Live-Hack-CVE/CVE-2023-21680 Windows Win32k Elevation of Privilege Vulnerability. CVE project by @Sn0wAlice Create: 2023-01-18 05:25:53 +0000 UTC Push: 2023-01-18 05:25:56 +0000 UTC |

Live-Hack-CVE/CVE-2023-21681 Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability. CVE project by @Sn0wAlice Create: 2023-01-18 05:25:48 +0000 UTC Push: 2023-01-18 05:25:51 +0000 UTC |

Live-Hack-CVE/CVE-2022-0614 Use of Out-of-range Pointer Offset in Homebrew mruby prior to 3.2. CVE project by @Sn0wAlice Create: 2023-01-18 05:25:43 +0000 UTC Push: 2023-01-18 05:25:47 +0000 UTC |

Live-Hack-CVE/CVE-2022-1201 NULL Pointer Dereference in mrb_vm_exec with super in GitHub repository mruby/mruby prior to 3.2. This vulnerability is capable of making the mruby interpreter crash, thus affecting the availability of the system. CVE project by @Sn0wAlice Create: 2023-01-18 05:25:39 +0000 UTC Push: 2023-01-18 05:25:42 +0000 UTC |

Live-Hack-CVE/CVE-2022-1427 Out-of-bounds Read in mrb_obj_is_kind_of in in GitHub repository mruby/mruby prior to 3.2. # Impact: Possible arbitrary code execution if being exploited. CVE project by @Sn0wAlice Create: 2023-01-18 05:25:34 +0000 UTC Push: 2023-01-18 05:25:38 +0000 UTC |

bryanster/ioc-cve-2022-42475 Create: 2023-01-18 04:11:04 +0000 UTC Push: 2023-01-18 04:11:06 +0000 UTC |

dolby360/CVE-2022-27518_POC A POC on how to exploit CVE-2022-27518 Create: 2023-01-18 03:40:04 +0000 UTC Push: 2023-01-18 03:40:05 +0000 UTC |

Live-Hack-CVE/CVE-2023-21555 Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2023-21543, CVE-2023-21546, CVE-2023-21556, CVE-2023-21679. CVE project by @Sn0wAlice Create: 2023-01-18 03:15:39 +0000 UTC Push: 2023-01-18 03:15:43 +0000 UTC |

Live-Hack-CVE/CVE-2022-4121 In libetpan a null pointer dereference in mailimap_mailbox_data_status_free in low-level/imap/mailimap_types.c was found that could lead to a remote denial of service or other potential consequences. CVE project by @Sn0wAlice Create: 2023-01-18 03:15:21 +0000 UTC Push: 2023-01-18 03:15:24 +0000 UTC |

Live-Hack-CVE/CVE-2022-41861 A flaw was found in freeradius. A malicious RADIUS client or home server can send a malformed abinary attribute which can cause the server to crash. CVE project by @Sn0wAlice Create: 2023-01-18 03:15:16 +0000 UTC Push: 2023-01-18 03:15:19 +0000 UTC |

Live-Hack-CVE/CVE-2022-41860 In freeradius, when an EAP-SIM supplicant sends an unknown SIM option, the server will try to look that option up in the internal dictionaries. This lookup will fail, but the SIM code will not check for that failure. Instead, it will dereference a NULL pointer, and cause the server to crash. CVE project by @Sn0wAlice Create: 2023-01-18 03:15:12 +0000 UTC Push: 2023-01-18 03:15:15 +0000 UTC |

Live-Hack-CVE/CVE-2022-41859 In freeradius, the EAP-PWD function compute_password_element() leaks information about the password which allows an attacker to substantially reduce the size of an offline dictionary attack. CVE project by @Sn0wAlice Create: 2023-01-18 03:15:08 +0000 UTC Push: 2023-01-18 03:15:10 +0000 UTC |

Live-Hack-CVE/CVE-2022-41858 A flaw was found in the Linux kernel. A NULL pointer dereference may occur while a slip driver is in progress to detach in sl_tx_timeout in drivers/net/slip/slip.c. This issue could allow an attacker to crash the system or leak internal kernel information. CVE project by @Sn0wAlice Create: 2023-01-18 03:15:03 +0000 UTC Push: 2023-01-18 03:15:06 +0000 UTC |

Live-Hack-CVE/CVE-2018-14628 An information leak vulnerability was discovered in Samba's LDAP server. Due to missing access control checks, an authenticated but unprivileged attacker could discover the names and preserved attributes of deleted objects in the LDAP store. CVE project by @Sn0wAlice Create: 2023-01-18 03:14:59 +0000 UTC Push: 2023-01-18 03:15:02 +0000 UTC |

Live-Hack-CVE/CVE-2023-0158 NLnet Labs Krill supports direct access to the RRDP repository content through its built-in web server at the "/rrdp" endpoint. Prior to 0.12.1 a direct query for any existing directory under "/rrdp/", rather than an RRDP file such as "/rrdp/notification.xml" as would be expected, causes Krill to crash. If the built-in CVE project by @Sn0wAlice Create: 2023-01-18 03:14:54 +0000 UTC Push: 2023-01-18 03:14:57 +0000 UTC |

Live-Hack-CVE/CVE-2022-4621 Panasonic Sanyo CCTV Network Cameras versions 1.02-05 and 2.03-0x are vulnerable to CSRFs that can be exploited to allow an attacker to perform changes with administrator level privileges. CVE project by @Sn0wAlice Create: 2023-01-18 03:14:50 +0000 UTC Push: 2023-01-18 03:14:53 +0000 UTC |

Live-Hack-CVE/CVE-2022-3091 RONDS EPM version 1.19.5 has a vulnerability in which a function could allow unauthenticated users to leak credentials. In some circumstances, an attacker can exploit this vulnerability to execute operating system (OS) commands. CVE project by @Sn0wAlice Create: 2023-01-18 03:14:46 +0000 UTC Push: 2023-01-18 03:14:49 +0000 UTC |

Live-Hack-CVE/CVE-2022-2893 RONDS EPM version 1.19.5 does not properly validate the filename parameter, which could allow an unauthorized user to specify file paths and download files. CVE project by @Sn0wAlice Create: 2023-01-18 03:14:41 +0000 UTC Push: 2023-01-18 03:14:44 +0000 UTC |

Live-Hack-CVE/CVE-2023-0338 Cross-site Scripting (XSS) - Reflected in GitHub repository lirantal/daloradius prior to master-branch. CVE project by @Sn0wAlice Create: 2023-01-18 02:06:46 +0000 UTC Push: 2023-01-18 02:06:50 +0000 UTC |

Live-Hack-CVE/CVE-2023-0337 Cross-site Scripting (XSS) - Reflected in GitHub repository lirantal/daloradius prior to master-branch. CVE project by @Sn0wAlice Create: 2023-01-18 02:06:42 +0000 UTC Push: 2023-01-18 02:06:45 +0000 UTC |