Live-Hack-CVE/CVE-2022-34670 NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer handler, where an unprivileged regular user can cause truncation errors when casting a primitive to a primitive of smaller size causes data to be lost in the conversion, which may lead to denial of service or information disclosure. CVE project by @Sn0wAlice Create: 2023-01-01 00:42:01 +0000 UTC Push: 2023-01-01 00:42:03 +0000 UTC |

Live-Hack-CVE/CVE-2022-34669 NVIDIA GPU Display Driver for Windows contains a vulnerability in the user mode layer, where an unprivileged regular user can access or modify system files or other files that are critical to the application, which may lead to code execution, denial of service, escalation of privileges, information disclosure, or data CVE project by @Sn0wAlice Create: 2023-01-01 00:41:58 +0000 UTC Push: 2023-01-01 00:41:59 +0000 UTC |

Live-Hack-CVE/CVE-2017-20155 A vulnerability was found in Sterc Google Analytics Dashboard for MODX up to 1.0.5. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file core/components/analyticsdashboardwidget/elements/tpl/widget.analytics.tpl of the component Internal Search. The manipulation le CVE project by @Sn0wAlice Create: 2023-01-01 00:41:54 +0000 UTC Push: 2023-01-01 00:41:56 +0000 UTC |

Live-Hack-CVE/CVE-2022-48195 An issue was discovered in Mellium mellium.im/sasl before 0.3.1. When performing SCRAM-based SASL authentication, if the remote end advertises support for channel binding, no random nonce is generated (instead, the nonce is empty). This causes authentication to fail in the best case, but (if paired with a remote end th CVE project by @Sn0wAlice Create: 2023-01-01 00:41:51 +0000 UTC Push: 2023-01-01 00:41:53 +0000 UTC |

Live-Hack-CVE/CVE-2022-4867 Cross-Site Request Forgery (CSRF) in GitHub repository froxlor/froxlor prior to 2.0.0-beta1. CVE project by @Sn0wAlice Create: 2023-01-01 00:41:47 +0000 UTC Push: 2023-01-01 00:41:49 +0000 UTC |

Live-Hack-CVE/CVE-2022-4866 Cross-site Scripting (XSS) - Stored in GitHub repository usememos/memos prior to 0.9.1. CVE project by @Sn0wAlice Create: 2023-01-01 00:41:43 +0000 UTC Push: 2023-01-01 00:41:46 +0000 UTC |

Live-Hack-CVE/CVE-2022-4865 Cross-site Scripting (XSS) - Stored in GitHub repository usememos/memos prior to 0.9.1. CVE project by @Sn0wAlice Create: 2023-01-01 00:41:40 +0000 UTC Push: 2023-01-01 00:41:42 +0000 UTC |

Live-Hack-CVE/CVE-2022-4868 Improper Authorization in GitHub repository froxlor/froxlor prior to 2.0.0-beta1. CVE project by @Sn0wAlice Create: 2023-01-01 00:41:37 +0000 UTC Push: 2023-01-01 00:41:39 +0000 UTC |

Live-Hack-CVE/CVE-2017-20157 A vulnerability was found in Ariadne Component Library up to 2.x. It has been classified as critical. Affected is an unknown function of the file src/url/Url.php. The manipulation leads to server-side request forgery. Upgrading to version 3.0 is able to address this issue. It is recommended to upgrade the affected comp CVE project by @Sn0wAlice Create: 2023-01-01 00:41:34 +0000 UTC Push: 2023-01-01 00:41:36 +0000 UTC |

Live-Hack-CVE/CVE-2017-20156 A vulnerability was found in Exciting Printer and classified as critical. This issue affects some unknown processing of the file lib/printer/jobs/prepare_page.rb of the component Argument Handler. The manipulation of the argument URL leads to command injection. The name of the patch is 5f8c715d6e2cc000f621a6833f0a86a67 CVE project by @Sn0wAlice Create: 2023-01-01 00:41:30 +0000 UTC Push: 2023-01-01 00:41:32 +0000 UTC |

