Live-Hack-CVE/CVE-2023-23899 Cross-Site Request Forgery (CSRF) vulnerability in HasThemes Extensions For CF7 plugin <= 2.0.8 versions leads to arbitrary plugin activation. CVE project by @Sn0wAlice Create: 2023-02-18 01:48:07 +0000 UTC Push: 2023-02-18 01:48:10 +0000 UTC |

Live-Hack-CVE/CVE-2022-45701 Arris TG2482A firmware through 9.1.103GEM9 allow Remote Code Execution (RCE) via the ping utility feature. CVE project by @Sn0wAlice Create: 2023-02-18 01:48:04 +0000 UTC Push: 2023-02-18 01:48:06 +0000 UTC |

Live-Hack-CVE/CVE-2020-29168 SQL Injection vulnerability in Projectworlds Online Doctor Appointment Booking System, allows attackers to gain sensitive information via the q parameter to the getuser.php endpoint. CVE project by @Sn0wAlice Create: 2023-02-18 01:48:00 +0000 UTC Push: 2023-02-18 01:48:02 +0000 UTC |

Live-Hack-CVE/CVE-2023-21431 Improper input validation in Bixby Vision prior to version 3.7.70.17 allows attacker to access data of Bixby Vision. CVE project by @Sn0wAlice Create: 2023-02-18 01:47:55 +0000 UTC Push: 2023-02-18 01:47:58 +0000 UTC |

Live-Hack-CVE/CVE-2023-21433 Improper access control vulnerability in Galaxy Store prior to version 4.5.49.8 allows local attackers to install applications from Galaxy Store. CVE project by @Sn0wAlice Create: 2023-02-18 01:47:52 +0000 UTC Push: 2023-02-18 01:47:54 +0000 UTC |

Live-Hack-CVE/CVE-2023-21443 Improper cryptographic implementation in Samsung Flow for Android prior to version 4.9.04 allows adjacent attackers to decrypt encrypted messages or inject commands. CVE project by @Sn0wAlice Create: 2023-02-18 01:47:49 +0000 UTC Push: 2023-02-18 01:47:51 +0000 UTC |

Live-Hack-CVE/CVE-2023-21444 Improper cryptographic implementation in Samsung Flow for PC 4.9.14.0 allows adjacent attackers to decrypt encrypted messages or inject commands. CVE project by @Sn0wAlice Create: 2023-02-18 01:47:45 +0000 UTC Push: 2023-02-18 01:47:47 +0000 UTC |

Live-Hack-CVE/CVE-2023-21447 Improper access control vulnerabilities in Samsung Cloud prior to version 5.3.0.32 allows local attackers to access information with Samsung Cloud's privilege via implicit intent. CVE project by @Sn0wAlice Create: 2023-02-18 01:47:41 +0000 UTC Push: 2023-02-18 01:47:44 +0000 UTC |

Live-Hack-CVE/CVE-2023-21448 Path traversal vulnerability in Samsung Cloud prior to version 5.3.0.32 allows attacker to access specific png file. CVE project by @Sn0wAlice Create: 2023-02-18 01:47:38 +0000 UTC Push: 2023-02-18 01:47:40 +0000 UTC |

Live-Hack-CVE/CVE-2023-21450 Missing Authorization vulnerability in One Hand Operation + prior to version 6.1.21 allows multi-users to access owner's widget without authorization via gesture setting. CVE project by @Sn0wAlice Create: 2023-02-18 01:47:34 +0000 UTC Push: 2023-02-18 01:47:37 +0000 UTC |

Live-Hack-CVE/CVE-2023-23007 An issue was discovered in ESPCMS P8.21120101 after logging in to the background, there is a SQL injection vulnerability in the function node where members are added. CVE project by @Sn0wAlice Create: 2023-02-18 01:47:29 +0000 UTC Push: 2023-02-18 01:47:31 +0000 UTC |

Live-Hack-CVE/CVE-2022-47986 IBM Aspera Faspex 4.4.1 could allow a remote attacker to execute arbitrary code on the system, caused by a YAML deserialization flaw. By sending a specially crafted obsolete API call, an attacker could exploit this vulnerability to execute arbitrary code on the system. The obsolete API call was removed in Faspex 4.4.2 CVE project by @Sn0wAlice Create: 2023-02-18 01:47:25 +0000 UTC Push: 2023-02-18 01:47:27 +0000 UTC |

Live-Hack-CVE/CVE-2023-23592 WALLIX Access Manager 3.x through 4.0.x allows a remote attacker to access sensitive information. CVE project by @Sn0wAlice Create: 2023-02-18 01:47:21 +0000 UTC Push: 2023-02-18 01:47:24 +0000 UTC |

Live-Hack-CVE/CVE-2022-21940 Sensitive Cookie in HTTPS Session Without 'Secure' Attribute vulnerability in Johnson Controls System Configuration Tool (SCT) version 14 prior to 14.2.3 and version 15 prior to 15.0.3 could allow access to the cookie. CVE project by @Sn0wAlice Create: 2023-02-18 01:47:17 +0000 UTC Push: 2023-02-18 01:47:19 +0000 UTC |

Live-Hack-CVE/CVE-2022-45699 Command injection in the administration interface in APSystems ECU-R version 5203 allows a remote unauthenticated attacker to execute arbitrary commands as root using the timezone parameter. CVE project by @Sn0wAlice Create: 2023-02-18 01:47:13 +0000 UTC Push: 2023-02-18 01:47:15 +0000 UTC |

Live-Hack-CVE/CVE-2022-48301 The bundle management module lacks permission verification in some APIs. Successful exploitation of this vulnerability may restore the pre-installed apps that have been uninstalled. CVE project by @Sn0wAlice Create: 2023-02-17 23:37:11 +0000 UTC Push: 2023-02-17 23:37:14 +0000 UTC |

Live-Hack-CVE/CVE-2022-48296 The SystemUI has a vulnerability in permission management. Successful exploitation of this vulnerability may cause users to receive broadcasts from malicious apps, conveying false alarm information about external storage devices. CVE project by @Sn0wAlice Create: 2023-02-17 23:37:08 +0000 UTC Push: 2023-02-17 23:37:10 +0000 UTC |

Live-Hack-CVE/CVE-2023-0575 External Control of Critical State Data, Improper Control of Generation of Code ('Code Injection') vulnerability in YugaByte, Inc. Yugabyte DB on Windows, Linux, MacOS, iOS (DevopsBase.Java:execCommand, TableManager.Java:runCommand modules) allows API Manipulation, Privilege Abuse. This vulnerability is associated with CVE project by @Sn0wAlice Create: 2023-02-17 23:37:04 +0000 UTC Push: 2023-02-17 23:37:06 +0000 UTC |

Live-Hack-CVE/CVE-2022-48295 The IHwAntiMalPlugin interface lacks permission verification. Successful exploitation of this vulnerability can lead to filling problems (batch installation of applications). CVE project by @Sn0wAlice Create: 2023-02-17 23:37:00 +0000 UTC Push: 2023-02-17 23:37:02 +0000 UTC |

Live-Hack-CVE/CVE-2022-48294 The IHwAttestationService interface has a defect in authentication. Successful exploitation of this vulnerability may affect data confidentiality. CVE project by @Sn0wAlice Create: 2023-02-17 23:36:54 +0000 UTC Push: 2023-02-17 23:36:56 +0000 UTC |