dolby360/CVE-2022-27518_POC A POC on how to exploit CVE-2022-27518 Create: 2023-01-18 03:40:04 +0000 UTC Push: 2023-01-18 03:40:05 +0000 UTC |

Live-Hack-CVE/CVE-2023-21555 Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2023-21543, CVE-2023-21546, CVE-2023-21556, CVE-2023-21679. CVE project by @Sn0wAlice Create: 2023-01-18 03:15:39 +0000 UTC Push: 2023-01-18 03:15:43 +0000 UTC |

Live-Hack-CVE/CVE-2022-4121 In libetpan a null pointer dereference in mailimap_mailbox_data_status_free in low-level/imap/mailimap_types.c was found that could lead to a remote denial of service or other potential consequences. CVE project by @Sn0wAlice Create: 2023-01-18 03:15:21 +0000 UTC Push: 2023-01-18 03:15:24 +0000 UTC |

Live-Hack-CVE/CVE-2022-41861 A flaw was found in freeradius. A malicious RADIUS client or home server can send a malformed abinary attribute which can cause the server to crash. CVE project by @Sn0wAlice Create: 2023-01-18 03:15:16 +0000 UTC Push: 2023-01-18 03:15:19 +0000 UTC |

Live-Hack-CVE/CVE-2022-41860 In freeradius, when an EAP-SIM supplicant sends an unknown SIM option, the server will try to look that option up in the internal dictionaries. This lookup will fail, but the SIM code will not check for that failure. Instead, it will dereference a NULL pointer, and cause the server to crash. CVE project by @Sn0wAlice Create: 2023-01-18 03:15:12 +0000 UTC Push: 2023-01-18 03:15:15 +0000 UTC |

Live-Hack-CVE/CVE-2022-41859 In freeradius, the EAP-PWD function compute_password_element() leaks information about the password which allows an attacker to substantially reduce the size of an offline dictionary attack. CVE project by @Sn0wAlice Create: 2023-01-18 03:15:08 +0000 UTC Push: 2023-01-18 03:15:10 +0000 UTC |

Live-Hack-CVE/CVE-2022-41858 A flaw was found in the Linux kernel. A NULL pointer dereference may occur while a slip driver is in progress to detach in sl_tx_timeout in drivers/net/slip/slip.c. This issue could allow an attacker to crash the system or leak internal kernel information. CVE project by @Sn0wAlice Create: 2023-01-18 03:15:03 +0000 UTC Push: 2023-01-18 03:15:06 +0000 UTC |

Live-Hack-CVE/CVE-2018-14628 An information leak vulnerability was discovered in Samba's LDAP server. Due to missing access control checks, an authenticated but unprivileged attacker could discover the names and preserved attributes of deleted objects in the LDAP store. CVE project by @Sn0wAlice Create: 2023-01-18 03:14:59 +0000 UTC Push: 2023-01-18 03:15:02 +0000 UTC |

Live-Hack-CVE/CVE-2023-0158 NLnet Labs Krill supports direct access to the RRDP repository content through its built-in web server at the "/rrdp" endpoint. Prior to 0.12.1 a direct query for any existing directory under "/rrdp/", rather than an RRDP file such as "/rrdp/notification.xml" as would be expected, causes Krill to crash. If the built-in CVE project by @Sn0wAlice Create: 2023-01-18 03:14:54 +0000 UTC Push: 2023-01-18 03:14:57 +0000 UTC |

Live-Hack-CVE/CVE-2022-4621 Panasonic Sanyo CCTV Network Cameras versions 1.02-05 and 2.03-0x are vulnerable to CSRFs that can be exploited to allow an attacker to perform changes with administrator level privileges. CVE project by @Sn0wAlice Create: 2023-01-18 03:14:50 +0000 UTC Push: 2023-01-18 03:14:53 +0000 UTC |

Live-Hack-CVE/CVE-2022-3091 RONDS EPM version 1.19.5 has a vulnerability in which a function could allow unauthenticated users to leak credentials. In some circumstances, an attacker can exploit this vulnerability to execute operating system (OS) commands. CVE project by @Sn0wAlice Create: 2023-01-18 03:14:46 +0000 UTC Push: 2023-01-18 03:14:49 +0000 UTC |

Live-Hack-CVE/CVE-2022-2893 RONDS EPM version 1.19.5 does not properly validate the filename parameter, which could allow an unauthorized user to specify file paths and download files. CVE project by @Sn0wAlice Create: 2023-01-18 03:14:41 +0000 UTC Push: 2023-01-18 03:14:44 +0000 UTC |

Live-Hack-CVE/CVE-2023-0338 Cross-site Scripting (XSS) - Reflected in GitHub repository lirantal/daloradius prior to master-branch. CVE project by @Sn0wAlice Create: 2023-01-18 02:06:46 +0000 UTC Push: 2023-01-18 02:06:50 +0000 UTC |

Live-Hack-CVE/CVE-2023-0337 Cross-site Scripting (XSS) - Reflected in GitHub repository lirantal/daloradius prior to master-branch. CVE project by @Sn0wAlice Create: 2023-01-18 02:06:42 +0000 UTC Push: 2023-01-18 02:06:45 +0000 UTC |

Live-Hack-CVE/CVE-2016-15021 A vulnerability was found in nickzren alsdb. It has been rated as critical. This issue affects some unknown processing. The manipulation leads to sql injection. Upgrading to version v2 is able to address this issue. The name of the patch is cbc79a68145e845f951113d184b4de207c341599. It is recommended to upgrade the affe CVE project by @Sn0wAlice Create: 2023-01-18 02:06:37 +0000 UTC Push: 2023-01-18 02:06:41 +0000 UTC |

Live-Hack-CVE/CVE-2015-10061 A vulnerability was found in evandro-machado Trabalho-Web2. It has been classified as critical. This affects an unknown part of the file src/java/br/com/magazine/dao/ClienteDAO.java. The manipulation leads to sql injection. The name of the patch is f59ac954625d0a4f6d34f069a2e26686a7a20aeb. It is recommended to apply a CVE project by @Sn0wAlice Create: 2023-01-18 02:06:32 +0000 UTC Push: 2023-01-18 02:06:35 +0000 UTC |

Live-Hack-CVE/CVE-2013-10013 A vulnerability was found in Bricco Authenticator Plugin. It has been declared as critical. This vulnerability affects the function authenticate/compare of the file src/java/talentum/escenic/plugins/authenticator/authenticators/DBAuthenticator.java. The manipulation leads to sql injection. Upgrading to version 1.39 is CVE project by @Sn0wAlice Create: 2023-01-18 02:06:28 +0000 UTC Push: 2023-01-18 02:06:31 +0000 UTC |

Live-Hack-CVE/CVE-2023-21549 Windows SMB Witness Service Elevation of Privilege Vulnerability. CVE project by @Sn0wAlice Create: 2023-01-18 02:06:19 +0000 UTC Push: 2023-01-18 02:06:22 +0000 UTC |

Live-Hack-CVE/CVE-2023-21551 Microsoft Cryptographic Services Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2023-21561, CVE-2023-21730. CVE project by @Sn0wAlice Create: 2023-01-18 02:06:14 +0000 UTC Push: 2023-01-18 02:06:16 +0000 UTC |

xeno-john/joomla_CVE-2017-8917 Project for the Cyberspace Security class. Create: 2023-01-18 01:47:22 +0000 UTC Push: 2023-01-18 01:47:22 +0000 UTC |