Live-Hack-CVE/CVE-2023-21761 Microsoft Exchange Server Information Disclosure Vulnerability. CVE project by @Sn0wAlice Create: 2023-01-19 03:34:07 +0000 UTC Push: 2023-01-19 03:34:10 +0000 UTC |

Live-Hack-CVE/CVE-2023-21763 Microsoft Exchange Server Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2023-21764. CVE project by @Sn0wAlice Create: 2023-01-19 03:34:02 +0000 UTC Push: 2023-01-19 03:34:06 +0000 UTC |

Live-Hack-CVE/CVE-2015-10038 A vulnerability was found in nym3r0s pplv2. It has been declared as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to sql injection. The name of the patch is 28f8b0550104044da09f04659797487c59f85b00. It is recommended to apply a patch to fix this issue. The associated ident CVE project by @Sn0wAlice Create: 2023-01-19 03:33:54 +0000 UTC Push: 2023-01-19 03:33:57 +0000 UTC |

Live-Hack-CVE/CVE-2023-21757 Windows Layer 2 Tunneling Protocol (L2TP) Denial of Service Vulnerability. CVE project by @Sn0wAlice Create: 2023-01-19 03:33:50 +0000 UTC Push: 2023-01-19 03:33:53 +0000 UTC |

NurSec747/CVE-2022-46104---POC Create: 2023-01-19 01:41:06 +0000 UTC Push: 2023-01-19 01:41:07 +0000 UTC |

Live-Hack-CVE/CVE-2023-0385 The Custom 404 Pro plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 3.7.1. This is due to missing or incorrect nonce validation on the custom_404_pro_admin_init function. This makes it possible for unauthenticated attackers to delete logs, via forged request granted the CVE project by @Sn0wAlice Create: 2023-01-19 01:23:54 +0000 UTC Push: 2023-01-19 01:23:57 +0000 UTC |

Live-Hack-CVE/CVE-2022-47881 Foxit PDF Reader and PDF Editor 11.2.1.53537 and earlier has an Out-of-Bounds Read vulnerability. CVE project by @Sn0wAlice Create: 2023-01-19 01:23:50 +0000 UTC Push: 2023-01-19 01:23:53 +0000 UTC |

Live-Hack-CVE/CVE-2022-45103 Dell Unisphere for PowerMax vApp, VASA Provider vApp, and Solution Enabler vApp version 9.2.3.x contain an information disclosure vulnerability. A low privileged remote attacker could potentially exploit this vulnerability, leading to read arbitrary files on the underlying file system. CVE project by @Sn0wAlice Create: 2023-01-19 01:23:45 +0000 UTC Push: 2023-01-19 01:23:48 +0000 UTC |

Live-Hack-CVE/CVE-2023-21725 Windows Malicious Software Removal Tool Elevation of Privilege Vulnerability. CVE project by @Sn0wAlice Create: 2023-01-19 01:23:41 +0000 UTC Push: 2023-01-19 01:23:44 +0000 UTC |

Live-Hack-CVE/CVE-2023-21683 Windows Internet Key Exchange (IKE) Extension Denial of Service Vulnerability. This CVE ID is unique from CVE-2023-21677, CVE-2023-21758. CVE project by @Sn0wAlice Create: 2023-01-19 01:23:35 +0000 UTC Push: 2023-01-19 01:23:39 +0000 UTC |

Live-Hack-CVE/CVE-2023-21724 Microsoft DWM Core Library Elevation of Privilege Vulnerability. CVE project by @Sn0wAlice Create: 2023-01-19 01:23:31 +0000 UTC Push: 2023-01-19 01:23:34 +0000 UTC |

Live-Hack-CVE/CVE-2023-21768 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability. CVE project by @Sn0wAlice Create: 2023-01-19 01:23:26 +0000 UTC Push: 2023-01-19 01:23:29 +0000 UTC |

Live-Hack-CVE/CVE-2023-21767 Windows Overlay Filter Elevation of Privilege Vulnerability. CVE project by @Sn0wAlice Create: 2023-01-19 01:23:21 +0000 UTC Push: 2023-01-19 01:23:25 +0000 UTC |

Live-Hack-CVE/CVE-2023-21558 Windows Error Reporting Service Elevation of Privilege Vulnerability. CVE project by @Sn0wAlice Create: 2023-01-19 01:23:17 +0000 UTC Push: 2023-01-19 01:23:19 +0000 UTC |

Live-Hack-CVE/CVE-2023-21682 Windows Point-to-Point Protocol (PPP) Information Disclosure Vulnerability. CVE project by @Sn0wAlice Create: 2023-01-19 01:23:13 +0000 UTC Push: 2023-01-19 01:23:15 +0000 UTC |

Live-Hack-CVE/CVE-2023-21766 Windows Overlay Filter Information Disclosure Vulnerability. CVE project by @Sn0wAlice Create: 2023-01-19 01:23:08 +0000 UTC Push: 2023-01-19 01:23:11 +0000 UTC |

Live-Hack-CVE/CVE-2020-20412 lib/codebook.c in libvorbis before 1.3.6, as used in StepMania 5.0.12 and other products, has insufficient array bounds checking via a crafted OGG file. NOTE: this may overlap CVE-2018-5146. CVE project by @Sn0wAlice Create: 2023-01-19 01:23:04 +0000 UTC Push: 2023-01-19 01:23:07 +0000 UTC |

Live-Hack-CVE/CVE-2022-46463 ** DISPUTED ** An access control issue in Harbor v1.X.X to v2.5.3 allows attackers to access public and private image repositories without authentication. NOTE: the vendor's position is that this "is clearly described in the documentation as a feature." CVE project by @Sn0wAlice Create: 2023-01-19 01:23:00 +0000 UTC Push: 2023-01-19 01:23:02 +0000 UTC |

Live-Hack-CVE/CVE-2022-46505 An issue in MatrixSSL 4.5.1-open and earlier leads to failure to securely check the SessionID field, resulting in the misuse of an all-zero MasterSecret that can decrypt secret data. CVE project by @Sn0wAlice Create: 2023-01-19 01:22:55 +0000 UTC Push: 2023-01-19 01:22:58 +0000 UTC |

Live-Hack-CVE/CVE-2021-4314 It is possible to manipulate the JWT token without the knowledge of the JWT secret and authenticate without valid JWT token as any user. This is happening only in the situation when zOSMF doesn’t have the APAR PH12143 applied. This issue affects: 1.16 versions to 1.19. What happens is that the services using the ZAAS c CVE project by @Sn0wAlice Create: 2023-01-19 01:22:51 +0000 UTC Push: 2023-01-19 01:22:54 +0000 UTC |