Live-Hack-CVE/CVE-2023-0634 An uncontrolled process operation was found in the newgrp command provided by the shadow-utils package. This issue could cause the execution of arbitrary code provided by a user when running the newgrp command. CVE project by @Sn0wAlice Create: 2023-02-03 10:06:16 +0000 UTC Push: 2023-02-03 10:06:18 +0000 UTC |

Live-Hack-CVE/CVE-2023-0658 A vulnerability, which was classified as critical, was found in Multilaser RE057 and RE170 2.1/2.2. This affects an unknown part of the file /param.file.tgz of the component Backup File Handler. The manipulation leads to information disclosure. It is possible to initiate the attack remotely. The identifier VDB-220053 w CVE project by @Sn0wAlice Create: 2023-02-03 10:06:10 +0000 UTC Push: 2023-02-03 10:06:12 +0000 UTC |

Live-Hack-CVE/CVE-2022-38389 IBM Tivoli Workload Scheduler 9.4, 9.5, and 10.1 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 233975. CVE project by @Sn0wAlice Create: 2023-02-03 10:06:06 +0000 UTC Push: 2023-02-03 10:06:09 +0000 UTC |

Live-Hack-CVE/CVE-2022-22486 IBM Tivoli Workload Scheduler 9.4, 9.5, and 10.1 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 226328. CVE project by @Sn0wAlice Create: 2023-02-03 10:06:03 +0000 UTC Push: 2023-02-03 10:06:05 +0000 UTC |

Live-Hack-CVE/CVE-2018-3993 An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's Foxit PDF Reader version 9.2.0.9297. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the user to open the malic CVE project by @Sn0wAlice Create: 2023-02-03 07:55:56 +0000 UTC Push: 2023-02-03 07:55:58 +0000 UTC |

Live-Hack-CVE/CVE-2018-3995 An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's PDF Reader, version 9.2.0.9297. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the user to open the malicious CVE project by @Sn0wAlice Create: 2023-02-03 07:55:53 +0000 UTC Push: 2023-02-03 07:55:55 +0000 UTC |

Live-Hack-CVE/CVE-2018-3994 An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's Foxit PDF Reader version 9.2.0.9297. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the user to open the malic CVE project by @Sn0wAlice Create: 2023-02-03 07:55:49 +0000 UTC Push: 2023-02-03 07:55:52 +0000 UTC |

Live-Hack-CVE/CVE-2018-3996 An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's PDF Reader, version 9.2.0.9297. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the user to open the malicious CVE project by @Sn0wAlice Create: 2023-02-03 07:55:46 +0000 UTC Push: 2023-02-03 07:55:48 +0000 UTC |

Live-Hack-CVE/CVE-2018-3946 An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's PDF Reader version 9.1.0.5096. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the user to open the malicious f CVE project by @Sn0wAlice Create: 2023-02-03 07:55:42 +0000 UTC Push: 2023-02-03 07:55:44 +0000 UTC |

Live-Hack-CVE/CVE-2018-3945 An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's Foxit PDF Reader version 9.1.0.5096. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the user to open the malic CVE project by @Sn0wAlice Create: 2023-02-03 07:55:38 +0000 UTC Push: 2023-02-03 07:55:41 +0000 UTC |

Live-Hack-CVE/CVE-2018-3943 An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's PDF Reader, version 9.1.0.5096. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the user to open the malicious CVE project by @Sn0wAlice Create: 2023-02-03 07:55:35 +0000 UTC Push: 2023-02-03 07:55:37 +0000 UTC |

Live-Hack-CVE/CVE-2018-3944 An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's PDF Reader, version 9.1.0.5096. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the user to open the malicious CVE project by @Sn0wAlice Create: 2023-02-03 07:55:32 +0000 UTC Push: 2023-02-03 07:55:34 +0000 UTC |

Live-Hack-CVE/CVE-2018-3942 An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's PDF Reader, version 9.1.0.5096. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the user to open the malicious CVE project by @Sn0wAlice Create: 2023-02-03 07:55:28 +0000 UTC Push: 2023-02-03 07:55:30 +0000 UTC |

Live-Hack-CVE/CVE-2018-3941 An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's Foxit PDF Reader version 9.1.0.5096. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the user to open the malic CVE project by @Sn0wAlice Create: 2023-02-03 07:55:25 +0000 UTC Push: 2023-02-03 07:55:27 +0000 UTC |

Live-Hack-CVE/CVE-2018-3939 An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's PDF Reader, version 9.1.0.5096. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the user to open the malicious CVE project by @Sn0wAlice Create: 2023-02-03 07:55:21 +0000 UTC Push: 2023-02-03 07:55:23 +0000 UTC |

Live-Hack-CVE/CVE-2018-3940 An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's PDF Reader, version 9.1.0.5096. A specially crafted PDF document can trigger a previously freed object in memory to be reused. An attacker needs to trick the user to open the malicious file to trigger. CVE project by @Sn0wAlice Create: 2023-02-03 07:55:18 +0000 UTC Push: 2023-02-03 07:55:20 +0000 UTC |

Live-Hack-CVE/CVE-2022-48114 RuoYi up to v4.7.5 was discovered to contain a SQL injection vulnerability via the component /tool/gen/createTable. CVE project by @Sn0wAlice Create: 2023-02-03 07:55:13 +0000 UTC Push: 2023-02-03 07:55:15 +0000 UTC |

Live-Hack-CVE/CVE-2022-48113 A vulnerability in TOTOLINK N200RE_v5 firmware V9.3.5u.6139 allows unauthenticated attackers to access the telnet service via a crafted POST request. Attackers are also able to leverage this vulnerability to login as root via hardcoded credentials. CVE project by @Sn0wAlice Create: 2023-02-03 07:55:10 +0000 UTC Push: 2023-02-03 07:55:12 +0000 UTC |

Live-Hack-CVE/CVE-2020-15654 When in an endless loop, a website specifying a custom cursor using CSS could make it look like the user is interacting with the user interface, when they are not. This could lead to a perceived broken state, especially when interactions with existing browser dialogs and warnings do not work. This vulnerability affects CVE project by @Sn0wAlice Create: 2023-02-03 07:55:06 +0000 UTC Push: 2023-02-03 07:55:09 +0000 UTC |

Live-Hack-CVE/CVE-2020-15653 An iframe sandbox element with the allow-popups flag could be bypassed when using noopener links. This could have led to security issues for websites relying on sandbox configurations that allowed popups and hosted arbitrary content. This vulnerability affects Firefox ESR < 78.1, Firefox < 79, and Thunderbird < 78.1. CVE project by @Sn0wAlice Create: 2023-02-03 07:55:03 +0000 UTC Push: 2023-02-03 07:55:05 +0000 UTC |