Live-Hack-CVE/CVE-2022-42435 IBM Business Automation Workflow 18.0.0, 18.0.1, 18.0.2, 19.0.1, 19.0.2, 19.0.3, 20.0.1, 20.0.2, 20.0.3, 21.0.1, 21.0.2, 21.0.3, and 22.0.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force CVE project by @Sn0wAlice Create: 2023-01-04 10:16:53 +0000 UTC Push: 2023-01-04 10:16:56 +0000 UTC |

fastmo/CVE-2022-28672 CVE-2022-28672 Vulnerabilidad Foxit PDF Reader - UaF - RCE - JIT Spraying Create: 2023-01-04 09:39:04 +0000 UTC Push: 2023-01-04 09:39:04 +0000 UTC |

Live-Hack-CVE/CVE-2022-32653 In mtk-aie, there is a possible use after free due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07262518; Issue ID: ALPS07262518. CVE project by @Sn0wAlice Create: 2023-01-04 08:08:38 +0000 UTC Push: 2023-01-04 08:08:41 +0000 UTC |

Live-Hack-CVE/CVE-2022-32652 In mtk-aie, there is a possible use after free due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07262617; Issue ID: ALPS07262617. CVE project by @Sn0wAlice Create: 2023-01-04 08:08:34 +0000 UTC Push: 2023-01-04 08:08:36 +0000 UTC |

Live-Hack-CVE/CVE-2022-32651 In mtk-aie, there is a possible use after free due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07225857; Issue ID: ALPS07225857. CVE project by @Sn0wAlice Create: 2023-01-04 08:08:30 +0000 UTC Push: 2023-01-04 08:08:31 +0000 UTC |

Live-Hack-CVE/CVE-2022-32650 In mtk-isp, there is a possible use after free due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07225853; Issue ID: ALPS07225853. CVE project by @Sn0wAlice Create: 2023-01-04 08:08:26 +0000 UTC Push: 2023-01-04 08:08:29 +0000 UTC |

Live-Hack-CVE/CVE-2022-32649 In jpeg, there is a possible use after free due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07225840; Issue ID: ALPS07225840. CVE project by @Sn0wAlice Create: 2023-01-04 08:08:21 +0000 UTC Push: 2023-01-04 08:08:24 +0000 UTC |

Live-Hack-CVE/CVE-2022-32648 In disp, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06535964; Issue ID: ALPS06535964. CVE project by @Sn0wAlice Create: 2023-01-04 08:08:17 +0000 UTC Push: 2023-01-04 08:08:20 +0000 UTC |

Live-Hack-CVE/CVE-2022-32647 In ccu, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07554646; Issue ID: ALPS07554646. CVE project by @Sn0wAlice Create: 2023-01-04 08:08:13 +0000 UTC Push: 2023-01-04 08:08:16 +0000 UTC |

Live-Hack-CVE/CVE-2022-32646 In gpu drm, there is a possible stack overflow due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07363501; Issue ID: ALPS07363501. CVE project by @Sn0wAlice Create: 2023-01-04 08:08:09 +0000 UTC Push: 2023-01-04 08:08:12 +0000 UTC |

Live-Hack-CVE/CVE-2022-32645 In vow, there is a possible information disclosure due to a race condition. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07494477; Issue ID: ALPS07494477. CVE project by @Sn0wAlice Create: 2023-01-04 08:08:05 +0000 UTC Push: 2023-01-04 08:08:08 +0000 UTC |

Live-Hack-CVE/CVE-2022-32644 In vow, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07494473; Issue ID: ALPS07494473. CVE project by @Sn0wAlice Create: 2023-01-04 08:08:00 +0000 UTC Push: 2023-01-04 08:08:04 +0000 UTC |

Live-Hack-CVE/CVE-2022-32641 In meta wifi, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07453594; Issue ID: ALPS07453594. CVE project by @Sn0wAlice Create: 2023-01-04 08:07:56 +0000 UTC Push: 2023-01-04 08:07:59 +0000 UTC |

Live-Hack-CVE/CVE-2022-32640 In meta wifi, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07441652; Issue ID: ALPS07441652. CVE project by @Sn0wAlice Create: 2023-01-04 08:07:51 +0000 UTC Push: 2023-01-04 08:07:55 +0000 UTC |

Live-Hack-CVE/CVE-2022-32639 In watchdog, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07494487; Issue ID: ALPS07494487. CVE project by @Sn0wAlice Create: 2023-01-04 08:07:47 +0000 UTC Push: 2023-01-04 08:07:50 +0000 UTC |

Live-Hack-CVE/CVE-2022-32638 In isp, there is a possible out of bounds write due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07494449; Issue ID: ALPS07494449. CVE project by @Sn0wAlice Create: 2023-01-04 08:07:42 +0000 UTC Push: 2023-01-04 08:07:46 +0000 UTC |

Live-Hack-CVE/CVE-2022-32637 In hevc decoder, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07491374; Issue ID: ALPS07491374. CVE project by @Sn0wAlice Create: 2023-01-04 08:07:37 +0000 UTC Push: 2023-01-04 08:07:40 +0000 UTC |

Live-Hack-CVE/CVE-2022-32636 In keyinstall, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07510064; Issue ID: ALPS07510064. CVE project by @Sn0wAlice Create: 2023-01-04 08:07:33 +0000 UTC Push: 2023-01-04 08:07:36 +0000 UTC |

Live-Hack-CVE/CVE-2022-32635 In gps, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07573237; Issue ID: ALPS07573237. CVE project by @Sn0wAlice Create: 2023-01-04 08:07:29 +0000 UTC Push: 2023-01-04 08:07:32 +0000 UTC |

Live-Hack-CVE/CVE-2022-32623 In mdp, there is a possible out of bounds write due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07342114; Issue ID: ALPS07342114. CVE project by @Sn0wAlice Create: 2023-01-04 08:07:24 +0000 UTC Push: 2023-01-04 08:07:27 +0000 UTC |