Live-Hack-CVE/CVE-2021-37317 Directory Traversal vulnerability in Cloud Disk in ASUS RT-AC68U router firmware version before 3.0.0.4.386.41634 allows remote attackers to write arbitrary files via improper sanitation on the target for COPY and MOVE operations. CVE project by @Sn0wAlice Create: 2023-02-13 23:54:36 +0000 UTC Push: 2023-02-13 23:54:38 +0000 UTC |

Live-Hack-CVE/CVE-2020-36661 A vulnerability was found in Kong lua-multipart 0.5.8-1. It has been declared as problematic. This vulnerability affects the function is_header of the file src/multipart.lua. The manipulation leads to inefficient regular expression complexity. Upgrading to version 0.5.9-1 is able to address this issue. The name of the CVE project by @Sn0wAlice Create: 2023-02-13 21:42:38 +0000 UTC Push: 2023-02-13 21:42:40 +0000 UTC |

Live-Hack-CVE/CVE-2023-22367 Ichiran App for iOS versions prior to 3.1.0 and Ichiran App for Android versions prior to 3.1.0 improperly verify server certificates, which may allow a remote unauthenticated attacker to eavesdrop on an encrypted communication via a man-in-the-middle attack. CVE project by @Sn0wAlice Create: 2023-02-13 21:42:31 +0000 UTC Push: 2023-02-13 21:42:34 +0000 UTC |

Live-Hack-CVE/CVE-2023-22362 SUSHIRO App for Android outputs sensitive information to the log file, which may result in an attacker obtaining a credential information from the log file. Affected products/versions are as follows: SUSHIRO Ver.4.0.31, Thailand SUSHIRO Ver.1.0.0, Hong Kong SUSHIRO Ver.3.0.2, Singapore SUSHIRO Ver.2.0.0, and Taiwan SUS CVE project by @Sn0wAlice Create: 2023-02-13 21:42:28 +0000 UTC Push: 2023-02-13 21:42:30 +0000 UTC |

Live-Hack-CVE/CVE-2023-22360 Use-after free vulnerability exists in Screen Creator Advance 2 Ver.0.1.1.4 Build01 and earlier due to lack of error handling process even when an error was detected. Having a user of Screen Creator Advance 2 to open a specially crafted project file may lead to information disclosure and/or arbitrary code execution. CVE project by @Sn0wAlice Create: 2023-02-13 21:42:23 +0000 UTC Push: 2023-02-13 21:42:26 +0000 UTC |

Live-Hack-CVE/CVE-2023-22353 Out-of-bound read vulnerability exists in Screen Creator Advance 2 Ver.0.1.1.4 Build01 and earlier because the end of data cannot be verified when processing control management information. Having a user of Screen Creator Advance 2 to open a specially crafted project file may lead to information disclosure and/or arbit CVE project by @Sn0wAlice Create: 2023-02-13 21:42:19 +0000 UTC Push: 2023-02-13 21:42:22 +0000 UTC |

Live-Hack-CVE/CVE-2023-22350 Out-of-bound read vulnerability exists in Screen Creator Advance 2 Ver.0.1.1.4 Build01 and earlier because the end of data cannot be verified when processing parts management information. Having a user of Screen Creator Advance 2 to open a specially crafted project file may lead to information disclosure and/or arbitra CVE project by @Sn0wAlice Create: 2023-02-13 21:42:15 +0000 UTC Push: 2023-02-13 21:42:18 +0000 UTC |

Live-Hack-CVE/CVE-2023-22349 Out-of-bound read vulnerability exists in Screen Creator Advance 2 Ver.0.1.1.4 Build01 and earlier because the end of data cannot be verified when processing screen management information. Having a user of Screen Creator Advance 2 to open a specially crafted project file may lead to information disclosure and/or arbitr CVE project by @Sn0wAlice Create: 2023-02-13 21:42:11 +0000 UTC Push: 2023-02-13 21:42:14 +0000 UTC |

Live-Hack-CVE/CVE-2023-22347 Out-of-bound read vulnerability exists in Screen Creator Advance 2 Ver.0.1.1.4 Build01 and earlier because the end of data cannot be verified when processing file structure information. Having a user of Screen Creator Advance 2 to open a specially crafted project file may lead to information disclosure and/or arbitrary CVE project by @Sn0wAlice Create: 2023-02-13 21:42:07 +0000 UTC Push: 2023-02-13 21:42:10 +0000 UTC |

