Live-Hack-CVE/CVE-2023-21825 Vulnerability in the Oracle iSupplier Portal product of Oracle E-Business Suite (component: Supplier Management). Supported versions that are affected are 12.2.6-12.2.8. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle iSupplier Portal. Successful atta CVE project by @Sn0wAlice Create: 2023-01-18 09:53:03 +0000 UTC Push: 2023-01-18 09:53:06 +0000 UTC |

Live-Hack-CVE/CVE-2010-10006 A vulnerability, which was classified as problematic, was found in michaelliao jopenid. Affected is the function getAuthentication of the file JOpenId/src/org/expressme/openid/OpenIdManager.java. The manipulation leads to observable timing discrepancy. Upgrading to version 1.08 is able to address this issue. The name o CVE project by @Sn0wAlice Create: 2023-01-18 09:52:58 +0000 UTC Push: 2023-01-18 09:53:01 +0000 UTC |

Live-Hack-CVE/CVE-2016-1583 The ecryptfs_privileged_open function in fs/ecryptfs/kthread.c in the Linux kernel before 4.6.3 allows local users to gain privileges or cause a denial of service (stack memory consumption) via vectors involving crafted mmap calls for /proc pathnames, leading to recursive pagefault handling. CVE project by @Sn0wAlice Create: 2023-01-18 07:41:03 +0000 UTC Push: 2023-01-18 07:41:06 +0000 UTC |

Live-Hack-CVE/CVE-2016-2070 The tcp_cwnd_reduction function in net/ipv4/tcp_input.c in the Linux kernel before 4.3.5 allows remote attackers to cause a denial of service (divide-by-zero error and system crash) via crafted TCP traffic. CVE project by @Sn0wAlice Create: 2023-01-18 07:40:59 +0000 UTC Push: 2023-01-18 07:41:02 +0000 UTC |

Live-Hack-CVE/CVE-2016-3135 Integer overflow in the xt_alloc_table_info function in net/netfilter/x_tables.c in the Linux kernel through 4.5.2 on 32-bit platforms allows local users to gain privileges or cause a denial of service (heap memory corruption) via an IPT_SO_SET_REPLACE setsockopt call. CVE project by @Sn0wAlice Create: 2023-01-18 07:40:55 +0000 UTC Push: 2023-01-18 07:40:58 +0000 UTC |

Live-Hack-CVE/CVE-2016-4440 arch/x86/kvm/vmx.c in the Linux kernel through 4.6.3 mishandles the APICv on/off state, which allows guest OS users to obtain direct APIC MSR access on the host OS, and consequently cause a denial of service (host OS crash) or possibly execute arbitrary code on the host OS, via x2APIC mode. CVE project by @Sn0wAlice Create: 2023-01-18 07:40:50 +0000 UTC Push: 2023-01-18 07:40:53 +0000 UTC |

Live-Hack-CVE/CVE-2016-4557 The replace_map_fd_with_map_ptr function in kernel/bpf/verifier.c in the Linux kernel before 4.5.5 does not properly maintain an fd data structure, which allows local users to gain privileges or cause a denial of service (use-after-free) via crafted BPF instructions that reference an incorrect file descriptor. CVE project by @Sn0wAlice Create: 2023-01-18 07:40:46 +0000 UTC Push: 2023-01-18 07:40:49 +0000 UTC |

Live-Hack-CVE/CVE-2014-9914 Race condition in the ip4_datagram_release_cb function in net/ipv4/datagram.c in the Linux kernel before 3.15.2 allows local users to gain privileges or cause a denial of service (use-after-free) by leveraging incorrect expectations about locking during multithreaded access to internal data structures for IPv4 UDP sock CVE project by @Sn0wAlice Create: 2023-01-18 07:40:42 +0000 UTC Push: 2023-01-18 07:40:45 +0000 UTC |

Live-Hack-CVE/CVE-2016-4565 The InfiniBand (aka IB) stack in the Linux kernel before 4.5.3 incorrectly relies on the write system call, which allows local users to cause a denial of service (kernel memory write operation) or possibly have unspecified other impact via a uAPI interface. CVE project by @Sn0wAlice Create: 2023-01-18 07:40:37 +0000 UTC Push: 2023-01-18 07:40:40 +0000 UTC |

Live-Hack-CVE/CVE-2015-3288 mm/memory.c in the Linux kernel before 4.1.4 mishandles anonymous pages, which allows local users to gain privileges or cause a denial of service (page tainting) via a crafted application that triggers writing to page zero. CVE project by @Sn0wAlice Create: 2023-01-18 07:40:33 +0000 UTC Push: 2023-01-18 07:40:36 +0000 UTC |

