Live-Hack-CVE/CVE-2023-22236 Adobe Animate versions 22.0.8 (and earlier) and 23.0.0 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. CVE project by @Sn0wAlice Create: 2023-02-18 07:22:32 +0000 UTC Push: 2023-02-18 07:22:34 +0000 UTC |

Live-Hack-CVE/CVE-2022-48115 The dropdown menu in jspreadsheet before v4.6.0 was discovered to be vulnerable to cross-site scripting (XSS). CVE project by @Sn0wAlice Create: 2023-02-18 07:22:29 +0000 UTC Push: 2023-02-18 07:22:31 +0000 UTC |

Live-Hack-CVE/CVE-2023-22234 Adobe Premiere Rush version 2.6 (and earlier) is affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. CVE project by @Sn0wAlice Create: 2023-02-18 07:22:25 +0000 UTC Push: 2023-02-18 07:22:28 +0000 UTC |

Live-Hack-CVE/CVE-2021-26277 The framework service handles pendingIntent incorrectly, allowing a malicious application with certain privileges to perform privileged actions. CVE project by @Sn0wAlice Create: 2023-02-18 07:22:22 +0000 UTC Push: 2023-02-18 07:22:24 +0000 UTC |

Live-Hack-CVE/CVE-2023-22233 After Affects versions 23.1 (and earlier), 22.6.3 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim m CVE project by @Sn0wAlice Create: 2023-02-18 07:22:18 +0000 UTC Push: 2023-02-18 07:22:20 +0000 UTC |

Live-Hack-CVE/CVE-2023-22231 Adobe Bridge versions 12.0.3 (and earlier) and 13.0.1 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a vict CVE project by @Sn0wAlice Create: 2023-02-18 07:22:15 +0000 UTC Push: 2023-02-18 07:22:17 +0000 UTC |

Live-Hack-CVE/CVE-2023-22229 Adobe Bridge versions 12.0.3 (and earlier) and 13.0.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. CVE project by @Sn0wAlice Create: 2023-02-18 07:22:12 +0000 UTC Push: 2023-02-18 07:22:14 +0000 UTC |

Live-Hack-CVE/CVE-2023-22228 Adobe Bridge versions 12.0.3 (and earlier) and 13.0.1 (and earlier) are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. CVE project by @Sn0wAlice Create: 2023-02-18 07:22:08 +0000 UTC Push: 2023-02-18 07:22:10 +0000 UTC |

Live-Hack-CVE/CVE-2023-21578 Photoshop version 23.5.3 (and earlier), 24.1 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must o CVE project by @Sn0wAlice Create: 2023-02-18 07:22:05 +0000 UTC Push: 2023-02-18 07:22:07 +0000 UTC |

Live-Hack-CVE/CVE-2022-40021 QVidium Technologies Amino A140 (prior to firmware version 1.0.0-283) was discovered to contain a command injection vulnerability. CVE project by @Sn0wAlice Create: 2023-02-18 07:22:01 +0000 UTC Push: 2023-02-18 07:22:04 +0000 UTC |

Live-Hack-CVE/CVE-2022-21939 Sensitive Cookie Without 'HttpOnly' Flag vulnerability in Johnson Controls System Configuration Tool (SCT) version 14 prior to 14.2.3 and version 15 prior to 15.0.3 could allow access to the cookie. CVE project by @Sn0wAlice Create: 2023-02-18 06:13:37 +0000 UTC Push: 2023-02-18 06:13:39 +0000 UTC |

Live-Hack-CVE/CVE-2023-24960 IBM InfoSphere Information Server 11.7 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 246333 CVE project by @Sn0wAlice Create: 2023-02-18 06:13:34 +0000 UTC Push: 2023-02-18 06:13:36 +0000 UTC |

Live-Hack-CVE/CVE-2023-23279 Canteen Management System 1.0 is vulnerable to SQL Injection via /php_action/getOrderReport.php. CVE project by @Sn0wAlice Create: 2023-02-18 06:13:30 +0000 UTC Push: 2023-02-18 06:13:32 +0000 UTC |

Live-Hack-CVE/CVE-2022-43579 IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.7 and 6.1.0.0 through 6.1.2.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted CVE project by @Sn0wAlice Create: 2023-02-18 06:13:27 +0000 UTC Push: 2023-02-18 06:13:29 +0000 UTC |

Live-Hack-CVE/CVE-2022-40231 IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.7 and 6.1.0.0 through 6.1.2.0 could allow an authenticated user to perform unauthorized actions due to improper access controls. IBM X-Force ID: 235533. CVE project by @Sn0wAlice Create: 2023-02-18 06:13:23 +0000 UTC Push: 2023-02-18 06:13:25 +0000 UTC |

Live-Hack-CVE/CVE-2022-34351 IBM QRadar SIEM 7.4 and 7.5 is vulnerable to information exposure allowing a non-tenant user with a specific domain security profile assigned to see some data from other domains. IBM X-Force ID: 230402. CVE project by @Sn0wAlice Create: 2023-02-18 06:13:20 +0000 UTC Push: 2023-02-18 06:13:22 +0000 UTC |

Live-Hack-CVE/CVE-2022-33934 Dell PowerScale OneFS, versions 8.2.x through 9.4.x contain multiple stored cross-site scripting vulnerabilities. A remote authenticated malicious user with high privileges may potentially exploit these vulnerabilities to store malicious HTML or JavaScript code through multiple affected fields. CVE project by @Sn0wAlice Create: 2023-02-18 06:13:15 +0000 UTC Push: 2023-02-18 06:13:18 +0000 UTC |

Live-Hack-CVE/CVE-2021-34250 ** REJECT ** DO NOT USE THIS CVE RECORD. ConsultIDs: CVE-2021-33396. Reason: This record is a duplicate of CVE-2021-33396. Notes: All CVE users should reference CVE-2021-33396 instead of this record. All references and descriptions in this record have been removed to prevent accidental usage. CVE project by @Sn0wAlice Create: 2023-02-18 06:13:12 +0000 UTC Push: 2023-02-18 06:13:14 +0000 UTC |

Live-Hack-CVE/CVE-2022-34376 Dell PowerEdge BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by manipulating an SMI to cause a denial of service during SMM. CVE project by @Sn0wAlice Create: 2023-02-18 06:13:07 +0000 UTC Push: 2023-02-18 06:13:09 +0000 UTC |

Live-Hack-CVE/CVE-2023-24809 NetHack is a single player dungeon exploration game. Starting with version 3.6.2 and prior to version 3.6.7, illegal input to the "C" (call) command can cause a buffer overflow and crash the NetHack process. This vulnerability may be a security issue for systems that have NetHack installed suid/sgid and for shared syst CVE project by @Sn0wAlice Create: 2023-02-18 06:13:03 +0000 UTC Push: 2023-02-18 06:13:06 +0000 UTC |