Live-Hack-CVE/CVE-2022-46660 An unauthorized user could alter or write files with full control over the path and content of the file. CVE project by @Sn0wAlice Create: 2023-01-18 09:53:31 +0000 UTC Push: 2023-01-18 09:53:33 +0000 UTC |

Live-Hack-CVE/CVE-2023-21835 Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 11.0.17, 17.0.5, 19.0.1; Oracle GraalVM Enterprise Edition: 20.3.8, 21.3.4 and 22.3.0. Easily exploitable vulnerability allows unauthenticated at CVE project by @Sn0wAlice Create: 2023-01-18 09:53:27 +0000 UTC Push: 2023-01-18 09:53:30 +0000 UTC |

Live-Hack-CVE/CVE-2022-39429 Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 19c and 21c. Easily exploitable vulnerability allows low privileged attacker having Create Procedure privilege with network access via Oracle Net to compromise Java VM. Successful attacks of this vulnerability CVE project by @Sn0wAlice Create: 2023-01-18 09:53:23 +0000 UTC Push: 2023-01-18 09:53:25 +0000 UTC |

Live-Hack-CVE/CVE-2023-21832 Vulnerability in the Oracle BI Publisher product of Oracle Fusion Middleware (component: Security). Supported versions that are affected are 5.9.0.0.0, 6.4.0.0.0 and 12.2.1.4.0. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise Oracle BI Publisher CVE project by @Sn0wAlice Create: 2023-01-18 09:53:18 +0000 UTC Push: 2023-01-18 09:53:21 +0000 UTC |

Live-Hack-CVE/CVE-2023-21830 Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Serialization). Supported versions that are affected are Oracle Java SE: 8u351, 8u351-perf; Oracle GraalVM Enterprise Edition: 20.3.8 and 21.3.4. Easily exploitable vulnerability allows unauthenticated attacke CVE project by @Sn0wAlice Create: 2023-01-18 09:53:13 +0000 UTC Push: 2023-01-18 09:53:16 +0000 UTC |

Live-Hack-CVE/CVE-2023-21827 Vulnerability in the Oracle Database Data Redaction component of Oracle Database Server. Supported versions that are affected are 19c and 21c. Easily exploitable vulnerability allows low privileged attacker having Create Session privilege with network access via Oracle Net to compromise Oracle Database Data Redaction CVE project by @Sn0wAlice Create: 2023-01-18 09:53:08 +0000 UTC Push: 2023-01-18 09:53:11 +0000 UTC |

Live-Hack-CVE/CVE-2023-21825 Vulnerability in the Oracle iSupplier Portal product of Oracle E-Business Suite (component: Supplier Management). Supported versions that are affected are 12.2.6-12.2.8. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle iSupplier Portal. Successful atta CVE project by @Sn0wAlice Create: 2023-01-18 09:53:03 +0000 UTC Push: 2023-01-18 09:53:06 +0000 UTC |

Live-Hack-CVE/CVE-2010-10006 A vulnerability, which was classified as problematic, was found in michaelliao jopenid. Affected is the function getAuthentication of the file JOpenId/src/org/expressme/openid/OpenIdManager.java. The manipulation leads to observable timing discrepancy. Upgrading to version 1.08 is able to address this issue. The name o CVE project by @Sn0wAlice Create: 2023-01-18 09:52:58 +0000 UTC Push: 2023-01-18 09:53:01 +0000 UTC |

Live-Hack-CVE/CVE-2016-1583 The ecryptfs_privileged_open function in fs/ecryptfs/kthread.c in the Linux kernel before 4.6.3 allows local users to gain privileges or cause a denial of service (stack memory consumption) via vectors involving crafted mmap calls for /proc pathnames, leading to recursive pagefault handling. CVE project by @Sn0wAlice Create: 2023-01-18 07:41:03 +0000 UTC Push: 2023-01-18 07:41:06 +0000 UTC |

Live-Hack-CVE/CVE-2016-2070 The tcp_cwnd_reduction function in net/ipv4/tcp_input.c in the Linux kernel before 4.3.5 allows remote attackers to cause a denial of service (divide-by-zero error and system crash) via crafted TCP traffic. CVE project by @Sn0wAlice Create: 2023-01-18 07:40:59 +0000 UTC Push: 2023-01-18 07:41:02 +0000 UTC |