Live-Hack-CVE/CVE-2014-9904 The snd_compress_check_input function in sound/core/compress_offload.c in the ALSA subsystem in the Linux kernel before 3.17 does not properly check for an integer overflow, which allows local users to cause a denial of service (insufficient memory allocation) or possibly have unspecified other impact via a crafted SND CVE project by @Sn0wAlice Create: 2023-01-18 07:40:28 +0000 UTC Push: 2023-01-18 07:40:31 +0000 UTC |

Live-Hack-CVE/CVE-2014-6416 Buffer overflow in net/ceph/auth_x.c in Ceph, as used in the Linux kernel before 3.16.3, allows remote attackers to cause a denial of service (memory corruption and panic) or possibly have unspecified other impact via a long unencrypted auth ticket. CVE project by @Sn0wAlice Create: 2023-01-18 07:40:24 +0000 UTC Push: 2023-01-18 07:40:27 +0000 UTC |

Live-Hack-CVE/CVE-2014-7145 The SMB2_tcon function in fs/cifs/smb2pdu.c in the Linux kernel before 3.16.3 allows remote CIFS servers to cause a denial of service (NULL pointer dereference and client system crash) or possibly have unspecified other impact by deleting the IPC$ share during resolution of DFS referrals. CVE project by @Sn0wAlice Create: 2023-01-18 07:40:20 +0000 UTC Push: 2023-01-18 07:40:23 +0000 UTC |

Live-Hack-CVE/CVE-2013-1059 net/ceph/auth_none.c in the Linux kernel through 3.10 allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via an auth_reply message that triggers an attempted build_request operation. CVE project by @Sn0wAlice Create: 2023-01-18 07:40:16 +0000 UTC Push: 2023-01-18 07:40:19 +0000 UTC |

Live-Hack-CVE/CVE-2013-4247 Off-by-one error in the build_unc_path_to_root function in fs/cifs/connect.c in the Linux kernel before 3.9.6 allows remote attackers to cause a denial of service (memory corruption and system crash) via a DFS share mount operation that triggers use of an unexpected DFS referral name length. CVE project by @Sn0wAlice Create: 2023-01-18 07:40:12 +0000 UTC Push: 2023-01-18 07:40:14 +0000 UTC |

Live-Hack-CVE/CVE-2012-6704 The sock_setsockopt function in net/core/sock.c in the Linux kernel before 3.5 mishandles negative values of sk_sndbuf and sk_rcvbuf, which allows local users to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact by leveraging the CAP_NET_ADMIN capability for a craf CVE project by @Sn0wAlice Create: 2023-01-18 07:40:07 +0000 UTC Push: 2023-01-18 07:40:10 +0000 UTC |

Live-Hack-CVE/CVE-2012-6703 Integer overflow in the snd_compr_allocate_buffer function in sound/core/compress_offload.c in the ALSA subsystem in the Linux kernel before 3.6-rc6-next-20120917 allows local users to cause a denial of service (insufficient memory allocation) or possibly have unspecified other impact via a crafted SNDRV_COMPRESS_SET_P CVE project by @Sn0wAlice Create: 2023-01-18 07:40:03 +0000 UTC Push: 2023-01-18 07:40:05 +0000 UTC |

Live-Hack-CVE/CVE-2012-6701 Integer overflow in fs/aio.c in the Linux kernel before 3.4.1 allows local users to cause a denial of service or possibly have unspecified other impact via a large AIO iovec. CVE project by @Sn0wAlice Create: 2023-01-18 07:39:58 +0000 UTC Push: 2023-01-18 07:40:02 +0000 UTC |

Live-Hack-CVE/CVE-2012-3400 Heap-based buffer overflow in the udf_load_logicalvol function in fs/udf/super.c in the Linux kernel before 3.4.5 allows remote attackers to cause a denial of service (system crash) or possibly have unspecified other impact via a crafted UDF filesystem. CVE project by @Sn0wAlice Create: 2023-01-18 07:39:54 +0000 UTC Push: 2023-01-18 07:39:56 +0000 UTC |

Live-Hack-CVE/CVE-2012-6638 The tcp_rcv_state_process function in net/ipv4/tcp_input.c in the Linux kernel before 3.2.24 allows remote attackers to cause a denial of service (kernel resource consumption) via a flood of SYN+FIN TCP packets, a different vulnerability than CVE-2012-2663. CVE project by @Sn0wAlice Create: 2023-01-18 07:39:49 +0000 UTC Push: 2023-01-18 07:39:53 +0000 UTC |