Live-Hack-CVE/CVE-2023-21771 Windows Local Session Manager (LSM) Elevation of Privilege Vulnerability. CVE project by @Sn0wAlice Create: 2023-01-19 00:16:49 +0000 UTC Push: 2023-01-19 00:16:53 +0000 UTC |

Live-Hack-CVE/CVE-2022-21946 A Improper Privilege Management vulnerability in the sudoers configuration in cscreen of openSUSE Factory allows any local users to gain the privileges of the tty and dialout groups and access and manipulate any running cscreen seesion. This issue affects: openSUSE Factory cscreen version 1.2-1.3 and prior versions. CVE project by @Sn0wAlice Create: 2023-01-19 00:16:45 +0000 UTC Push: 2023-01-19 00:16:48 +0000 UTC |

Live-Hack-CVE/CVE-2022-45165 An issue was discovered in Archibus Web Central 2022.03.01.107. A service exposed by the application accepts a user-controlled parameter that is used to create an SQL query. It causes this service to be prone to SQL injection. CVE project by @Sn0wAlice Create: 2023-01-19 00:16:40 +0000 UTC Push: 2023-01-19 00:16:43 +0000 UTC |

Live-Hack-CVE/CVE-2021-4200 A Improper Privilege Management vulnerability in SUSE Rancher allows write access to the Catalog for any user when restricted-admin role is enabled. This issue affects: SUSE Rancher Rancher versions prior to 2.5.13; Rancher versions prior to 2.6.4. CVE project by @Sn0wAlice Create: 2023-01-19 00:16:35 +0000 UTC Push: 2023-01-19 00:16:38 +0000 UTC |

Live-Hack-CVE/CVE-2023-21732 Microsoft ODBC Driver Remote Code Execution Vulnerability. CVE project by @Sn0wAlice Create: 2023-01-19 00:16:30 +0000 UTC Push: 2023-01-19 00:16:33 +0000 UTC |

Live-Hack-CVE/CVE-2023-21733 Windows Bind Filter Driver Elevation of Privilege Vulnerability. CVE project by @Sn0wAlice Create: 2023-01-19 00:16:26 +0000 UTC Push: 2023-01-19 00:16:29 +0000 UTC |

Live-Hack-CVE/CVE-2023-21728 Windows Netlogon Denial of Service Vulnerability. CVE project by @Sn0wAlice Create: 2023-01-19 00:16:21 +0000 UTC Push: 2023-01-19 00:16:24 +0000 UTC |

Live-Hack-CVE/CVE-2023-0214 A cross-site scripting vulnerability in Skyhigh SWG in main releases 11.x prior to 11.2.6, 10.x prior to 10.2.17, and controlled release 12.x prior to 12.0.1 allows a remote attacker to craft SWG-specific internal requests with URL paths to any third-party website, causing arbitrary content to be injected into the resp CVE project by @Sn0wAlice Create: 2023-01-18 22:02:51 +0000 UTC Push: 2023-01-18 22:02:53 +0000 UTC |

Live-Hack-CVE/CVE-2022-34457 Dell command configuration, version 4.8 and prior, contains improper folder permission when installed not to default path but to non-secured path which leads to privilege escalation. This is critical severity vulnerability as it allows non-admin to modify the files inside installed directory and able to make applicatio CVE project by @Sn0wAlice Create: 2023-01-18 22:02:46 +0000 UTC Push: 2023-01-18 22:02:49 +0000 UTC |

Live-Hack-CVE/CVE-2022-34436 Dell iDRAC8 version 2.83.83.83 and prior contain an improper input validation vulnerability in Racadm when the firmware lock-down configuration is set. A remote high privileged attacker could exploit this vulnerability to bypass the firmware lock-down configuration and perform a firmware update. CVE project by @Sn0wAlice Create: 2023-01-18 22:02:41 +0000 UTC Push: 2023-01-18 22:02:44 +0000 UTC |

Live-Hack-CVE/CVE-2022-34435 Dell iDRAC9 version 6.00.02.00 and prior contain an improper input validation vulnerability in Racadm when the firmware lock-down configuration is set. A remote high privileged attacker could exploit this vulnerability to bypass the firmware lock-down configuration and perform a firmware update. CVE project by @Sn0wAlice Create: 2023-01-18 22:02:37 +0000 UTC Push: 2023-01-18 22:02:40 +0000 UTC |

Live-Hack-CVE/CVE-2022-34399 Dell Alienware m17 R5 BIOS version prior to 1.2.2 contain a buffer access vulnerability. A malicious user with admin privileges could potentially exploit this vulnerability by sending input larger than expected in order to leak certain sections of SMRAM. CVE project by @Sn0wAlice Create: 2023-01-18 22:02:32 +0000 UTC Push: 2023-01-18 22:02:36 +0000 UTC |

Live-Hack-CVE/CVE-2022-34460 Prior Dell BIOS versions contain an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM. CVE project by @Sn0wAlice Create: 2023-01-18 19:52:29 +0000 UTC Push: 2023-01-18 19:52:31 +0000 UTC |

Live-Hack-CVE/CVE-2022-34456 Dell EMC Metro node, Version(s) prior to 7.1, contain a Code Injection Vulnerability. An authenticated nonprivileged attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the application. CVE project by @Sn0wAlice Create: 2023-01-18 19:52:25 +0000 UTC Push: 2023-01-18 19:52:28 +0000 UTC |

Live-Hack-CVE/CVE-2022-34401 Dell BIOS contains a stack based buffer overflow vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to send larger than expected input to a parameter in order to gain arbitrary code execution in SMRAM. CVE project by @Sn0wAlice Create: 2023-01-18 19:52:21 +0000 UTC Push: 2023-01-18 19:52:24 +0000 UTC |

Live-Hack-CVE/CVE-2022-34393 Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM. CVE project by @Sn0wAlice Create: 2023-01-18 19:52:17 +0000 UTC Push: 2023-01-18 19:52:19 +0000 UTC |

Live-Hack-CVE/CVE-2022-32490 Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM. CVE project by @Sn0wAlice Create: 2023-01-18 19:52:12 +0000 UTC Push: 2023-01-18 19:52:15 +0000 UTC |

Live-Hack-CVE/CVE-2010-10007 ** UNSUPPPORTED WHEN ASSIGNED **** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in lierdakil click-reminder. It has been rated as critical. This issue affects the function db_query of the file src/backend/include/BaseAction.php. The manipulation leads to sql injection. The name of the patch is 41213b660e8eb01 CVE project by @Sn0wAlice Create: 2023-01-18 19:52:08 +0000 UTC Push: 2023-01-18 19:52:11 +0000 UTC |

Live-Hack-CVE/CVE-2022-34462 Dell EMC SCG Policy Manager, versions from 5.10 to 5.12, contain(s) a Hard-coded Password Vulnerability. An attacker, with the knowledge of the hard-coded credentials, could potentially exploit this vulnerability to login to the system to gain admin privileges. CVE project by @Sn0wAlice Create: 2023-01-18 19:52:03 +0000 UTC Push: 2023-01-18 19:52:07 +0000 UTC |

Live-Hack-CVE/CVE-2022-34442 Dell EMC SCG Policy Manager, versions from 5.10 to 5.12, contain(s) a contain a Hard-coded Cryptographic Key vulnerability. An attacker with the knowledge of the hard-coded sensitive information, could potentially exploit this vulnerability to login to the system to gain LDAP user privileges. CVE project by @Sn0wAlice Create: 2023-01-18 19:51:59 +0000 UTC Push: 2023-01-18 19:52:02 +0000 UTC |