Lucene search
K

31 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in SQLite3

The ext/fts3/fts3.c file in SQLite before version 3.32.0 contains a use-after-free in the fts3EvalNextRow function, which is related to the snippet feature...

7CVSS7.1AI score0.0103EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability in SQLite3

SQLite version 3.32.0 has a segmentation fault in sqlite3ExprCodeTarget in expr.c...

5.5CVSS6.8AI score0.0064EPSS
Exploits1References1
Snyk
Snyk
added 2026/04/13 4:35 p.m.10 views

Command Injection

Overview simple-git is a light weight interface for running git commands in any node.js application. Affected versions of this package are vulnerable to Command Injection through improper option parsing in the clone method. An attacker can execute arbitrary system commands by supplying specially...

9.8CVSS6AI score0.02712EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2026/04/13 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2026-28291

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - simple-git enables running native Git commands from JavaScript. Versions up to and including 3.31.1 allow execution of arbitrary commands through Git option...

9.8CVSS6AI score0.02712EPSS
Exploits2References2
Positive Technologies
Positive Technologies
added 2026/04/13 12:0 a.m.8 views

PT-2026-32486

Name of the Vulnerable Software and Affected Versions simple-git versions prior to 3.32.0 Description The library allows the execution of arbitrary commands through the manipulation of Git options. This occurs because the unsafe operations plugin uses a regular-expression-based blocklist to preve...

8.1CVSS5.9AI score0.00652EPSS
Exploits1References8
Tenable Nessus
Tenable Nessus
added 2025/08/07 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2019-11459

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The tiffdocumentrender and tiffdocumentgetthumbnail functions in the TIFF document backend in GNOME Evince through 3.32.0 did not handle errors from...

5.5CVSS6.3AI score0.01443EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/11/12 12:0 a.m.15 views

F5 Networks BIG-IP : SQLite vulnerability (K000148494)

The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K000148494 advisory. SQLite before 3.32.0 allows a virtual table to be renamed to the name of one of its shadow tables, related to alter.c...

5.5CVSS6.7AI score0.0062EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2024/08/28 12:0 a.m.20 views

openSUSE Security Advisory (SUSE-SU-2024:2786-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.4CVSS6.9AI score0.01257EPSS
Exploits0References9
OpenVAS
OpenVAS
added 2024/08/21 12:0 a.m.24 views

SUSE: Security Advisory (SUSE-SU-2024:2766-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.4CVSS6.9AI score0.01257EPSS
Exploits0References9
OpenVAS
OpenVAS
added 2024/08/21 12:0 a.m.16 views

SUSE: Security Advisory (SUSE-SU-2024:2786-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.4CVSS6.9AI score0.01257EPSS
Exploits0References9
Microsoft CVE
Microsoft CVE
added 2024/06/30 2:0 p.m.4 views

ext/fts3/fts3_snippet.c in SQLite before 3.32.0 has a NULL pointer dereference via a crafted matchinfo() query.

...

5.5CVSS6.8AI score0.00571EPSS
Exploits0
Patchstack
Patchstack
added 2024/05/30 12:0 a.m.15 views

WordPress YITH WooCommerce Wishlist Plugin <= 3.32.0 is vulnerable to Cross Site Scripting (XSS)

Software YITH WooCommerce Wishlist Type Plugin Vulnerable versions = 3.32.0 Fixed in 3.33.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-34385 Patch priority Low CVSS severity Low 5.9 Developer YITH PSID 293b2a23f462 Credits savphill Required privilege...

5.9CVSS6.6AI score0.00261EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2024/03/14 12:15 a.m.11 views

CVE-2024-28251

Querybook is a Big Data Querying UI, combining collocated table metadata and a simple notebook interface. Querybook's datadocs functionality works by using a Websocket Server. The client talks to this WSS whenever updating/deleting/reading any cells as well as for watching the live status of quer...

7.3CVSS5.4AI score0.00239EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/03/13 12:0 a.m.3 views

Querybook Data Falsification Issue Vulnerability

Querybook is an open source big data query UI for Pinterest. A data forgery issue vulnerability exists in Querybook versions prior to 3.32.0, which stems from the presence of cross-site websocket hijacking that allows an attacker to read/edit/delete a user's data document...

7.3CVSS6.6AI score0.00239EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/03/13 12:0 a.m.6 views

PT-2024-22367 · Querybook · Querybook

Name of the Vulnerable Software and Affected Versions: Querybook versions prior to 3.32.0 Description: The issue concerns Querybook, a Big Data Querying UI that combines collocated table metadata and a simple notebook interface. Querybook's datadocs functionality uses a Websocket Server, allowing...

5.6CVSS6.6AI score0.00239EPSS
Exploits0References5
CNNVD
CNNVD
added 2023/07/18 12:0 a.m.5 views

matrix-react-sdk 跨站脚本漏洞

matrix-react-sdk is a Matrix open source component for inserting the Matrix chat/voip client into web pages. A cross-site scripting vulnerability exists in matrix-react-sdk versions 3.32.0 through 3.76.0, which stems from the Export Chat feature containing certain attacker-controlled elements in...

6.1CVSS5.3AI score0.00448EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2023/01/10 12:0 a.m.37 views

SQLite < 3.32.0 Multiple Vulnerabilities

SQLite is prone to multiple vulnerabilities. Copyright C 2023 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.8CVSS8.8AI score0.01067EPSS
Exploits0References2
Broadcom
Broadcom
added 2021/05/10 12:0 a.m.14 views

BSA-2020-945

Security Advisory ID : BSA-2020-945 Component : SQLite Revision : 1.0 Various SQLite issues seen in SQLite versions through 3.31.1. CVE-2020-11656 - CVSS3.1 - 9.8 In SQLite through 3.31.1, the ALTER TABLE implementation has a use-after-free, as demonstrated by an ORDER BY clause that belongs to a...

9.8CVSS7.2AI score0.07407EPSS
Exploits2
CNVD
CNVD
added 2020/05/28 12:0 a.m.3 views

SQLite Resource Management Error Vulnerability (CNVD-2020-31117)

SQLite is the United States D. Richard Hipp software developers of a set of C-based open source embedded relational database management system. The system is characterized by independence, isolation, cross-platform and so on. A resource management error vulnerability exists in the 'snippet'...

7CVSS8.3AI score0.0103EPSS
Exploits0References1
CNVD
CNVD
added 2020/05/28 12:0 a.m.2 views

SQLite Unauthorized Operation Vulnerability

SQLite is the United States D. Richard Hipp software developers of a set of C-based open source embedded relational database management system. The system is characterized by independence, isolation, cross-platform and so on. There is a security vulnerability in versions prior to SQLite 3.32.0...

5.5CVSS8.5AI score0.0062EPSS
Exploits0References1
Rows per page
Query Builder