Live-Hack-CVE/CVE-2023-0024 SAP Solution Manager (BSP Application) - version 720, allows an authenticated attacker to craft a malicious link, which when clicked by an unsuspecting user, can be used to read or modify some sensitive information or craft a payload which may restrict access to the desired resources, resulting in Cross-Site Scripting CVE project by @Sn0wAlice Create: 2023-02-14 14:26:30 +0000 UTC Push: 2023-02-14 14:26:32 +0000 UTC |

Live-Hack-CVE/CVE-2023-0020 SAP BusinessObjects Business Intelligence platform - versions 420, 430, allows an authenticated attacker to access sensitive information which is otherwise restricted. On successful exploitation, there could be a high impact on confidentiality and limited impact on integrity of the application. CVE project by @Sn0wAlice Create: 2023-02-14 14:26:27 +0000 UTC Push: 2023-02-14 14:26:29 +0000 UTC |

Live-Hack-CVE/CVE-2023-0019 In SAP GRC (Process Control) - versions GRCFND_A V1200, GRCFND_A V8100, GRCPINW V1100_700, GRCPINW V1100_731, GRCPINW V1200_750, remote-enabled function module in the proprietary SAP solution enables an authenticated attacker with minimal privileges to access all the confidential data stored in the database. Successful CVE project by @Sn0wAlice Create: 2023-02-14 14:26:23 +0000 UTC Push: 2023-02-14 14:26:25 +0000 UTC |

timpen432/-Wh0Am1001-CVE-2023-21753 Create: 2023-02-14 12:43:39 +0000 UTC Push: 2023-02-17 11:43:16 +0000 UTC |

zwlsix/KeePass-CVE-2023-24055 KeePass CVE-2023-24055复现 Create: 2023-02-14 12:01:20 +0000 UTC Push: 2023-02-14 12:01:20 +0000 UTC |

Live-Hack-CVE/CVE-2023-0804 LibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in tools/tiffcrop.c:3609, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 33aee127. CVE project by @Sn0wAlice Create: 2023-02-14 09:52:44 +0000 UTC Push: 2023-02-14 09:52:47 +0000 UTC |

Live-Hack-CVE/CVE-2023-0803 LibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in tools/tiffcrop.c:3516, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 33aee127. CVE project by @Sn0wAlice Create: 2023-02-14 09:52:40 +0000 UTC Push: 2023-02-14 09:52:43 +0000 UTC |

Live-Hack-CVE/CVE-2023-0802 LibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in tools/tiffcrop.c:3724, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 33aee127. CVE project by @Sn0wAlice Create: 2023-02-14 09:52:37 +0000 UTC Push: 2023-02-14 09:52:39 +0000 UTC |

Live-Hack-CVE/CVE-2023-0801 LibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in libtiff/tif_unix.c:368, invoked by tools/tiffcrop.c:2903 and tools/tiffcrop.c:6778, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 33aee127. CVE project by @Sn0wAlice Create: 2023-02-14 09:52:33 +0000 UTC Push: 2023-02-14 09:52:35 +0000 UTC |

Live-Hack-CVE/CVE-2023-0800 LibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in tools/tiffcrop.c:3502, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 33aee127. CVE project by @Sn0wAlice Create: 2023-02-14 09:52:29 +0000 UTC Push: 2023-02-14 09:52:31 +0000 UTC |

Live-Hack-CVE/CVE-2023-0799 LibTIFF 4.4.0 has an out-of-bounds read in tiffcrop in tools/tiffcrop.c:3701, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit afaabc3e. CVE project by @Sn0wAlice Create: 2023-02-14 09:52:25 +0000 UTC Push: 2023-02-14 09:52:28 +0000 UTC |

Live-Hack-CVE/CVE-2023-0798 LibTIFF 4.4.0 has an out-of-bounds read in tiffcrop in tools/tiffcrop.c:3400, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit afaabc3e. CVE project by @Sn0wAlice Create: 2023-02-14 09:52:22 +0000 UTC Push: 2023-02-14 09:52:24 +0000 UTC |

Live-Hack-CVE/CVE-2023-0797 LibTIFF 4.4.0 has an out-of-bounds read in tiffcrop in libtiff/tif_unix.c:368, invoked by tools/tiffcrop.c:2903 and tools/tiffcrop.c:6921, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit afaabc3e. CVE project by @Sn0wAlice Create: 2023-02-14 09:52:18 +0000 UTC Push: 2023-02-14 09:52:21 +0000 UTC |

Live-Hack-CVE/CVE-2023-0796 LibTIFF 4.4.0 has an out-of-bounds read in tiffcrop in tools/tiffcrop.c:3592, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit afaabc3e. CVE project by @Sn0wAlice Create: 2023-02-14 09:52:15 +0000 UTC Push: 2023-02-14 09:52:17 +0000 UTC |

Live-Hack-CVE/CVE-2023-0795 LibTIFF 4.4.0 has an out-of-bounds read in tiffcrop in tools/tiffcrop.c:3488, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit afaabc3e. CVE project by @Sn0wAlice Create: 2023-02-14 09:52:11 +0000 UTC Push: 2023-02-14 09:52:14 +0000 UTC |

Live-Hack-CVE/CVE-2023-0518 An issue has been discovered in GitLab CE/EE affecting all versions starting from 14.0 before 15.6.7, all versions starting from 15.7 before 15.7.6, all versions starting from 15.8 before 15.8.1. It was possible to trigger a DoS attack by uploading a malicious Helm chart. CVE project by @Sn0wAlice Create: 2023-02-14 09:52:08 +0000 UTC Push: 2023-02-14 09:52:10 +0000 UTC |

Live-Hack-CVE/CVE-2022-4138 A Cross Site Request Forgery issue has been discovered in GitLab CE/EE affecting all versions before 15.6.7, all versions starting from 15.7 before 15.7.6, and all versions starting from 15.8 before 15.8.1. An attacker could take over a project if an Owner or Maintainer uploads a file to a malicious project. CVE project by @Sn0wAlice Create: 2023-02-14 09:52:04 +0000 UTC Push: 2023-02-14 09:52:06 +0000 UTC |

Live-Hack-CVE/CVE-2022-3759 An issue has been discovered in GitLab CE/EE affecting all versions starting from 14.3 before 15.6.7, all versions starting from 15.7 before 15.7.6, all versions starting from 15.8 before 15.8.1. An attacker may upload a crafted CI job artifact zip file in a project that uses dynamic child pipelines and make a sidekiq CVE project by @Sn0wAlice Create: 2023-02-14 09:52:00 +0000 UTC Push: 2023-02-14 09:52:02 +0000 UTC |

Live-Hack-CVE/CVE-2022-3411 A lack of length validation in GitLab CE/EE affecting all versions from 12.4 before 15.6.7, 15.7 before 15.7.6, and 15.8 before 15.8.1 allows an authenticated attacker to create a large Issue description via GraphQL which, when repeatedly requested, saturates CPU usage. CVE project by @Sn0wAlice Create: 2023-02-14 09:51:55 +0000 UTC Push: 2023-02-14 09:51:58 +0000 UTC |

Live-Hack-CVE/CVE-2023-0776 Baicells Nova 436Q, Nova 430E, Nova 430I, and Neutrino 430 LTE TDD eNodeB devices with firmware through QRTB 2.12.7 are vulnerable to remote shell code exploitation via HTTP command injections. Commands are executed using pre-login execution and executed with root permissions. The following methods below have been test CVE project by @Sn0wAlice Create: 2023-02-14 07:42:07 +0000 UTC Push: 2023-02-14 07:42:10 +0000 UTC |