Live-Hack-CVE/CVE-2023-22491 Gatsby is a free and open source framework based on React that helps developers build websites and apps. The gatsby-transformer-remark plugin prior to versions 5.25.1 and 6.3.2 passes input through to the `gray-matter` npm package, which is vulnerable to JavaScript injection in its default configuration, unless input i CVE project by @Sn0wAlice Create: 2023-01-17 23:56:54 +0000 UTC Push: 2023-01-17 23:56:58 +0000 UTC |

Live-Hack-CVE/CVE-2023-22489 Flarum is a discussion platform for websites. If the first post of a discussion is permanently deleted but the discussion stays visible, any actor who can view the discussion is able to create a new reply via the REST API, no matter the reply permission or lock status. This includes users that don't have a validated em CVE project by @Sn0wAlice Create: 2023-01-17 23:56:50 +0000 UTC Push: 2023-01-17 23:56:53 +0000 UTC |

Live-Hack-CVE/CVE-2022-48091 Tramyardg hotel-mgmt-system version 2022.4 is vulnerable to Cross Site Scripting (XSS) via process_update_profile.php. CVE project by @Sn0wAlice Create: 2023-01-17 23:56:45 +0000 UTC Push: 2023-01-17 23:56:48 +0000 UTC |

Live-Hack-CVE/CVE-2022-48090 Tramyardg hotel-mgmt-system version 2022.4 is vulnerable to SQL Injection via /app/dao/CustomerDAO.php. CVE project by @Sn0wAlice Create: 2023-01-17 23:56:41 +0000 UTC Push: 2023-01-17 23:56:44 +0000 UTC |

Live-Hack-CVE/CVE-2017-20170 A vulnerability was found in ollpu parontalli. It has been classified as critical. Affected is an unknown function of the file httpdocs/index.php. The manipulation of the argument s leads to sql injection. The name of the patch is 6891bb2dec57dca6daabc15a6d2808c8896620e5. It is recommended to apply a patch to fix this CVE project by @Sn0wAlice Create: 2023-01-17 23:56:30 +0000 UTC Push: 2023-01-17 23:56:33 +0000 UTC |

Live-Hack-CVE/CVE-2023-21547 Internet Key Exchange (IKE) Protocol Denial of Service Vulnerability. CVE project by @Sn0wAlice Create: 2023-01-17 23:56:24 +0000 UTC Push: 2023-01-17 23:56:27 +0000 UTC |

Live-Hack-CVE/CVE-2023-21546 Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2023-21543, CVE-2023-21555, CVE-2023-21556, CVE-2023-21679. CVE project by @Sn0wAlice Create: 2023-01-17 23:56:18 +0000 UTC Push: 2023-01-17 23:56:22 +0000 UTC |

Live-Hack-CVE/CVE-2023-21543 Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2023-21546, CVE-2023-21555, CVE-2023-21556, CVE-2023-21679. CVE project by @Sn0wAlice Create: 2023-01-17 23:56:14 +0000 UTC Push: 2023-01-17 23:56:17 +0000 UTC |

Live-Hack-CVE/CVE-2023-21550 Windows Cryptographic Information Disclosure Vulnerability. This CVE ID is unique from CVE-2023-21540, CVE-2023-21559. CVE project by @Sn0wAlice Create: 2023-01-17 23:56:08 +0000 UTC Push: 2023-01-17 23:56:11 +0000 UTC |

Live-Hack-CVE/CVE-2023-21559 Windows Cryptographic Information Disclosure Vulnerability. This CVE ID is unique from CVE-2023-21540, CVE-2023-21550. CVE project by @Sn0wAlice Create: 2023-01-17 23:56:04 +0000 UTC Push: 2023-01-17 23:56:07 +0000 UTC |

Live-Hack-CVE/CVE-2023-21561 Microsoft Cryptographic Services Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2023-21551, CVE-2023-21730. CVE project by @Sn0wAlice Create: 2023-01-17 23:55:59 +0000 UTC Push: 2023-01-17 23:56:01 +0000 UTC |

nu0l/CVE-2022-46463 CVE-2022-46463(POC) Create: 2023-01-17 22:58:14 +0000 UTC Push: 2023-01-17 22:58:15 +0000 UTC |

brookeses69/CVE-2014-5460 CVE-2014-5460 Create: 2023-01-17 20:35:56 +0000 UTC Push: 2023-01-17 20:35:57 +0000 UTC |

Live-Hack-CVE/CVE-2021-26385 ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is unused by its CNA. Notes: none. CVE project by @Sn0wAlice Create: 2023-01-17 19:32:17 +0000 UTC Push: 2023-01-17 19:32:19 +0000 UTC |

Live-Hack-CVE/CVE-2021-26319 ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is unused by its CNA. Notes: none. CVE project by @Sn0wAlice Create: 2023-01-17 19:32:13 +0000 UTC Push: 2023-01-17 19:32:15 +0000 UTC |

Live-Hack-CVE/CVE-2021-26358 ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is unused by its CNA. Notes: none. CVE project by @Sn0wAlice Create: 2023-01-17 19:32:08 +0000 UTC Push: 2023-01-17 19:32:11 +0000 UTC |

Live-Hack-CVE/CVE-2021-26357 ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is unused by its CNA. Notes: none. CVE project by @Sn0wAlice Create: 2023-01-17 19:32:04 +0000 UTC Push: 2023-01-17 19:32:07 +0000 UTC |

Live-Hack-CVE/CVE-2023-23589 The SafeSocks option in Tor before 0.4.7.13 has a logic error in which the unsafe SOCKS4 protocol can be used but not the safe SOCKS4a protocol, aka TROVE-2022-002. CVE project by @Sn0wAlice Create: 2023-01-17 19:31:59 +0000 UTC Push: 2023-01-17 19:32:02 +0000 UTC |

Live-Hack-CVE/CVE-2023-0332 A vulnerability was found in SourceCodester Online Food Ordering System 2.0. It has been classified as critical. Affected is an unknown function of the file admin/manage_user.php. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to CVE project by @Sn0wAlice Create: 2023-01-17 19:31:55 +0000 UTC Push: 2023-01-17 19:31:58 +0000 UTC |

Live-Hack-CVE/CVE-2022-46891 An issue was discovered in the Arm Mali GPU Kernel Driver. There is a use-after-free. A non-privileged user can make improper GPU processing operations to gain access to already freed memory. This affects Midgard r13p0 through r32p0, Bifrost r1p0 through r40p0, and Valhall r19p0 through r40p0. CVE project by @Sn0wAlice Create: 2023-01-17 19:31:50 +0000 UTC Push: 2023-01-17 19:31:54 +0000 UTC |