Live-Hack-CVE/CVE-2021-33926 An issue in Plone CMS v. 5.2.4, 5.2.3, 5.2.2, 5.2.1, 5.2.0, 5.1rc2, 5.1rc1, 5.1b4, 5.1b3, 5.1b2, 5.1a2, 5.1a1, 5.1.7, 5.1.6, 5.1.5, 5.1.4, 5.1.2, 5.1.1 5.1, 5.0rc3, 5.0rc2, 5.0rc1, 5.0.9, 5.0.8, 5.0.7, 5.0.6, 5.0.5, 5.0.4, 5.0.3, 5.0.2, 5.0.10, 5.0.1, 5.0, 4.3.9, 4.3.8, 4.3.7, 4.3.6, 4.3.5, 4.3.4, 4.3.3, 4.3.20, 4 allo CVE project by @Sn0wAlice Create: 2023-02-18 04:02:09 +0000 UTC Push: 2023-02-18 04:02:11 +0000 UTC |

Live-Hack-CVE/CVE-2021-33391 An issue in HTACG HTML Tidy v5.7.28 allows attacker to execute arbitrary code via the -g option of the CleanNode() function in gdoc.c. CVE project by @Sn0wAlice Create: 2023-02-18 04:02:04 +0000 UTC Push: 2023-02-18 04:02:07 +0000 UTC |

Live-Hack-CVE/CVE-2021-32142 Buffer Overflow vulnerability in LibRaw linux/unix v0.20.0 allows attacker to escalate privileges via the LibRaw_buffer_datastream::gets(char*, int) in /src/libraw/src/libraw_datastream.cpp. CVE project by @Sn0wAlice Create: 2023-02-18 04:02:01 +0000 UTC Push: 2023-02-18 04:02:03 +0000 UTC |

Live-Hack-CVE/CVE-2021-32441 SQL Injection vulnerability in Exponent-CMS v.2.6.0 fixed in 2.7.0 allows attackers to gain access to sensitive information via the selectValue function in the expConfig class. CVE project by @Sn0wAlice Create: 2023-02-18 04:01:58 +0000 UTC Push: 2023-02-18 04:02:00 +0000 UTC |

Live-Hack-CVE/CVE-2021-32419 An issue in Schism Tracker v20200412 fixed in v.20200412 allows attacker to obtain sensitive information via the fmt_mtm_load_song function in fmt/mtm.c. CVE project by @Sn0wAlice Create: 2023-02-18 04:01:53 +0000 UTC Push: 2023-02-18 04:01:55 +0000 UTC |

Live-Hack-CVE/CVE-2021-32163 Authentication vulnerability in MOSN v.0.23.0 allows attacker to escalate privileges via case-sensitive JWT authorization. CVE project by @Sn0wAlice Create: 2023-02-18 04:01:49 +0000 UTC Push: 2023-02-18 04:01:51 +0000 UTC |

Live-Hack-CVE/CVE-2020-19824 An issue in MPV v.0.29.1 fixed in v0.30 allows attackers to execute arbitrary code and crash program via the ao_c parameter. CVE project by @Sn0wAlice Create: 2023-02-18 04:01:45 +0000 UTC Push: 2023-02-18 04:01:47 +0000 UTC |

Live-Hack-CVE/CVE-2022-45766 Hardcoded credentials in Global Facilities Management Software (GFMS) Version 3 software distributed by Key Systems Management permits remote attackers to impact availability, confidentiality, accessibility and dependability of electronic key boxes. CVE project by @Sn0wAlice Create: 2023-02-18 04:01:41 +0000 UTC Push: 2023-02-18 04:01:44 +0000 UTC |

