Live-Hack-CVE/CVE-2020-10765 ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2020. Notes: none. CVE project by @Sn0wAlice Create: 2023-01-20 03:51:06 +0000 UTC Push: 2023-01-20 03:51:08 +0000 UTC |

Live-Hack-CVE/CVE-2020-10764 ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2020. Notes: none. CVE project by @Sn0wAlice Create: 2023-01-20 03:51:02 +0000 UTC Push: 2023-01-20 03:51:04 +0000 UTC |

Live-Hack-CVE/CVE-2020-10694 ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2020. Notes: none. CVE project by @Sn0wAlice Create: 2023-01-20 03:50:58 +0000 UTC Push: 2023-01-20 03:51:01 +0000 UTC |

Live-Hack-CVE/CVE-2020-10692 ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2020. Notes: none. CVE project by @Sn0wAlice Create: 2023-01-20 03:50:54 +0000 UTC Push: 2023-01-20 03:50:57 +0000 UTC |

Live-Hack-CVE/CVE-2022-4543 A flaw named "EntryBleed" was found in the Linux Kernel Page Table Isolation (KPTI). This issue could allow a local attacker to leak KASLR base via prefetch side-channels based on TLB timing for Intel systems. CVE project by @Sn0wAlice Create: 2023-01-20 03:50:50 +0000 UTC Push: 2023-01-20 03:50:53 +0000 UTC |

Live-Hack-CVE/CVE-2018-20961 In the Linux kernel before 4.16.4, a double free vulnerability in the f_midi_set_alt function of drivers/usb/gadget/function/f_midi.c in the f_midi driver may allow attackers to cause a denial of service or possibly have unspecified other impact. CVE project by @Sn0wAlice Create: 2023-01-20 01:40:41 +0000 UTC Push: 2023-01-20 01:40:44 +0000 UTC |

Live-Hack-CVE/CVE-2019-15504 drivers/net/wireless/rsi/rsi_91x_usb.c in the Linux kernel through 5.2.9 has a Double Free via crafted USB device traffic (which may be remote via usbip or usbredir). CVE project by @Sn0wAlice Create: 2023-01-20 01:40:36 +0000 UTC Push: 2023-01-20 01:40:40 +0000 UTC |

Live-Hack-CVE/CVE-2014-2523 net/netfilter/nf_conntrack_proto_dccp.c in the Linux kernel through 3.13.6 uses a DCCP header pointer incorrectly, which allows remote attackers to cause a denial of service (system crash) or possibly execute arbitrary code via a DCCP packet that triggers a call to the (1) dccp_new, (2) dccp_packet, or (3) dccp_error f CVE project by @Sn0wAlice Create: 2023-01-20 01:40:32 +0000 UTC Push: 2023-01-20 01:40:35 +0000 UTC |

Live-Hack-CVE/CVE-2006-7204 The imap_body function in PHP before 4.4.4 does not implement safemode or open_basedir checks, which allows local users to read arbitrary files or list arbitrary directory contents. CVE project by @Sn0wAlice Create: 2023-01-20 01:40:24 +0000 UTC Push: 2023-01-20 01:40:26 +0000 UTC |

Live-Hack-CVE/CVE-2017-18017 The tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c in the Linux kernel before 4.11, and 4.9.x before 4.9.36, allows remote attackers to cause a denial of service (use-after-free and memory corruption) or possibly have unspecified other impact by leveraging the presence of xt_TCPMSS in an iptables action. CVE project by @Sn0wAlice Create: 2023-01-20 01:40:20 +0000 UTC Push: 2023-01-20 01:40:22 +0000 UTC |

Live-Hack-CVE/CVE-2017-17806 The HMAC implementation (crypto/hmac.c) in the Linux kernel before 4.14.8 does not validate that the underlying cryptographic hash algorithm is unkeyed, allowing a local attacker able to use the AF_ALG-based hash interface (CONFIG_CRYPTO_USER_API_HASH) and the SHA-3 hash algorithm (CONFIG_CRYPTO_SHA3) to cause a kernel CVE project by @Sn0wAlice Create: 2023-01-20 01:40:16 +0000 UTC Push: 2023-01-20 01:40:19 +0000 UTC |