Live-Hack-CVE/CVE-2023-22346 Out-of-bound read vulnerability exists in Screen Creator Advance 2 Ver.0.1.1.4 Build01 and earlier because the end of data cannot be verified when processing template information. Having a user of Screen Creator Advance 2 to open a specially crafted project file may lead to information disclosure and/or arbitrary code CVE project by @Sn0wAlice Create: 2023-02-13 21:42:04 +0000 UTC Push: 2023-02-13 21:42:06 +0000 UTC |

Live-Hack-CVE/CVE-2023-22345 Out-of-bound write vulnerability exists in Screen Creator Advance 2 Ver.0.1.1.4 Build01 and earlier due to lack of error handling process when out of specification errors are detected. Having a user of Screen Creator Advance 2 to open a specially crafted project file may lead to information disclosure and/or arbitrary CVE project by @Sn0wAlice Create: 2023-02-13 21:42:00 +0000 UTC Push: 2023-02-13 21:42:02 +0000 UTC |

Live-Hack-CVE/CVE-2022-43460 Driver Distributor v2.2.3.1 and earlier contains a vulnerability where passwords are stored in a recoverable format. If an attacker obtains a configuration file of Driver Distributor, the encrypted administrator's credentials may be decrypted. CVE project by @Sn0wAlice Create: 2023-02-13 21:41:56 +0000 UTC Push: 2023-02-13 21:41:58 +0000 UTC |

Live-Hack-CVE/CVE-2023-0808 A vulnerability was found in Deye/Revolt/Bosswerk Inverter MW3_15U_5406_1.47/MW3_15U_5406_1.471. It has been rated as problematic. This issue affects some unknown processing of the component Access Point Setting Handler. The manipulation with the input 12345678 leads to use of hard-coded password. It is possible to lau CVE project by @Sn0wAlice Create: 2023-02-13 21:41:46 +0000 UTC Push: 2023-02-13 21:41:49 +0000 UTC |

Live-Hack-CVE/CVE-2023-25727 In phpMyAdmin before 4.9.11 and 5.x before 5.2.1, an authenticated user can trigger XSS by uploading a crafted .sql file through the drag-and-drop interface. CVE project by @Sn0wAlice Create: 2023-02-13 20:31:33 +0000 UTC Push: 2023-02-13 20:31:35 +0000 UTC |

Live-Hack-CVE/CVE-2023-24572 Dell Command | Integration Suite for System Center, versions before 6.4.0 contain an arbitrary folder delete vulnerability during uninstallation. A locally authenticated malicious user may potentially exploit this vulnerability leading to arbitrary folder deletion. CVE project by @Sn0wAlice Create: 2023-02-13 20:31:29 +0000 UTC Push: 2023-02-13 20:31:31 +0000 UTC |

Live-Hack-CVE/CVE-2023-23697 Dell Command | Intel vPro Out of Band, versions before 4.4.0, contain an arbitrary folder delete vulnerability during uninstallation. A locally authenticated malicious user may potentially exploit this vulnerability leading to arbitrary folder deletion. CVE project by @Sn0wAlice Create: 2023-02-13 20:31:26 +0000 UTC Push: 2023-02-13 20:31:28 +0000 UTC |

Live-Hack-CVE/CVE-2022-45455 Local privilege escalation due to incomplete uninstallation cleanup. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40107, Acronis Agent (Windows) before build 30025, Acronis Cyber Protect 15 (Windows) before build 30984. CVE project by @Sn0wAlice Create: 2023-02-13 20:31:22 +0000 UTC Push: 2023-02-13 20:31:24 +0000 UTC |

Live-Hack-CVE/CVE-2022-45454 Sensitive information disclosure due to insecure folder permissions. The following products are affected: Acronis Agent (Windows) before build 30161, Acronis Cyber Protect 15 (Windows) before build 30984. CVE project by @Sn0wAlice Create: 2023-02-13 20:31:18 +0000 UTC Push: 2023-02-13 20:31:21 +0000 UTC |

Live-Hack-CVE/CVE-2022-34397 Dell Unisphere for PowerMax vApp, VASA Provider vApp, and Solution Enabler vApp version 10.0.0.5 and below contains an authorization bypass vulnerability, allowing users to perform actions in which they are not authorized. CVE project by @Sn0wAlice Create: 2023-02-13 20:31:15 +0000 UTC Push: 2023-02-13 20:31:17 +0000 UTC |

cvedb/CVE-2020-2551 Create: 2023-02-13 17:41:22 +0000 UTC Push: 2023-02-13 17:42:01 +0000 UTC |