Live-Hack-CVE/CVE-2022-4636 Black Box KVM Firmware version 3.4.31307 on models ACR1000A-R-R2, ACR1000A-T-R2, ACR1002A-T, ACR1002A-R, and ACR1020A-T is vulnerable to path traversal, which may allow an attacker to steal user credentials and other sensitive information through local file inclusion. CVE project by @Sn0wAlice Create: 2023-01-11 05:58:34 +0000 UTC Push: 2023-01-11 05:58:37 +0000 UTC |

Live-Hack-CVE/CVE-2022-45614 An issue in the /index.php/user/edit_user/ component of Book Store Management System v1.0 allows unauthenticated attackers to retrieve the password hashes of all existing user accounts via a crafted request. CVE project by @Sn0wAlice Create: 2023-01-11 05:58:30 +0000 UTC Push: 2023-01-11 05:58:33 +0000 UTC |

Live-Hack-CVE/CVE-2022-31054 Argo Events is an event-driven workflow automation framework for Kubernetes. Prior to version 1.7.1, several `HandleRoute` endpoints make use of the deprecated `ioutil.ReadAll()`. `ioutil.ReadAll()` reads all the data into memory. As such, an attacker who sends a large request to the Argo Events server will be able to CVE project by @Sn0wAlice Create: 2023-01-11 05:58:19 +0000 UTC Push: 2023-01-11 05:58:23 +0000 UTC |

Live-Hack-CVE/CVE-2022-4780 ISOS firmwares from versions 1.81 to 2.00 contain hardcoded credentials from embedded StreamX installer that integrators are not forced to change. CVE project by @Sn0wAlice Create: 2023-01-11 03:49:06 +0000 UTC Push: 2023-01-11 03:49:09 +0000 UTC |

Live-Hack-CVE/CVE-2022-44441 In wlan driver, there is a possible missing bounds check. This could lead to local denial of service in wlan services. CVE project by @Sn0wAlice Create: 2023-01-11 03:49:00 +0000 UTC Push: 2023-01-11 03:49:01 +0000 UTC |

Live-Hack-CVE/CVE-2022-44442 In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services. CVE project by @Sn0wAlice Create: 2023-01-11 03:48:52 +0000 UTC Push: 2023-01-11 03:48:56 +0000 UTC |

Live-Hack-CVE/CVE-2022-45875 Improper validation of script alert plugin parameters in Apache DolphinScheduler to avoid remote command execution vulnerability. This issue affects Apache DolphinScheduler version 3.0.1 and prior versions; version 3.1.0 and prior versions. CVE project by @Sn0wAlice Create: 2023-01-11 03:48:48 +0000 UTC Push: 2023-01-11 03:48:51 +0000 UTC |

Live-Hack-CVE/CVE-2022-44430 In wlan driver, there is a possible missing bounds check. This could lead to local denial of service in wlan services. CVE project by @Sn0wAlice Create: 2023-01-11 03:48:43 +0000 UTC Push: 2023-01-11 03:48:46 +0000 UTC |

Live-Hack-CVE/CVE-2022-44431 In wlan driver, there is a possible missing bounds check. This could lead to local denial of service in wlan services. CVE project by @Sn0wAlice Create: 2023-01-11 03:48:38 +0000 UTC Push: 2023-01-11 03:48:39 +0000 UTC |

Live-Hack-CVE/CVE-2022-44432 In wlan driver, there is a possible missing bounds check. This could lead to local denial of service in wlan services. CVE project by @Sn0wAlice Create: 2023-01-11 03:48:33 +0000 UTC Push: 2023-01-11 03:48:37 +0000 UTC |

Live-Hack-CVE/CVE-2023-0162 The CPO Companion plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several of its content type settings parameters in versions up to, and including, 1.0.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permiss CVE project by @Sn0wAlice Create: 2023-01-11 03:48:17 +0000 UTC Push: 2023-01-11 03:48:20 +0000 UTC |

patrickhener/CVE-2023-22855 Create: 2023-01-11 02:27:40 +0000 UTC Push: 2023-01-11 02:27:40 +0000 UTC |

viardant/CVE-2021-29447 CVE-2021-29447 - Authenticated XXE Injection - WordPress < 5.7.1 & PHP > 8 Create: 2023-01-11 01:55:19 +0000 UTC Push: 2023-01-11 01:55:19 +0000 UTC |

Live-Hack-CVE/CVE-2021-22600 A double free bug in packet_set_ring() in net/packet/af_packet.c can be exploited by a local user through crafted syscalls to escalate privileges or deny service. We recommend upgrading kernel past the effected versions or rebuilding past ec6af094ea28f0f2dda1a6a33b14cd57e36a9755 CVE project by @Sn0wAlice Create: 2023-01-11 01:35:28 +0000 UTC Push: 2023-01-11 01:35:31 +0000 UTC |

Live-Hack-CVE/CVE-2014-125073 A vulnerability was found in mapoor voteapp. It has been rated as critical. Affected by this issue is the function create_poll/do_poll/show_poll/show_refresh of the file app.py. The manipulation leads to sql injection. The name of the patch is b290c21a0d8bcdbd55db860afd3cadec97388e72. It is recommended to apply a patch CVE project by @Sn0wAlice Create: 2023-01-11 01:35:12 +0000 UTC Push: 2023-01-11 01:35:15 +0000 UTC |

Live-Hack-CVE/CVE-2022-44439 In messaging service, there is a missing permission check. This could lead to local denial of service in contacts service with no additional execution privileges needed. CVE project by @Sn0wAlice Create: 2023-01-11 01:35:06 +0000 UTC Push: 2023-01-11 01:35:10 +0000 UTC |

Live-Hack-CVE/CVE-2022-44438 In messaging service, there is a missing permission check. This could lead to local denial of service in contacts service with no additional execution privileges needed. CVE project by @Sn0wAlice Create: 2023-01-11 01:35:02 +0000 UTC Push: 2023-01-11 01:35:05 +0000 UTC |

Live-Hack-CVE/CVE-2022-44437 In messaging service, there is a missing permission check. This could lead to local denial of service in contacts service with no additional execution privileges needed. CVE project by @Sn0wAlice Create: 2023-01-11 01:34:57 +0000 UTC Push: 2023-01-11 01:35:00 +0000 UTC |

Live-Hack-CVE/CVE-2022-44436 In messaging service, there is a missing permission check. This could lead to local denial of service in contacts service with no additional execution privileges needed. CVE project by @Sn0wAlice Create: 2023-01-11 01:34:52 +0000 UTC Push: 2023-01-11 01:34:55 +0000 UTC |

Live-Hack-CVE/CVE-2022-44435 In messaging service, there is a missing permission check. This could lead to local denial of service in contacts service with no additional execution privileges needed. CVE project by @Sn0wAlice Create: 2023-01-11 01:34:48 +0000 UTC Push: 2023-01-11 01:34:51 +0000 UTC |