Live-Hack-CVE/CVE-2017-17853 kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging incorrect BPF_RSH signed bounds calculations. CVE project by @Sn0wAlice Create: 2023-01-20 01:40:12 +0000 UTC Push: 2023-01-20 01:40:15 +0000 UTC |

Live-Hack-CVE/CVE-2015-8787 The nf_nat_redirect_ipv4 function in net/netfilter/nf_nat_redirect.c in the Linux kernel before 4.4 allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by sending certain IPv4 packets to an incompletely configured interface, a relate CVE project by @Sn0wAlice Create: 2023-01-20 01:40:08 +0000 UTC Push: 2023-01-20 01:40:10 +0000 UTC |

Live-Hack-CVE/CVE-2010-3709 The ZipArchive::getArchiveComment function in PHP 5.2.x through 5.2.14 and 5.3.x through 5.3.3 allows context-dependent attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted ZIP archive. CVE project by @Sn0wAlice Create: 2023-01-20 01:40:03 +0000 UTC Push: 2023-01-20 01:40:05 +0000 UTC |

Live-Hack-CVE/CVE-2012-4388 The sapi_header_op function in main/SAPI.c in PHP 5.4.0RC2 through 5.4.0 does not properly determine a pointer during checks for %0D sequences (aka carriage return characters), which allows remote attackers to bypass an HTTP response-splitting protection mechanism via a crafted URL, related to improper interaction betw CVE project by @Sn0wAlice Create: 2023-01-20 01:39:59 +0000 UTC Push: 2023-01-20 01:40:01 +0000 UTC |

Live-Hack-CVE/CVE-2014-3981 acinclude.m4, as used in the configure script in PHP 5.5.13 and earlier, allows local users to overwrite arbitrary files via a symlink attack on the /tmp/phpglibccheck file. CVE project by @Sn0wAlice Create: 2023-01-20 01:39:55 +0000 UTC Push: 2023-01-20 01:39:57 +0000 UTC |

Live-Hack-CVE/CVE-2014-3538 file before 5.19 does not properly restrict the amount of data read during a regex search, which allows remote attackers to cause a denial of service (CPU consumption) via a crafted file that triggers backtracking during processing of an awk rule. NOTE: this vulnerability exists because of an incomplete fix for CVE-20 CVE project by @Sn0wAlice Create: 2023-01-20 01:39:50 +0000 UTC Push: 2023-01-20 01:39:53 +0000 UTC |

Live-Hack-CVE/CVE-2014-4698 Use-after-free vulnerability in ext/spl/spl_array.c in the SPL component in PHP through 5.5.14 allows context-dependent attackers to cause a denial of service or possibly have unspecified other impact via crafted ArrayIterator usage within applications in certain web-hosting environments. CVE project by @Sn0wAlice Create: 2023-01-20 01:39:46 +0000 UTC Push: 2023-01-20 01:39:49 +0000 UTC |

Live-Hack-CVE/CVE-2009-2687 The exif_read_data function in the Exif module in PHP before 5.2.10 allows remote attackers to cause a denial of service (crash) via a malformed JPEG image with invalid offset fields, a different issue than CVE-2005-3353. CVE project by @Sn0wAlice Create: 2023-01-20 01:39:42 +0000 UTC Push: 2023-01-20 01:39:45 +0000 UTC |

Live-Hack-CVE/CVE-2015-2326 The pcre_compile2 function in PCRE before 8.37 allows context-dependent attackers to compile incorrect code and cause a denial of service (out-of-bounds read) via regular expression with a group containing both a forward referencing subroutine call and a recursive back reference, as demonstrated by "((?+1)(\1))/". CVE project by @Sn0wAlice Create: 2023-01-20 01:39:38 +0000 UTC Push: 2023-01-20 01:39:41 +0000 UTC |