Live-Hack-CVE/CVE-2023-22850 Tiki before 24.1, when the Spreadsheets feature is enabled, allows lib/sheet/grid.php PHP Object Injection because of an unserialize call. CVE project by @Sn0wAlice Create: 2023-01-26 04:05:15 +0000 UTC Push: 2023-01-26 04:05:18 +0000 UTC |

Live-Hack-CVE/CVE-2023-21860 Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: Internal Operations). Supported versions that are affected are 7.4.38 and prior, 7.5.28 and prior, 7.6.24 and prior and 8.0.31 and prior. Difficult to exploit vulnerability allows high privileged attacker with access to the physical commu CVE project by @Sn0wAlice Create: 2023-01-26 01:54:52 +0000 UTC Push: 2023-01-26 01:54:54 +0000 UTC |

Live-Hack-CVE/CVE-2022-38469 An unauthorized user with network access and the decryption key could decrypt sensitive data, such as usernames and passwords. CVE project by @Sn0wAlice Create: 2023-01-26 01:54:47 +0000 UTC Push: 2023-01-26 01:54:50 +0000 UTC |

Live-Hack-CVE/CVE-2023-22875 IBM QRadar SIEM 7.4 and 7.5copies certificate key files used for SSL/TLS in the QRadar web user interface to managed hosts in the deployment that do not require that key. IBM X-Force ID: 244356. CVE project by @Sn0wAlice Create: 2023-01-26 01:54:36 +0000 UTC Push: 2023-01-26 01:54:39 +0000 UTC |

Live-Hack-CVE/CVE-2022-40319 The LISTSERV 17 web interface allows remote attackers to conduct Insecure Direct Object References (IDOR) attacks via a modified email address in a wa.exe URL. The impact is unauthorized modification of a victim's LISTSERV account. CVE project by @Sn0wAlice Create: 2023-01-26 01:54:31 +0000 UTC Push: 2023-01-26 01:54:33 +0000 UTC |

Live-Hack-CVE/CVE-2022-3650 A privilege escalation flaw was found in Ceph. Ceph-crash.service allows a local attacker to escalate privileges to root in the form of a crash dump, and dump privileged information. CVE project by @Sn0wAlice Create: 2023-01-26 01:54:25 +0000 UTC Push: 2023-01-26 01:54:27 +0000 UTC |

Live-Hack-CVE/CVE-2023-22499 Deno is a runtime for JavaScript and TypeScript that uses V8 and is built in Rust. Multi-threaded programs were able to spoof interactive permission prompt by rewriting the prompt to suggest that program is waiting on user confirmation to unrelated action. A malicious program could clear the terminal screen after permi CVE project by @Sn0wAlice Create: 2023-01-26 01:54:21 +0000 UTC Push: 2023-01-26 01:54:23 +0000 UTC |

Live-Hack-CVE/CVE-2022-43494 An unauthorized user could be able to read any file on the system, potentially exposing sensitive information. CVE project by @Sn0wAlice Create: 2023-01-26 01:54:16 +0000 UTC Push: 2023-01-26 01:54:18 +0000 UTC |

Live-Hack-CVE/CVE-2022-46331 An unauthorized user could possibly delete any file on the system. CVE project by @Sn0wAlice Create: 2023-01-26 01:54:12 +0000 UTC Push: 2023-01-26 01:54:15 +0000 UTC |

Live-Hack-CVE/CVE-2023-21882 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.31 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulner CVE project by @Sn0wAlice Create: 2023-01-25 23:42:48 +0000 UTC Push: 2023-01-25 23:42:50 +0000 UTC |

Live-Hack-CVE/CVE-2023-21887 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: GIS). Supported versions that are affected are 8.0.31 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerabilit CVE project by @Sn0wAlice Create: 2023-01-25 23:42:44 +0000 UTC Push: 2023-01-25 23:42:46 +0000 UTC |

Live-Hack-CVE/CVE-2023-21886 Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 6.1.42 and prior to 7.0.6. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle VM VirtualBox. CVE project by @Sn0wAlice Create: 2023-01-25 23:42:40 +0000 UTC Push: 2023-01-25 23:42:42 +0000 UTC |

Live-Hack-CVE/CVE-2023-21885 Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 6.1.42 and prior to 7.0.6. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise CVE project by @Sn0wAlice Create: 2023-01-25 23:42:36 +0000 UTC Push: 2023-01-25 23:42:39 +0000 UTC |

Live-Hack-CVE/CVE-2023-21884 Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 6.1.42 and prior to 7.0.6. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise CVE project by @Sn0wAlice Create: 2023-01-25 23:42:32 +0000 UTC Push: 2023-01-25 23:42:35 +0000 UTC |

Live-Hack-CVE/CVE-2023-21889 Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 6.1.42 and prior to 7.0.6. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise CVE project by @Sn0wAlice Create: 2023-01-25 23:42:29 +0000 UTC Push: 2023-01-25 23:42:31 +0000 UTC |

Live-Hack-CVE/CVE-2023-21888 Vulnerability in the Primavera Gateway product of Oracle Construction and Engineering (component: WebUI). Supported versions that are affected are 18.8.0-18.8.15, 19.12.0-19.12.15, 20.12.0-20.12.10 and 21.12.0-21.12.8. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to com CVE project by @Sn0wAlice Create: 2023-01-25 23:42:24 +0000 UTC Push: 2023-01-25 23:42:27 +0000 UTC |

Live-Hack-CVE/CVE-2023-21892 Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Fusion Middleware (component: Visual Analyzer). Supported versions that are affected are 5.9.0.0.0 and 6.4.0.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Bus CVE project by @Sn0wAlice Create: 2023-01-25 23:42:20 +0000 UTC Push: 2023-01-25 23:42:23 +0000 UTC |

Live-Hack-CVE/CVE-2023-21890 Vulnerability in the Oracle Communications Converged Application Server product of Oracle Communications (component: Core). Supported versions that are affected are 7.1.0 and 8.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via UDP to compromise Oracle Communications Converg CVE project by @Sn0wAlice Create: 2023-01-25 23:42:17 +0000 UTC Push: 2023-01-25 23:42:19 +0000 UTC |

Live-Hack-CVE/CVE-2023-21893 Vulnerability in the Oracle Data Provider for .NET component of Oracle Database Server. Supported versions that are affected are 19c and 21c. Difficult to exploit vulnerability allows unauthenticated attacker with network access via TCPS to compromise Oracle Data Provider for .NET. Successful attacks require human i CVE project by @Sn0wAlice Create: 2023-01-25 23:42:12 +0000 UTC Push: 2023-01-25 23:42:14 +0000 UTC |

Live-Hack-CVE/CVE-2023-21900 Vulnerability in the Oracle Solaris product of Oracle Systems (component: NSSwitch). Supported versions that are affected are 10 and 11. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise Oracle Solaris. Successful attacks require human interac CVE project by @Sn0wAlice Create: 2023-01-25 23:42:08 +0000 UTC Push: 2023-01-25 23:42:10 +0000 UTC |