Live-Hack-CVE/CVE-2023-0417 Memory leak in the NFS dissector in Wireshark 4.0.0 to 4.0.2 and 3.6.0 to 3.6.10 and allows denial of service via packet injection or crafted capture file CVE project by @Sn0wAlice Create: 2023-02-02 02:04:03 +0000 UTC Push: 2023-02-02 02:04:06 +0000 UTC |

Live-Hack-CVE/CVE-2023-0415 iSCSI dissector crash in Wireshark 4.0.0 to 4.0.2 and 3.6.0 to 3.6.10 and allows denial of service via packet injection or crafted capture file CVE project by @Sn0wAlice Create: 2023-02-02 02:03:59 +0000 UTC Push: 2023-02-02 02:04:02 +0000 UTC |

Live-Hack-CVE/CVE-2019-13767 Use after free in media picker in Google Chrome prior to 79.0.3945.88 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. CVE project by @Sn0wAlice Create: 2023-02-02 02:03:55 +0000 UTC Push: 2023-02-02 02:03:57 +0000 UTC |

Live-Hack-CVE/CVE-2023-0413 Dissection engine bug in Wireshark 4.0.0 to 4.0.2 and 3.6.0 to 3.6.10 and allows denial of service via packet injection or crafted capture file CVE project by @Sn0wAlice Create: 2023-02-02 02:03:51 +0000 UTC Push: 2023-02-02 02:03:53 +0000 UTC |

Live-Hack-CVE/CVE-2023-0414 Crash in the EAP dissector in Wireshark 4.0.0 to 4.0.2 allows denial of service via packet injection or crafted capture file CVE project by @Sn0wAlice Create: 2023-02-02 02:03:47 +0000 UTC Push: 2023-02-02 02:03:49 +0000 UTC |

Live-Hack-CVE/CVE-2023-0412 TIPC dissector crash in Wireshark 4.0.0 to 4.0.2 and 3.6.0 to 3.6.10 and allows denial of service via packet injection or crafted capture file CVE project by @Sn0wAlice Create: 2023-02-02 02:03:43 +0000 UTC Push: 2023-02-02 02:03:46 +0000 UTC |

Live-Hack-CVE/CVE-2023-0411 Excessive loops in multiple dissectors in Wireshark 4.0.0 to 4.0.2 and 3.6.0 to 3.6.10 and allows denial of service via packet injection or crafted capture file CVE project by @Sn0wAlice Create: 2023-02-02 02:03:40 +0000 UTC Push: 2023-02-02 02:03:42 +0000 UTC |

Live-Hack-CVE/CVE-2019-10957 Geutebruck IP Cameras G-Code(EEC-2xxx), G-Cam(EBC-21xx/EFD-22xx/ETHC-22xx/EWPC-22xx): All versions 1.12.0.25 and prior may allow a remote authenticated attacker with access to event configuration to store malicious code on the server, which could later be triggered by a legitimate user resulting in code execution withi CVE project by @Sn0wAlice Create: 2023-02-02 02:03:36 +0000 UTC Push: 2023-02-02 02:03:39 +0000 UTC |

Live-Hack-CVE/CVE-2022-25350 All versions of the package puppet-facter are vulnerable to Command Injection via the getFact function due to improper input sanitization. CVE project by @Sn0wAlice Create: 2023-02-02 02:03:33 +0000 UTC Push: 2023-02-02 02:03:35 +0000 UTC |

Live-Hack-CVE/CVE-2020-22327 An issue was discovered in HFish 0.5.1. When a payload is inserted where the name is entered, XSS code is triggered when the administrator views the information. CVE project by @Sn0wAlice Create: 2023-02-02 02:03:29 +0000 UTC Push: 2023-02-02 02:03:31 +0000 UTC |

Live-Hack-CVE/CVE-2018-3964 An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's Foxit PDF Reader version 9.1.0.5096. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the user to open the malic CVE project by @Sn0wAlice Create: 2023-02-02 02:03:24 +0000 UTC Push: 2023-02-02 02:03:28 +0000 UTC |

Live-Hack-CVE/CVE-2022-21192 All versions of the package serve-lite are vulnerable to Directory Traversal due to missing input sanitization or other checks and protections employed to the req.url passed as-is to path.join(). CVE project by @Sn0wAlice Create: 2023-02-02 02:03:21 +0000 UTC Push: 2023-02-02 02:03:23 +0000 UTC |

Live-Hack-CVE/CVE-2014-4982 LPAR2RRD ? 4.53 and ? 3.5 has arbitrary command injection on the application server. CVE project by @Sn0wAlice Create: 2023-02-02 02:03:17 +0000 UTC Push: 2023-02-02 02:03:19 +0000 UTC |

Live-Hack-CVE/CVE-2014-4984 Déjà Vu Crescendo Sales CRM has remote SQL Injection CVE project by @Sn0wAlice Create: 2023-02-02 02:03:13 +0000 UTC Push: 2023-02-02 02:03:15 +0000 UTC |

Live-Hack-CVE/CVE-2019-14302 On Ricoh SP C250DN 1.06 devices, a debug port can be used. CVE project by @Sn0wAlice Create: 2023-02-02 02:03:09 +0000 UTC Push: 2023-02-02 02:03:11 +0000 UTC |

Live-Hack-CVE/CVE-2022-29843 A command injection vulnerability in the DDNS service configuration of Western Digital My Cloud OS 5 devices running firmware versions prior to 5.26.119 allows an attacker to execute code in the context of the root user. CVE project by @Sn0wAlice Create: 2023-02-02 02:03:05 +0000 UTC Push: 2023-02-02 02:03:08 +0000 UTC |

Live-Hack-CVE/CVE-2019-14301 Ricoh SP C250DN 1.06 devices have Incorrect Access Control (issue 1 of 2). CVE project by @Sn0wAlice Create: 2023-02-02 02:03:02 +0000 UTC Push: 2023-02-02 02:03:04 +0000 UTC |

Live-Hack-CVE/CVE-2022-29844 A vulnerability in the FTP service of Western Digital My Cloud OS 5 devices running firmware versions prior to 5.26.119 allows an attacker to read and write arbitrary files. This could lead to a full NAS compromise and would give remote execution capabilities to the attacker. CVE project by @Sn0wAlice Create: 2023-02-02 02:02:58 +0000 UTC Push: 2023-02-02 02:03:00 +0000 UTC |

Live-Hack-CVE/CVE-2020-22452 SQL Injection vulnerability in function getTableCreationQuery in CreateAddField.php in phpMyAdmin 5.x before 5.2.0 via the tbl_storage_engine or tbl_collation parameters to tbl_create.php. CVE project by @Sn0wAlice Create: 2023-02-02 02:02:54 +0000 UTC Push: 2023-02-02 02:02:56 +0000 UTC |

Live-Hack-CVE/CVE-2022-31704 The vRealize Log Insight contains a broken access control vulnerability. An unauthenticated malicious actor can remotely inject code into sensitive files of an impacted appliance which can result in remote code execution. CVE project by @Sn0wAlice Create: 2023-02-02 02:02:50 +0000 UTC Push: 2023-02-02 02:02:52 +0000 UTC |