Live-Hack-CVE/CVE-2023-25576 @fastify/multipart is a Fastify plugin to parse the multipart content-type. Prior to versions 7.4.1 and 6.0.1, @fastify/multipart may experience denial of service due to a number of situations in which an unlimited number of parts are accepted. This includes the multipart body parser accepting an unlimited number of fi CVE project by @Sn0wAlice Create: 2023-02-15 02:32:45 +0000 UTC Push: 2023-02-15 02:32:47 +0000 UTC |

Live-Hack-CVE/CVE-2022-22564 Dell EMC Unity versions before 5.2.0.0.5.173 , use(es) broken cryptographic algorithm. A remote unauthenticated attacker could potentially exploit this vulnerability by performing MitM attacks and let attackers obtain sensitive information. CVE project by @Sn0wAlice Create: 2023-02-15 02:32:41 +0000 UTC Push: 2023-02-15 02:32:43 +0000 UTC |

Live-Hack-CVE/CVE-2021-46023 An Untrusted Pointer Dereference was discovered in function mrb_vm_exec in mruby before 3.1.0-rc. The vulnerability causes a segmentation fault and application crash. CVE project by @Sn0wAlice Create: 2023-02-15 02:32:37 +0000 UTC Push: 2023-02-15 02:32:40 +0000 UTC |

Live-Hack-CVE/CVE-2023-24557 A vulnerability has been identified in Solid Edge SE2022 (All versions < V2210Update12), Solid Edge SE2023 (All versions < V2023Update2). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted PAR files. This could allow an attacker to execute code CVE project by @Sn0wAlice Create: 2023-02-14 23:17:15 +0000 UTC Push: 2023-02-14 23:17:17 +0000 UTC |

Live-Hack-CVE/CVE-2023-24556 A vulnerability has been identified in Solid Edge SE2022 (All versions < V2210Update12), Solid Edge SE2023 (All versions < V2023Update2). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted PAR files. This could allow an attacker to execute code CVE project by @Sn0wAlice Create: 2023-02-14 23:17:11 +0000 UTC Push: 2023-02-14 23:17:14 +0000 UTC |

Live-Hack-CVE/CVE-2023-24555 A vulnerability has been identified in Solid Edge SE2022 (All versions < V2210Update12), Solid Edge SE2023 (All versions < V2023Update2). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted PAR files. This could allow an attacker to execute code CVE project by @Sn0wAlice Create: 2023-02-14 23:17:07 +0000 UTC Push: 2023-02-14 23:17:10 +0000 UTC |

Live-Hack-CVE/CVE-2023-24554 A vulnerability has been identified in Solid Edge SE2022 (All versions < V2210Update12), Solid Edge SE2023 (All versions < V2023Update2). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted PAR files. This could allow an attacker to execute code CVE project by @Sn0wAlice Create: 2023-02-14 23:17:03 +0000 UTC Push: 2023-02-14 23:17:06 +0000 UTC |

Live-Hack-CVE/CVE-2023-24553 A vulnerability has been identified in Solid Edge SE2022 (All versions < V2210Update12), Solid Edge SE2023 (All versions < V2023Update2). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted PAR files. This could allow an attacker to execute code CVE project by @Sn0wAlice Create: 2023-02-14 23:16:59 +0000 UTC Push: 2023-02-14 23:17:02 +0000 UTC |

Live-Hack-CVE/CVE-2023-24552 A vulnerability has been identified in Solid Edge SE2022 (All versions < V2210Update12), Solid Edge SE2023 (All versions < V2023Update2). The affected application contains an out of bounds read past the end of an allocated buffer while parsing a specially crafted PAR file. This could allow an attacker to to execute cod CVE project by @Sn0wAlice Create: 2023-02-14 23:16:55 +0000 UTC Push: 2023-02-14 23:16:58 +0000 UTC |

Live-Hack-CVE/CVE-2023-24551 A vulnerability has been identified in Solid Edge SE2022 (All versions < V2210Update12), Solid Edge SE2023 (All versions < V2023Update2). The affected application is vulnerable to heap-based buffer underflow while parsing specially crafted PAR files. An attacker could leverage this vulnerability to execute code in the CVE project by @Sn0wAlice Create: 2023-02-14 23:16:51 +0000 UTC Push: 2023-02-14 23:16:54 +0000 UTC |

Live-Hack-CVE/CVE-2023-24550 A vulnerability has been identified in Solid Edge SE2022 (All versions < V2210Update12), Solid Edge SE2023 (All versions < V2023Update2). The affected application is vulnerable to heap-based buffer while parsing specially crafted PAR files. An attacker could leverage this vulnerability to execute code in the context of CVE project by @Sn0wAlice Create: 2023-02-14 23:16:47 +0000 UTC Push: 2023-02-14 23:16:50 +0000 UTC |