Live-Hack-CVE/CVE-2016-3135 Integer overflow in the xt_alloc_table_info function in net/netfilter/x_tables.c in the Linux kernel through 4.5.2 on 32-bit platforms allows local users to gain privileges or cause a denial of service (heap memory corruption) via an IPT_SO_SET_REPLACE setsockopt call. CVE project by @Sn0wAlice Create: 2023-01-18 07:40:55 +0000 UTC Push: 2023-01-18 07:40:58 +0000 UTC |

Live-Hack-CVE/CVE-2016-4440 arch/x86/kvm/vmx.c in the Linux kernel through 4.6.3 mishandles the APICv on/off state, which allows guest OS users to obtain direct APIC MSR access on the host OS, and consequently cause a denial of service (host OS crash) or possibly execute arbitrary code on the host OS, via x2APIC mode. CVE project by @Sn0wAlice Create: 2023-01-18 07:40:50 +0000 UTC Push: 2023-01-18 07:40:53 +0000 UTC |

Live-Hack-CVE/CVE-2016-4557 The replace_map_fd_with_map_ptr function in kernel/bpf/verifier.c in the Linux kernel before 4.5.5 does not properly maintain an fd data structure, which allows local users to gain privileges or cause a denial of service (use-after-free) via crafted BPF instructions that reference an incorrect file descriptor. CVE project by @Sn0wAlice Create: 2023-01-18 07:40:46 +0000 UTC Push: 2023-01-18 07:40:49 +0000 UTC |

Live-Hack-CVE/CVE-2014-9914 Race condition in the ip4_datagram_release_cb function in net/ipv4/datagram.c in the Linux kernel before 3.15.2 allows local users to gain privileges or cause a denial of service (use-after-free) by leveraging incorrect expectations about locking during multithreaded access to internal data structures for IPv4 UDP sock CVE project by @Sn0wAlice Create: 2023-01-18 07:40:42 +0000 UTC Push: 2023-01-18 07:40:45 +0000 UTC |

Live-Hack-CVE/CVE-2016-4565 The InfiniBand (aka IB) stack in the Linux kernel before 4.5.3 incorrectly relies on the write system call, which allows local users to cause a denial of service (kernel memory write operation) or possibly have unspecified other impact via a uAPI interface. CVE project by @Sn0wAlice Create: 2023-01-18 07:40:37 +0000 UTC Push: 2023-01-18 07:40:40 +0000 UTC |

Live-Hack-CVE/CVE-2015-3288 mm/memory.c in the Linux kernel before 4.1.4 mishandles anonymous pages, which allows local users to gain privileges or cause a denial of service (page tainting) via a crafted application that triggers writing to page zero. CVE project by @Sn0wAlice Create: 2023-01-18 07:40:33 +0000 UTC Push: 2023-01-18 07:40:36 +0000 UTC |

Live-Hack-CVE/CVE-2014-9904 The snd_compress_check_input function in sound/core/compress_offload.c in the ALSA subsystem in the Linux kernel before 3.17 does not properly check for an integer overflow, which allows local users to cause a denial of service (insufficient memory allocation) or possibly have unspecified other impact via a crafted SND CVE project by @Sn0wAlice Create: 2023-01-18 07:40:28 +0000 UTC Push: 2023-01-18 07:40:31 +0000 UTC |

Live-Hack-CVE/CVE-2014-6416 Buffer overflow in net/ceph/auth_x.c in Ceph, as used in the Linux kernel before 3.16.3, allows remote attackers to cause a denial of service (memory corruption and panic) or possibly have unspecified other impact via a long unencrypted auth ticket. CVE project by @Sn0wAlice Create: 2023-01-18 07:40:24 +0000 UTC Push: 2023-01-18 07:40:27 +0000 UTC |

Live-Hack-CVE/CVE-2014-7145 The SMB2_tcon function in fs/cifs/smb2pdu.c in the Linux kernel before 3.16.3 allows remote CIFS servers to cause a denial of service (NULL pointer dereference and client system crash) or possibly have unspecified other impact by deleting the IPC$ share during resolution of DFS referrals. CVE project by @Sn0wAlice Create: 2023-01-18 07:40:20 +0000 UTC Push: 2023-01-18 07:40:23 +0000 UTC |

Live-Hack-CVE/CVE-2013-1059 net/ceph/auth_none.c in the Linux kernel through 3.10 allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via an auth_reply message that triggers an attempted build_request operation. CVE project by @Sn0wAlice Create: 2023-01-18 07:40:16 +0000 UTC Push: 2023-01-18 07:40:19 +0000 UTC |