Live-Hack-CVE/CVE-2023-22397 An Allocation of Resources Without Limits or Throttling weakness in the memory management of the Packet Forwarding Engine (PFE) on Juniper Networks Junos OS Evolved PTX10003 Series devices allows an adjacently located attacker who has established certain preconditions and knowledge of the environment to send certain sp CVE project by @Sn0wAlice Create: 2023-01-13 09:45:15 +0000 UTC Push: 2023-01-13 09:45:18 +0000 UTC |

Live-Hack-CVE/CVE-2023-22395 A Missing Release of Memory after Effective Lifetime vulnerability in the kernel of Juniper Networks Junos OS allows an unauthenticated, adjacent attacker to cause a Denial of Service (DoS). In an MPLS scenario specific packets destined to an Integrated Routing and Bridging (irb) interface of the device will cause a bu CVE project by @Sn0wAlice Create: 2023-01-13 09:45:10 +0000 UTC Push: 2023-01-13 09:45:14 +0000 UTC |

Live-Hack-CVE/CVE-2022-41778 Delta Electronics InfraSuite Device Master versions 00.00.01a and prior deserialize user-supplied data provided through the Device-DataCollect service port without proper verification. An attacker could provide malicious serialized objects to execute arbitrary code upon deserialization. CVE project by @Sn0wAlice Create: 2023-01-13 09:45:06 +0000 UTC Push: 2023-01-13 09:45:09 +0000 UTC |

Live-Hack-CVE/CVE-2022-25715 Memory corruption in display driver due to incorrect type casting while accessing the fence structure fields CVE project by @Sn0wAlice Create: 2023-01-13 09:45:02 +0000 UTC Push: 2023-01-13 09:45:03 +0000 UTC |

Live-Hack-CVE/CVE-2022-33299 Transient DOS due to null pointer dereference in Bluetooth HOST while receiving an attribute protocol PDU with zero length data. CVE project by @Sn0wAlice Create: 2023-01-13 07:34:05 +0000 UTC Push: 2023-01-13 07:34:07 +0000 UTC |

Live-Hack-CVE/CVE-2023-22477 Mercurius is a GraphQL adapter for Fastify. Any users of Mercurius until version 10.5.0 are subjected to a denial of service attack by sending a malformed packet over WebSocket to `/graphql`. This issue was patched in #940. As a workaround, users can disable subscriptions. CVE project by @Sn0wAlice Create: 2023-01-13 07:33:58 +0000 UTC Push: 2023-01-13 07:34:03 +0000 UTC |

Live-Hack-CVE/CVE-2022-33290 Transient DOS in Bluetooth HOST due to null pointer dereference when a mismatched argument is passed. CVE project by @Sn0wAlice Create: 2023-01-13 07:33:53 +0000 UTC Push: 2023-01-13 07:33:56 +0000 UTC |

Live-Hack-CVE/CVE-2022-33286 Transient DOS due to buffer over-read in WLAN while processing 802.11 management frames. CVE project by @Sn0wAlice Create: 2023-01-13 07:33:47 +0000 UTC Push: 2023-01-13 07:33:50 +0000 UTC |

Live-Hack-CVE/CVE-2023-0258 A vulnerability was found in SourceCodester Online Food Ordering System 2.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Category List Handler. The manipulation of the argument Reason with the input "><script>prompt(1)</script> leads to cross site scripting. T CVE project by @Sn0wAlice Create: 2023-01-13 07:33:42 +0000 UTC Push: 2023-01-13 07:33:44 +0000 UTC |

Live-Hack-CVE/CVE-2023-0257 A vulnerability was found in SourceCodester Online Food Ordering System 2.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /fos/admin/index.php?page=menu of the component Menu Form. The manipulation of the argument Image with the input <?php system($_GET['c']); CVE project by @Sn0wAlice Create: 2023-01-13 07:33:38 +0000 UTC Push: 2023-01-13 07:33:41 +0000 UTC |

Live-Hack-CVE/CVE-2023-0256 A vulnerability was found in SourceCodester Online Food Ordering System 2.0. It has been classified as critical. Affected is an unknown function of the file /fos/admin/ajax.php?action=login of the component Login Page. The manipulation of the argument Username leads to sql injection. It is possible to launch the attack CVE project by @Sn0wAlice Create: 2023-01-13 07:33:33 +0000 UTC Push: 2023-01-13 07:33:36 +0000 UTC |

Live-Hack-CVE/CVE-2022-47102 A cross-site scripting (XSS) vulnerability in Student Study Center Management System V 1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the name parameter. CVE project by @Sn0wAlice Create: 2023-01-13 07:33:28 +0000 UTC Push: 2023-01-13 07:33:32 +0000 UTC |

Live-Hack-CVE/CVE-2022-46623 Judging Management System v1.0.0 was discovered to contain a SQL injection vulnerability via the username parameter. CVE project by @Sn0wAlice Create: 2023-01-13 07:33:24 +0000 UTC Push: 2023-01-13 07:33:27 +0000 UTC |

Live-Hack-CVE/CVE-2022-46622 A cross-site scripting (XSS) vulnerability in Judging Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the firstname parameter. CVE project by @Sn0wAlice Create: 2023-01-13 07:33:19 +0000 UTC Push: 2023-01-13 07:33:22 +0000 UTC |

Live-Hack-CVE/CVE-2022-45729 A cross-site scripting (XSS) vulnerability in Doctor Appointment Management System v1.0.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Employee ID parameter. CVE project by @Sn0wAlice Create: 2023-01-13 07:33:15 +0000 UTC Push: 2023-01-13 07:33:18 +0000 UTC |

Live-Hack-CVE/CVE-2022-45728 Doctor Appointment Management System v1.0.0 was discovered to contain a cross-site scripting (XSS) vulnerability. CVE project by @Sn0wAlice Create: 2023-01-13 07:33:11 +0000 UTC Push: 2023-01-13 07:33:14 +0000 UTC |

Live-Hack-CVE/CVE-2017-5242 Nexpose and InsightVM virtual appliances downloaded between April 5th, 2017 and May 3rd, 2017 contain identical SSH host keys. Normally, a unique SSH host key should be generated the first time a virtual appliance boots. CVE project by @Sn0wAlice Create: 2023-01-13 07:33:06 +0000 UTC Push: 2023-01-13 07:33:09 +0000 UTC |

Live-Hack-CVE/CVE-2022-33283 Information disclosure due to buffer over-read in WLAN while WLAN frame parsing due to missing frame length check. CVE project by @Sn0wAlice Create: 2023-01-13 07:32:57 +0000 UTC Push: 2023-01-13 07:33:01 +0000 UTC |

Live-Hack-CVE/CVE-2022-33284 Information disclosure due to buffer over-read in WLAN while parsing BTM action frame. CVE project by @Sn0wAlice Create: 2023-01-13 07:32:53 +0000 UTC Push: 2023-01-13 07:32:56 +0000 UTC |

Live-Hack-CVE/CVE-2023-22488 Flarum is a forum software for building communities. Using the notifications feature, one can read restricted/private content and bypass access checks that would be in place for such content. The notification-sending component does not check that the subject of the notification can be seen by the receiver, and proceeds CVE project by @Sn0wAlice Create: 2023-01-13 05:21:25 +0000 UTC Push: 2023-01-13 05:21:27 +0000 UTC |