Live-Hack-CVE/CVE-2023-0777 Authentication Bypass by Primary Weakness in GitHub repository modoboa/modoboa prior to 2.0.4. CVE project by @Sn0wAlice Create: 2023-02-18 04:01:37 +0000 UTC Push: 2023-02-18 04:01:39 +0000 UTC |

and0x00/CVE-2021-32789 ? Wordpress WooCommerce users dump exploit Create: 2023-02-18 03:51:24 +0000 UTC Push: 2023-02-18 03:51:25 +0000 UTC |

Live-Hack-CVE/CVE-2023-24388 Cross-Site Request Forgery (CSRF) vulnerability in WpDevArt Booking calendar, Appointment Booking System plugin <= 3.2.3 versions affects plugin forms actions (create, duplicate, edit, delete). CVE project by @Sn0wAlice Create: 2023-02-18 01:48:14 +0000 UTC Push: 2023-02-18 01:48:17 +0000 UTC |

Live-Hack-CVE/CVE-2023-24329 An issue in the urllib.parse component of Python before v3.11 allows attackers to bypass blocklisting methods by supplying a URL that starts with blank characters. CVE project by @Sn0wAlice Create: 2023-02-18 01:48:11 +0000 UTC Push: 2023-02-18 01:48:12 +0000 UTC |

Live-Hack-CVE/CVE-2023-23899 Cross-Site Request Forgery (CSRF) vulnerability in HasThemes Extensions For CF7 plugin <= 2.0.8 versions leads to arbitrary plugin activation. CVE project by @Sn0wAlice Create: 2023-02-18 01:48:07 +0000 UTC Push: 2023-02-18 01:48:10 +0000 UTC |

Live-Hack-CVE/CVE-2022-45701 Arris TG2482A firmware through 9.1.103GEM9 allow Remote Code Execution (RCE) via the ping utility feature. CVE project by @Sn0wAlice Create: 2023-02-18 01:48:04 +0000 UTC Push: 2023-02-18 01:48:06 +0000 UTC |

Live-Hack-CVE/CVE-2020-29168 SQL Injection vulnerability in Projectworlds Online Doctor Appointment Booking System, allows attackers to gain sensitive information via the q parameter to the getuser.php endpoint. CVE project by @Sn0wAlice Create: 2023-02-18 01:48:00 +0000 UTC Push: 2023-02-18 01:48:02 +0000 UTC |

Live-Hack-CVE/CVE-2023-21431 Improper input validation in Bixby Vision prior to version 3.7.70.17 allows attacker to access data of Bixby Vision. CVE project by @Sn0wAlice Create: 2023-02-18 01:47:55 +0000 UTC Push: 2023-02-18 01:47:58 +0000 UTC |

Live-Hack-CVE/CVE-2023-21433 Improper access control vulnerability in Galaxy Store prior to version 4.5.49.8 allows local attackers to install applications from Galaxy Store. CVE project by @Sn0wAlice Create: 2023-02-18 01:47:52 +0000 UTC Push: 2023-02-18 01:47:54 +0000 UTC |

Live-Hack-CVE/CVE-2023-21443 Improper cryptographic implementation in Samsung Flow for Android prior to version 4.9.04 allows adjacent attackers to decrypt encrypted messages or inject commands. CVE project by @Sn0wAlice Create: 2023-02-18 01:47:49 +0000 UTC Push: 2023-02-18 01:47:51 +0000 UTC |

Live-Hack-CVE/CVE-2023-21444 Improper cryptographic implementation in Samsung Flow for PC 4.9.14.0 allows adjacent attackers to decrypt encrypted messages or inject commands. CVE project by @Sn0wAlice Create: 2023-02-18 01:47:45 +0000 UTC Push: 2023-02-18 01:47:47 +0000 UTC |

Live-Hack-CVE/CVE-2023-21447 Improper access control vulnerabilities in Samsung Cloud prior to version 5.3.0.32 allows local attackers to access information with Samsung Cloud's privilege via implicit intent. CVE project by @Sn0wAlice Create: 2023-02-18 01:47:41 +0000 UTC Push: 2023-02-18 01:47:44 +0000 UTC |