Live-Hack-CVE/CVE-2017-20159 A vulnerability was found in rf Keynote up to 0.x. It has been rated as problematic. Affected by this issue is some unknown functionality of the file lib/keynote/rumble.rb. The manipulation of the argument value leads to cross site scripting. The attack may be launched remotely. Upgrading to version 1.0.0 is able to ad CVE project by @Sn0wAlice Create: 2023-01-01 00:41:27 +0000 UTC Push: 2023-01-01 00:41:29 +0000 UTC |

Live-Hack-CVE/CVE-2017-20158 ** UNSUPPPORTED WHEN ASSIGNED **** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in vova07 Yii2 FileAPI Widget up to 0.1.8. It has been declared as problematic. Affected by this vulnerability is the function run of the file actions/UploadAction.php. The manipulation of the argument file leads to cross site scr CVE project by @Sn0wAlice Create: 2023-01-01 00:41:24 +0000 UTC Push: 2023-01-01 00:41:26 +0000 UTC |

Live-Hack-CVE/CVE-2020-8813 graph_realtime.php in Cacti 1.2.8 allows remote attackers to execute arbitrary OS commands via shell metacharacters in a cookie, if a guest user has the graph real-time privilege. CVE project by @Sn0wAlice Create: 2023-01-01 00:41:20 +0000 UTC Push: 2023-01-01 00:41:22 +0000 UTC |

Live-Hack-CVE/CVE-2020-25706 A cross-site scripting (XSS) vulnerability exists in templates_import.php (Cacti 1.2.13) due to Improper escaping of error message during template import preview in the xml_path field CVE project by @Sn0wAlice Create: 2023-01-01 00:41:17 +0000 UTC Push: 2023-01-01 00:41:19 +0000 UTC |

Live-Hack-CVE/CVE-2020-23226 Multiple Cross Site Scripting (XSS) vulneratiblities exist in Cacti 1.2.12 in (1) reports_admin.php, (2) data_queries.php, (3) data_input.php, (4) graph_templates.php, (5) graphs.php, (6) reports_admin.php, and (7) data_input.php. CVE project by @Sn0wAlice Create: 2023-01-01 00:37:42 +0000 UTC Push: 2023-01-01 00:37:44 +0000 UTC |

Vicki568/CVE-2022-21907 Poc exploit in CVE-2022-21907 . And testing the presence of cve Create: 2022-12-31 17:58:28 +0000 UTC Push: 2022-12-31 17:58:29 +0000 UTC |

pmihsan/-Dirty-Pipe-CVE-2022-0847 Create: 2022-12-31 01:17:44 +0000 UTC Push: 2022-12-31 01:17:45 +0000 UTC |

Live-Hack-CVE/CVE-2022-38229 XPDF commit ffaf11c was discovered to contain a heap-buffer overflow via DCTStream::readHuffSym(DCTHuffTable*) at /xpdf/Stream.cc. CVE project by @Sn0wAlice Create: 2022-12-30 14:02:49 +0000 UTC Push: 2022-12-30 14:02:52 +0000 UTC |

Live-Hack-CVE/CVE-2021-0188 Return of pointer value outside of expected range in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable aescalation of privilege via local access. CVE project by @Sn0wAlice Create: 2022-12-30 13:21:21 +0000 UTC Push: 2022-12-30 13:21:23 +0000 UTC |

Live-Hack-CVE/CVE-2022-2568 A privilege escalation flaw was found in the Ansible Automation Platform. This flaw allows a remote authenticated user with 'change user' permissions to modify the account settings of the superuser account and also remove the superuser privileges. CVE project by @Sn0wAlice Create: 2022-12-30 12:39:59 +0000 UTC Push: 2022-12-30 12:40:02 +0000 UTC |