Live-Hack-CVE/CVE-2023-24549 A vulnerability has been identified in Solid Edge SE2022 (All versions < V2210Update12), Solid Edge SE2023 (All versions < V2023Update2). The affected application is vulnerable to stack-based buffer while parsing specially crafted PAR files. An attacker could leverage this vulnerability to execute code in the context o CVE project by @Sn0wAlice Create: 2023-02-14 23:16:44 +0000 UTC Push: 2023-02-14 23:16:46 +0000 UTC |

Live-Hack-CVE/CVE-2023-24482 A vulnerability has been identified in COMOS V10.2 (All versions), COMOS V10.3.3.1 (All versions < V10.3.3.1.45), COMOS V10.3.3.2 (All versions < V10.3.3.2.33), COMOS V10.3.3.3 (All versions < V10.3.3.3.9), COMOS V10.3.3.4 (All versions < V10.3.3.4.6), COMOS V10.4.0.0 (All versions < V10.4.0.0.31), COMOS V10.4.1.0 (All CVE project by @Sn0wAlice Create: 2023-02-14 23:16:40 +0000 UTC Push: 2023-02-14 23:16:42 +0000 UTC |

Live-Hack-CVE/CVE-2023-23835 A vulnerability has been identified in Mendix Applications using Mendix 7 (All versions < V7.23.34), Mendix Applications using Mendix 8 (All versions < V8.18.23), Mendix Applications using Mendix 9 (All versions < V9.22.0), Mendix Applications using Mendix 9 (V9.12) (All versions < V9.12.10), Mendix Applications using CVE project by @Sn0wAlice Create: 2023-02-14 23:16:36 +0000 UTC Push: 2023-02-14 23:16:38 +0000 UTC |

Live-Hack-CVE/CVE-2022-47977 A vulnerability has been identified in JT Open (All versions < V11.2.3.0), JT Utilities (All versions < V13.2.3.0). The affected application contains a memory corruption vulnerability while parsing specially crafted JT files. This could allow an attacker to execute code in the context of the current process. CVE project by @Sn0wAlice Create: 2023-02-14 23:16:32 +0000 UTC Push: 2023-02-14 23:16:35 +0000 UTC |

Live-Hack-CVE/CVE-2022-47936 A vulnerability has been identified in JT Open (All versions < V11.2.3.0), JT Utilities (All versions < V13.2.3.0), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.170), Parasolid V35.1 (All versions < V35.1.150). The affected application con CVE project by @Sn0wAlice Create: 2023-02-14 23:16:28 +0000 UTC Push: 2023-02-14 23:16:31 +0000 UTC |

Live-Hack-CVE/CVE-2022-35868 A vulnerability has been identified in TIA Multiuser Server V14 (All versions), TIA Multiuser Server V15 (All versions < V15.1 Update 8), TIA Project-Server (All versions < V1.1), TIA Project-Server V16 (All versions), TIA Project-Server V17 (All versions). Affected applications contain an untrusted search path vulnera CVE project by @Sn0wAlice Create: 2023-02-14 23:16:24 +0000 UTC Push: 2023-02-14 23:16:27 +0000 UTC |

Live-Hack-CVE/CVE-2022-31808 A vulnerability has been identified in SiPass integrated AC5102 (ACC-G2) (All versions < V2.85.44), SiPass integrated ACC-AP (All versions < V2.85.43). Affected devices improperly sanitize user input on the telnet command line interface. This could allow an authenticated user to escalate privileges by injecting arbitra CVE project by @Sn0wAlice Create: 2023-02-14 23:16:20 +0000 UTC Push: 2023-02-14 23:16:23 +0000 UTC |

Live-Hack-CVE/CVE-2023-25149 TimescaleDB, an open-source time-series SQL database, has a privilege escalation vulnerability in versions 2.8.0 through 2.9.2. During installation, TimescaleDB creates a telemetry job that is runs as the installation user. The queries run as part of the telemetry data collection were not run with a locked down `search CVE project by @Sn0wAlice Create: 2023-02-14 23:16:16 +0000 UTC Push: 2023-02-14 23:16:19 +0000 UTC |

Live-Hack-CVE/CVE-2023-25141 Apache Sling JCR Base < 3.1.12 has a critical injection vulnerability when running on old JDK versions (JDK 1.8.191 or earlier) through utility functions in RepositoryAccessor. The functions getRepository and getRepositoryFromURL allow an application to access data stored in a remote location via JDNI and RMI. Users of CVE project by @Sn0wAlice Create: 2023-02-14 23:16:12 +0000 UTC Push: 2023-02-14 23:16:15 +0000 UTC |