Live-Hack-CVE/CVE-2023-23475 IBM Infosphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 245423. CVE project by @Sn0wAlice Create: 2023-02-09 23:15:28 +0000 UTC Push: 2023-02-09 23:15:31 +0000 UTC |

Live-Hack-CVE/CVE-2023-0690 HashiCorp Boundary from 0.10.0 through 0.11.2 contain an issue where when using a PKI-based worker with a Key Management Service (KMS) defined in the configuration file, new credentials created after an automatic rotation may not have been encrypted via the intended KMS. This would result in the credentials being store CVE project by @Sn0wAlice Create: 2023-02-09 23:15:25 +0000 UTC Push: 2023-02-09 23:15:27 +0000 UTC |

Live-Hack-CVE/CVE-2022-45755 Cross-site scripting (XSS) vulnerability in EyouCMS v1.6.0 allows attackers to execute arbitrary code via the home page description on the basic information page. CVE project by @Sn0wAlice Create: 2023-02-09 23:15:20 +0000 UTC Push: 2023-02-09 23:15:23 +0000 UTC |

Live-Hack-CVE/CVE-2022-45527 File upload vulnerability in Future-Depth Institutional Management Website (IMS) 1.0, allows unauthorized attackers to directly upload malicious files to the courseimg directory. CVE project by @Sn0wAlice Create: 2023-02-09 23:15:16 +0000 UTC Push: 2023-02-09 23:15:19 +0000 UTC |

Live-Hack-CVE/CVE-2022-34362 IBM Sterling Secure Proxy 6.0.3 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or session hijacking. IBM X-Force ID: 230523. CVE project by @Sn0wAlice Create: 2023-02-09 23:15:13 +0000 UTC Push: 2023-02-09 23:15:15 +0000 UTC |

Live-Hack-CVE/CVE-2022-45526 SQL Injection vulnerability in Future-Depth Institutional Management Website (IMS) 1.0, allows attackers to execute arbitrary commands via the ad parameter to /admin_area/login_transfer.php. CVE project by @Sn0wAlice Create: 2023-02-09 23:15:09 +0000 UTC Push: 2023-02-09 23:15:11 +0000 UTC |

Live-Hack-CVE/CVE-2022-42438 IBM Cloud Pak for Multicloud Management Monitoring 2.0 and 2.3 allows users without admin roles access to admin functions by specifying direct URL paths. IBM X-Force ID: 238210. CVE project by @Sn0wAlice Create: 2023-02-09 23:15:05 +0000 UTC Push: 2023-02-09 23:15:08 +0000 UTC |

Live-Hack-CVE/CVE-2022-35720 IBM Sterling External Authentication Server 6.1.0 and IBM Sterling Secure Proxy 6.0.3 uses weaker than expected cryptographic algorithms during installation that could allow a local attacker to decrypt sensitive information. IBM X-Force ID: 231373. CVE project by @Sn0wAlice Create: 2023-02-09 23:15:01 +0000 UTC Push: 2023-02-09 23:15:04 +0000 UTC |

Live-Hack-CVE/CVE-2023-0760 Heap-based Buffer Overflow in GitHub repository gpac/gpac prior to V2.1.0-DEV. CVE project by @Sn0wAlice Create: 2023-02-09 23:14:46 +0000 UTC Push: 2023-02-09 23:14:48 +0000 UTC |

Live-Hack-CVE/CVE-2023-0759 Privilege Chaining in GitHub repository cockpit-hq/cockpit prior to 2.3.8. CVE project by @Sn0wAlice Create: 2023-02-09 23:14:42 +0000 UTC Push: 2023-02-09 23:14:45 +0000 UTC |

Live-Hack-CVE/CVE-2023-0758 A vulnerability was found in glorylion JFinalOA 1.0.2 and classified as critical. This issue affects some unknown processing of the file src/main/java/com/pointlion/mvc/common/model/SysOrg.java. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The exploit has been disclo CVE project by @Sn0wAlice Create: 2023-02-09 22:09:29 +0000 UTC Push: 2023-02-09 22:09:32 +0000 UTC |

Live-Hack-CVE/CVE-2022-43440 Uncontrolled Search Path Element in Checkmk Agent in Tribe29 Checkmk before 2.1.0p1, before 2.0.0p25 and before 1.6.0p29 on a Checkmk server allows the site user to escalate privileges via a manipulated unixcat executable CVE project by @Sn0wAlice Create: 2023-02-09 19:55:40 +0000 UTC Push: 2023-02-09 19:55:42 +0000 UTC |

Bhathiya404/Exploiting-Stagefright-Vulnerability-CVE-2015-3864 Create: 2023-02-09 19:08:10 +0000 UTC Push: 2023-02-09 19:08:11 +0000 UTC |

ohnonoyesyes/CVE-2023-25194 Create: 2023-02-09 18:49:46 +0000 UTC Push: 2023-02-09 18:49:48 +0000 UTC |

Live-Hack-CVE/CVE-2022-22965 A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding. The specific exploit requires the application to run on Tomcat as a WAR deployment. If the application is deployed as a Spring Boot executable jar, i.e. the default, it is not vulnerable to th CVE project by @Sn0wAlice Create: 2023-02-09 14:32:58 +0000 UTC Push: 2023-02-09 14:33:01 +0000 UTC |

Live-Hack-CVE/CVE-2018-3982 An exploitable arbitrary write vulnerability exists in the Word document parser of the Atlantis Word Processor 3.0.2.3 and 3.0.2.5. A specially crafted document can prevent Atlas from adding elements to an array that is indexed by a loop. When reading from this array, the application will use an out-of-bounds index whi CVE project by @Sn0wAlice Create: 2023-02-09 14:32:54 +0000 UTC Push: 2023-02-09 14:32:57 +0000 UTC |

Live-Hack-CVE/CVE-2022-27904 Automox Agent for macOS before version 39 was vulnerable to a time-of-check/time-of-use (TOCTOU) race-condition attack during the agent install process. CVE project by @Sn0wAlice Create: 2023-02-09 14:32:51 +0000 UTC Push: 2023-02-09 14:32:53 +0000 UTC |

Live-Hack-CVE/CVE-2020-27068 Product: AndroidVersions: Android kernelAndroid ID: A-127973231References: Upstream kernel CVE project by @Sn0wAlice Create: 2023-02-09 14:32:47 +0000 UTC Push: 2023-02-09 14:32:50 +0000 UTC |

Live-Hack-CVE/CVE-2019-13626 SDL (Simple DirectMedia Layer) 2.x through 2.0.9 has a heap-based buffer over-read in Fill_IMA_ADPCM_block, caused by an integer overflow in IMA_ADPCM_decode() in audio/SDL_wave.c. CVE project by @Sn0wAlice Create: 2023-02-09 14:32:44 +0000 UTC Push: 2023-02-09 14:32:46 +0000 UTC |

Live-Hack-CVE/CVE-2019-13616 SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in BlitNtoN in video/SDL_blit_N.c when called from SDL_SoftBlit in video/SDL_blit.c. CVE project by @Sn0wAlice Create: 2023-02-09 14:32:40 +0000 UTC Push: 2023-02-09 14:32:43 +0000 UTC |