GiovanniCrudo00/Docker-Vulnerabilities-CVE-2019-5736- Docker container vulnerabilities exploiting CVE-2019-5736 Create: 2023-01-24 03:04:56 +0000 UTC Push: 2023-01-24 03:04:56 +0000 UTC |

GiovanniCrudo00/Docker-Vulnerabilities-CVE-2019-5736 Docker container vulnerabilities exploiting CVE-2019-5736 Create: 2023-01-24 03:04:56 +0000 UTC Push: 2023-01-31 16:23:00 +0000 UTC |

Live-Hack-CVE/CVE-2023-22947 ** DISPUTED ** Insecure folder permissions in the Windows installation path of Shibboleth Service Provider (SP) before 3.4.1 allow an unprivileged local attacker to escalate privileges to SYSTEM via DLL planting in the service executable's folder. This occurs because the installation goes under C:\opt (rather than C:\P CVE project by @Sn0wAlice Create: 2023-01-24 01:23:23 +0000 UTC Push: 2023-01-24 01:23:25 +0000 UTC |

Live-Hack-CVE/CVE-2023-21592 Adobe InDesign version 18.0 (and earlier), 17.4 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim mus CVE project by @Sn0wAlice Create: 2023-01-24 01:23:19 +0000 UTC Push: 2023-01-24 01:23:21 +0000 UTC |

Live-Hack-CVE/CVE-2023-21591 Adobe InDesign version 18.0 (and earlier), 17.4 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim mus CVE project by @Sn0wAlice Create: 2023-01-24 01:23:15 +0000 UTC Push: 2023-01-24 01:23:17 +0000 UTC |

Live-Hack-CVE/CVE-2023-21590 Adobe InDesign version 18.0 (and earlier), 17.4 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. CVE project by @Sn0wAlice Create: 2023-01-24 01:23:11 +0000 UTC Push: 2023-01-24 01:23:13 +0000 UTC |

Live-Hack-CVE/CVE-2018-1000820 neo4j-contrib neo4j-apoc-procedures version before commit 45bc09c contains a XML External Entity (XXE) vulnerability in XML Parser that can result in Disclosure of confidential data, denial of service, SSRF, port scanning. This vulnerability appears to have been fixed in after commit 45bc09c. CVE project by @Sn0wAlice Create: 2023-01-24 01:23:07 +0000 UTC Push: 2023-01-24 01:23:09 +0000 UTC |

Live-Hack-CVE/CVE-2022-38725 An integer overflow in the RFC3164 parser in One Identity syslog-ng 3.0 through 3.37 allows remote attackers to cause a Denial of Service via crafted syslog input that is mishandled by the tcp or network function. syslog-ng Premium Edition 7.0.30 and syslog-ng Store Box 6.10.0 are also affected. CVE project by @Sn0wAlice Create: 2023-01-24 01:23:01 +0000 UTC Push: 2023-01-24 01:23:03 +0000 UTC |

Live-Hack-CVE/CVE-2022-46472 Helmet Store Showroom Site v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /hss/classes/Users.php?f=delete. CVE project by @Sn0wAlice Create: 2023-01-24 01:22:51 +0000 UTC Push: 2023-01-24 01:22:53 +0000 UTC |

Live-Hack-CVE/CVE-2022-46371 Alotcer - AR7088H-A firmware version 16.10.3 Information disclosure. Unspecified error message contains the default administrator user name. CVE project by @Sn0wAlice Create: 2023-01-24 01:22:47 +0000 UTC Push: 2023-01-24 01:22:50 +0000 UTC |

Live-Hack-CVE/CVE-2023-22597 InHand Networks InRouter 302, prior to version IR302 V3.5.56, and InRouter 615, prior to version InRouter6XX-S-V2.3.0.r5542, contain vulnerability CWE-319: Cleartext Transmission of Sensitive Information. They use an unsecured channel to communicate with the cloud platform by default. An unauthorized user could interce CVE project by @Sn0wAlice Create: 2023-01-24 01:22:44 +0000 UTC Push: 2023-01-24 01:22:46 +0000 UTC |

Live-Hack-CVE/CVE-2022-25027 The Forgotten Password functionality of Rocket TRUfusion Portal v7.9.2.1 allows remote attackers to bypass authentication and access restricted pages by validating the user's session token when the "Password forgotten?" button is clicked. CVE project by @Sn0wAlice Create: 2023-01-24 01:22:38 +0000 UTC Push: 2023-01-24 01:22:41 +0000 UTC |

Live-Hack-CVE/CVE-2017-16299 Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authentica CVE project by @Sn0wAlice Create: 2023-01-24 01:22:35 +0000 UTC Push: 2023-01-24 01:22:37 +0000 UTC |

Live-Hack-CVE/CVE-2017-16297 Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authentica CVE project by @Sn0wAlice Create: 2023-01-24 01:22:31 +0000 UTC Push: 2023-01-24 01:22:33 +0000 UTC |

Live-Hack-CVE/CVE-2017-16298 Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authentica CVE project by @Sn0wAlice Create: 2023-01-24 01:22:26 +0000 UTC Push: 2023-01-24 01:22:29 +0000 UTC |

Live-Hack-CVE/CVE-2017-16296 Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authentica CVE project by @Sn0wAlice Create: 2023-01-24 01:22:21 +0000 UTC Push: 2023-01-24 01:22:25 +0000 UTC |

Live-Hack-CVE/CVE-2017-16295 Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authentica CVE project by @Sn0wAlice Create: 2023-01-24 01:22:18 +0000 UTC Push: 2023-01-24 01:22:20 +0000 UTC |

Live-Hack-CVE/CVE-2022-46372 Alotcer - AR7088H-A firmware version 16.10.3 Command execution Improper validation of unspecified input field may allow Authenticated command execution. CVE project by @Sn0wAlice Create: 2023-01-24 01:22:14 +0000 UTC Push: 2023-01-24 01:22:16 +0000 UTC |

Live-Hack-CVE/CVE-2023-0440 Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository healthchecks/healthchecks prior to v2.6. CVE project by @Sn0wAlice Create: 2023-01-24 00:16:46 +0000 UTC Push: 2023-01-24 00:16:48 +0000 UTC |

Live-Hack-CVE/CVE-2023-0438 Cross-Site Request Forgery (CSRF) in GitHub repository modoboa/modoboa prior to 2.0.4. CVE project by @Sn0wAlice Create: 2023-01-24 00:16:42 +0000 UTC Push: 2023-01-24 00:16:44 +0000 UTC |