Live-Hack-CVE/CVE-2023-23279 Canteen Management System 1.0 is vulnerable to SQL Injection via /php_action/getOrderReport.php. CVE project by @Sn0wAlice Create: 2023-02-18 06:13:30 +0000 UTC Push: 2023-02-18 06:13:32 +0000 UTC |

Live-Hack-CVE/CVE-2022-43579 IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.7 and 6.1.0.0 through 6.1.2.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted CVE project by @Sn0wAlice Create: 2023-02-18 06:13:27 +0000 UTC Push: 2023-02-18 06:13:29 +0000 UTC |

Live-Hack-CVE/CVE-2022-40231 IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.7 and 6.1.0.0 through 6.1.2.0 could allow an authenticated user to perform unauthorized actions due to improper access controls. IBM X-Force ID: 235533. CVE project by @Sn0wAlice Create: 2023-02-18 06:13:23 +0000 UTC Push: 2023-02-18 06:13:25 +0000 UTC |

Live-Hack-CVE/CVE-2022-34351 IBM QRadar SIEM 7.4 and 7.5 is vulnerable to information exposure allowing a non-tenant user with a specific domain security profile assigned to see some data from other domains. IBM X-Force ID: 230402. CVE project by @Sn0wAlice Create: 2023-02-18 06:13:20 +0000 UTC Push: 2023-02-18 06:13:22 +0000 UTC |

Live-Hack-CVE/CVE-2022-33934 Dell PowerScale OneFS, versions 8.2.x through 9.4.x contain multiple stored cross-site scripting vulnerabilities. A remote authenticated malicious user with high privileges may potentially exploit these vulnerabilities to store malicious HTML or JavaScript code through multiple affected fields. CVE project by @Sn0wAlice Create: 2023-02-18 06:13:15 +0000 UTC Push: 2023-02-18 06:13:18 +0000 UTC |

Live-Hack-CVE/CVE-2021-34250 ** REJECT ** DO NOT USE THIS CVE RECORD. ConsultIDs: CVE-2021-33396. Reason: This record is a duplicate of CVE-2021-33396. Notes: All CVE users should reference CVE-2021-33396 instead of this record. All references and descriptions in this record have been removed to prevent accidental usage. CVE project by @Sn0wAlice Create: 2023-02-18 06:13:12 +0000 UTC Push: 2023-02-18 06:13:14 +0000 UTC |

Live-Hack-CVE/CVE-2022-34376 Dell PowerEdge BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by manipulating an SMI to cause a denial of service during SMM. CVE project by @Sn0wAlice Create: 2023-02-18 06:13:07 +0000 UTC Push: 2023-02-18 06:13:09 +0000 UTC |

Live-Hack-CVE/CVE-2023-24809 NetHack is a single player dungeon exploration game. Starting with version 3.6.2 and prior to version 3.6.7, illegal input to the "C" (call) command can cause a buffer overflow and crash the NetHack process. This vulnerability may be a security issue for systems that have NetHack installed suid/sgid and for shared syst CVE project by @Sn0wAlice Create: 2023-02-18 06:13:03 +0000 UTC Push: 2023-02-18 06:13:06 +0000 UTC |

Live-Hack-CVE/CVE-2023-23923 The vulnerability was found Moodle which exists due to insufficient limitations on the "start page" preference. A remote attacker can set that preference for another user. The vulnerability allows a remote attacker to gain unauthorized access to otherwise restricted functionality. CVE project by @Sn0wAlice Create: 2023-02-18 06:13:00 +0000 UTC Push: 2023-02-18 06:13:02 +0000 UTC |

Live-Hack-CVE/CVE-2023-23922 The vulnerability was found Moodle which exists due to insufficient sanitization of user-supplied data in blog search. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website. This flaw allows a remote attack CVE project by @Sn0wAlice Create: 2023-02-18 06:12:56 +0000 UTC Push: 2023-02-18 06:12:58 +0000 UTC |

Live-Hack-CVE/CVE-2023-23921 The vulnerability was found Moodle which exists due to insufficient sanitization of user-supplied data in some returnurl parameters. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website. This flaw allows a CVE project by @Sn0wAlice Create: 2023-02-18 06:12:52 +0000 UTC Push: 2023-02-18 06:12:55 +0000 UTC |

Live-Hack-CVE/CVE-2023-21451 A Stack-based overflow vulnerability in IpcRxEmbmsSessionList in SECRIL prior to Android S(12) allows attacker to cause memory corruptions. CVE project by @Sn0wAlice Create: 2023-02-18 06:12:49 +0000 UTC Push: 2023-02-18 06:12:51 +0000 UTC |

Live-Hack-CVE/CVE-2023-21420 Use of Externally-Controlled Format String vulnerabilities in STST TA prior to SMR Jan-2023 Release 1 allows arbitrary code execution. CVE project by @Sn0wAlice Create: 2023-02-18 06:12:45 +0000 UTC Push: 2023-02-18 06:12:47 +0000 UTC |

Live-Hack-CVE/CVE-2023-21446 Improper input validation in MyFiles prior to version 12.2.09 in Android R(11), 13.1.03.501 in Android S( 12) and 14.1.00.422 in Android T(13) allows local attacker to access data of MyFiles. CVE project by @Sn0wAlice Create: 2023-02-18 06:12:41 +0000 UTC Push: 2023-02-18 06:12:44 +0000 UTC |

Live-Hack-CVE/CVE-2023-24348 D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the curTime parameter at /goform/formSetACLFilter. CVE project by @Sn0wAlice Create: 2023-02-18 06:12:38 +0000 UTC Push: 2023-02-18 06:12:40 +0000 UTC |

Live-Hack-CVE/CVE-2023-24349 D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the curTime parameter at /goform/formSetRoute. CVE project by @Sn0wAlice Create: 2023-02-18 06:12:35 +0000 UTC Push: 2023-02-18 06:12:37 +0000 UTC |

Live-Hack-CVE/CVE-2023-24352 D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the webpage parameter at /goform/formWPS. CVE project by @Sn0wAlice Create: 2023-02-18 06:12:31 +0000 UTC Push: 2023-02-18 06:12:33 +0000 UTC |

Live-Hack-CVE/CVE-2023-21445 Improper access control vulnerability in MyFiles prior to versions 12.2.09 in Android R(11), 13.1.03.501 in Android S(12) and 14.1.00.422 in Android T(13) allows local attacker to write file with MyFiles privilege via implicit intent. CVE project by @Sn0wAlice Create: 2023-02-18 06:12:28 +0000 UTC Push: 2023-02-18 06:12:30 +0000 UTC |

Live-Hack-CVE/CVE-2023-24350 D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the config.smtp_email_subject parameter at /goform/formSetEmail. CVE project by @Sn0wAlice Create: 2023-02-18 06:12:24 +0000 UTC Push: 2023-02-18 06:12:26 +0000 UTC |

eduardosantos1989/CVE-2023-22941 In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, an improperly-formatted ‘INGEST_EVAL’ parameter in a [Field Transformation](https://docs.splunk.com/Documentation/Splunk/latest/Knowledge/Managefieldtransforms) crashes the Splunk daemon (splunkd). CVE project by @Sn0wAlice Create: 2023-02-18 05:26:05 +0000 UTC Push: 2023-02-18 05:27:43 +0000 UTC |