Live-Hack-CVE/CVE-2022-25978 All versions of the package github.com/usememos/memos/server are vulnerable to Cross-site Scripting (XSS) due to insufficient checks on external resources, which allows malicious actors to introduce links starting with a javascript: scheme. CVE project by @Sn0wAlice Create: 2023-02-15 14:47:09 +0000 UTC Push: 2023-02-15 14:47:11 +0000 UTC |

Small-ears/CVE-2023-0297 poc Create: 2023-02-15 14:28:40 +0000 UTC Push: 2023-02-15 14:28:41 +0000 UTC |

bypazs/CVE-2023-26982 Trudesk v1.2.6 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Add Tags parameter under the Create Ticket function. Create: 2023-02-15 12:49:38 +0000 UTC Push: 2023-03-29 02:00:52 +0000 UTC |

Live-Hack-CVE/CVE-2023-23618 Git for Windows is the Windows port of the revision control system Git. Prior to Git for Windows version 2.39.2, when `gitk` is run on Windows, it potentially runs executables from the current directory inadvertently, which can be exploited with some social engineering to trick users into running untrusted code. A patc CVE project by @Sn0wAlice Create: 2023-02-15 10:18:05 +0000 UTC Push: 2023-02-15 10:18:07 +0000 UTC |

Live-Hack-CVE/CVE-2023-23381 Visual Studio Remote Code Execution Vulnerability CVE project by @Sn0wAlice Create: 2023-02-15 10:18:01 +0000 UTC Push: 2023-02-15 10:18:03 +0000 UTC |

Live-Hack-CVE/CVE-2023-22743 Git for Windows is the Windows port of the revision control system Git. Prior to Git for Windows version 2.39.2, by carefully crafting DLL and putting into a subdirectory of a specific name living next to the Git for Windows installer, Windows can be tricked into side-loading said DLL. This potentially allows users wit CVE project by @Sn0wAlice Create: 2023-02-15 10:17:58 +0000 UTC Push: 2023-02-15 10:18:00 +0000 UTC |

Live-Hack-CVE/CVE-2022-29557 LexisNexis Firco Compliance Link 3.7 allows CSRF. CVE project by @Sn0wAlice Create: 2023-02-15 10:17:38 +0000 UTC Push: 2023-02-15 10:17:40 +0000 UTC |

Live-Hack-CVE/CVE-2023-21823 Windows Graphics Component Remote Code Execution Vulnerability CVE project by @Sn0wAlice Create: 2023-02-15 08:06:14 +0000 UTC Push: 2023-02-15 08:06:16 +0000 UTC |

Live-Hack-CVE/CVE-2023-21815 Visual Studio Remote Code Execution Vulnerability CVE project by @Sn0wAlice Create: 2023-02-15 08:06:10 +0000 UTC Push: 2023-02-15 08:06:12 +0000 UTC |

Live-Hack-CVE/CVE-2023-21808 .NET and Visual Studio Remote Code Execution Vulnerability CVE project by @Sn0wAlice Create: 2023-02-15 08:06:07 +0000 UTC Push: 2023-02-15 08:06:09 +0000 UTC |

Live-Hack-CVE/CVE-2023-21778 Microsoft Dynamics Unified Service Desk Remote Code Execution Vulnerability CVE project by @Sn0wAlice Create: 2023-02-15 08:06:03 +0000 UTC Push: 2023-02-15 08:06:05 +0000 UTC |

Live-Hack-CVE/CVE-2023-21567 Visual Studio Denial of Service Vulnerability CVE project by @Sn0wAlice Create: 2023-02-15 08:05:59 +0000 UTC Push: 2023-02-15 08:06:01 +0000 UTC |

Live-Hack-CVE/CVE-2023-21566 Visual Studio Elevation of Privilege Vulnerability CVE project by @Sn0wAlice Create: 2023-02-15 08:05:54 +0000 UTC Push: 2023-02-15 08:05:57 +0000 UTC |

Live-Hack-CVE/CVE-2023-21553 Azure DevOps Server Remote Code Execution Vulnerability CVE project by @Sn0wAlice Create: 2023-02-15 08:05:51 +0000 UTC Push: 2023-02-15 08:05:53 +0000 UTC |

Live-Hack-CVE/CVE-2017-7487 The ipxitf_ioctl function in net/ipx/af_ipx.c in the Linux kernel through 4.11.1 mishandles reference counts, which allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a failed SIOCGIFADDR ioctl call for an IPX interface. CVE project by @Sn0wAlice Create: 2023-02-15 08:05:47 +0000 UTC Push: 2023-02-15 08:05:49 +0000 UTC |

Live-Hack-CVE/CVE-2017-7482 In the Linux kernel before version 4.12, Kerberos 5 tickets decoded when using the RXRPC keys incorrectly assumes the size of a field. This could lead to the size-remaining variable wrapping and the data pointer going over the end of the buffer. This could possibly lead to memory corruption and possible privilege escal CVE project by @Sn0wAlice Create: 2023-02-15 08:05:43 +0000 UTC Push: 2023-02-15 08:05:45 +0000 UTC |

Live-Hack-CVE/CVE-2017-7541 The brcmf_cfg80211_mgmt_tx function in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux kernel before 4.12.3 allows local users to cause a denial of service (buffer overflow and system crash) or possibly gain privileges via a crafted NL80211_CMD_FRAME Netlink packet. CVE project by @Sn0wAlice Create: 2023-02-15 08:05:39 +0000 UTC Push: 2023-02-15 08:05:42 +0000 UTC |

Live-Hack-CVE/CVE-2017-7374 Use-after-free vulnerability in fs/crypto/ in the Linux kernel before 4.10.7 allows local users to cause a denial of service (NULL pointer dereference) or possibly gain privileges by revoking keyring keys being used for ext4, f2fs, or ubifs encryption, causing cryptographic transform objects to be freed prematurely. CVE project by @Sn0wAlice Create: 2023-02-15 08:05:36 +0000 UTC Push: 2023-02-15 08:05:38 +0000 UTC |

Live-Hack-CVE/CVE-2023-23074 Cross site scripting (XSS) vulnerability in Zoho ManageEngine ServiceDesk Plus 14 via embedding videos in the language component. CVE project by @Sn0wAlice Create: 2023-02-15 08:05:26 +0000 UTC Push: 2023-02-15 08:05:28 +0000 UTC |

Live-Hack-CVE/CVE-2023-25724 ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none. CVE project by @Sn0wAlice Create: 2023-02-15 08:05:20 +0000 UTC Push: 2023-02-15 08:05:23 +0000 UTC |