting. It is possible to initiate the attack remotely. The nam CVE project by @Sn0wAlice Create: 2023-01-18 19:51:54 +0000 UTC Push: 2023-01-18 19:51:57 +0000 UTC |

Live-Hack-CVE/CVE-2020-36653 A vulnerability was found in GENI Portal. It has been rated as problematic. Affected by this issue is some unknown functionality of the file portal/www/portal/error-text.php. The manipulation of the argument error leads to cross site scripting. The attack may be launched remotely. The name of the patch is c2356cc412605 CVE project by @Sn0wAlice Create: 2023-01-18 19:51:50 +0000 UTC Push: 2023-01-18 19:51:53 +0000 UTC |

Live-Hack-CVE/CVE-2015-10068 A vulnerability classified as critical was found in danynab movify-j. This vulnerability affects the function getByMovieId of the file app/business/impl/ReviewServiceImpl.java. The manipulation of the argument movieId/username leads to sql injection. The name of the patch is c3085e01936a4d7eff1eda3093f25d56cc4d2ec5. It CVE project by @Sn0wAlice Create: 2023-01-18 19:51:46 +0000 UTC Push: 2023-01-18 19:51:49 +0000 UTC |