GHSA-HFFM-XVC3-VPRC simple-git is vulnerable to Remote Code Execution

Versions of the package simple-git before 3.36.0 are vulnerable to Remote Code Execution RCE due to an incomplete fix for CVE-2022-25912 that blocks the -c option but not the equivalent --config form. If untrusted input can reach the options argument passed to simple-git, an attacker may still...

CVE-2026-6951

Versions of the package simple-git before 3.36.0 are vulnerable to Remote Code Execution RCE due to an incomplete fix for CVE-2022-25912 that blocks the -c option but not the equivalent --config form. If untrusted input can reach the options argument passed to simple-git, an attacker may still...

Remote Code Execution (RCE)

Overview simple-git is a light weight interface for running git commands in any node.js application. Affected versions of this package are vulnerable to Remote Code Execution RCE due to an incomplete fix for CVE-2022-25912 that blocks the -c option but not the equivalent --config form. If untrust...

VirusBlokAda VBA32 Buffer Error Vulnerability

VirusBlokAda VBA32 is an anti-virus software from the Belarusian company VirusBlokAda. It is used for personal computers running Microsoft Windows. It detects and eliminates computer viruses, computer worms, Trojan horses and other malware backdoors, adware, spyware, etc. in real time on demand. ...

PT-2024-19871 · Unknown · Vba32M64.Sys +1

Name of the Vulnerable Software and Affected Versions: Vba32 Antivirus version 3.36.0 Description: The issue is related to a Denial of Service vulnerability. It can be triggered by using the 0x2220A7 IOCTL code of the Vba32m64.sys driver. Recommendations: For Vba32 Antivirus version 3.36.0,...

SUSE CVE-2021-36690

A segmentation fault can occur in the sqlite3.exe command-line component of SQLite 3.36.0 via the idxGetTableInfo function when there is a crafted SQL query. NOTE: the vendor disputes the relevance of this report because a sqlite3.exe user already has full privileges e.g., is intentionally allowe...

Juniper Junos OS Multiple Vulnerabilities (JSA69705)

The version of Junos OS installed on the remote host is affected by multiple vulnerabilities as referenced in the JSA69705 advisory. - DISPUTED A segmentation fault can occur in the sqlite3.exe command-line component of SQLite 3.36.0 via the idxGetTableInfo function when there is a crafted SQL...

Design/Logic Flaw

Sonatype Nexus Repository Manager 3.36.0 allows HTML Injection...

CVE-2021-43961

CVE-2021-43961 affects Sonatype Nexus Repository Manager 3.36.0 (NXS/NXRM). The connected sources specify a HTML Injection vulnerability in this version. No exploit vectors, exploit status, or remediation details are provided in the available documents. The reports consistently describe the issue...

2context (>=0.1.0 <=0.2.0), 2ndopinion-cli (>=0.1.0 <=0.12.0) +7392 more potentially affected by CVE-2022-24433 via simple-git (>=3.0.3 <=3.36.0)

simple-git NPM version =3.0.3, =0.1.0, =0.1.0, =0.16.0, =0.0.112-rc1, =1.0.0-beta.1, =1.0.0, =0.0.2, =1.0.0, =1.0.0, =1.25.0, =2.0.0, =1.0.3, =1.1.0, =0.1.0, =0.3.0 and more Source cves: CVE-2022-24433 Source advisory: SNYK:JS-SIMPLEGIT-2421199...

Huawei EulerOS: Security Advisory for sqlite (EulerOS-SA-2021-2740)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for sqlite (EulerOS-SA-2021-2773)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for sqlite (EulerOS-SA-2021-2644)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

AZL-8484 CVE-2021-36690 affecting package sqlite for versions less than 3.36.0-3

A segmentation fault can occur in the sqlite3.exe command-line component of SQLite 3.36.0 via the idxGetTableInfo function when there is a crafted SQL query. NOTE: the vendor disputes the relevance of this report because a sqlite3.exe user already has full privileges e.g., is intentionally allowe...

CVE-2021-36690

DISPUTED A segmentation fault can occur in the sqlite3.exe command-line component of SQLite 3.36.0 via the idxGetTableInfo function when there is a crafted SQL query. NOTE: the vendor disputes the relevance of this report because a sqlite3.exe user already has full privileges e.g., is intentional...

CVE-2021-36690

A segmentation fault can occur in the sqlite3.exe command-line component of SQLite 3.36.0 via the idxGetTableInfo function when there is a crafted SQL query. NOTE: the vendor disputes the relevance of this report because a sqlite3.exe user already has full privileges e.g., is intentionally allowe...

Design/Logic Flaw

DISPUTED A segmentation fault can occur in the sqlite3.exe command-line component of SQLite 3.36.0 via the idxGetTableInfo function when there is a crafted SQL query. NOTE: the vendor disputes the relevance of this report because a sqlite3.exe user already has full privileges e.g., is intentional...

SQLite 缓冲区错误漏洞

SQLite is a self-sufficient, serverless, zero-configuration, transactional SQL database engine. idxGetTableInfo function in SQLite version 3.36.0 is vulnerable to a segmentation error. An attacker could exploit the vulnerability via a specially crafted SQL query to cause a denial of service...

CVE-2021-36690

CVE-2021-36690: A segmentation fault can occur in the sqlite3.exe command-line component of SQLite 3.36.0 via idxGetTableInfo when given a crafted SQL query. The vendor disputes the relevance (user already has full privileges). Public details note remediation via package upgrades; Debian LTS advi...

Security update for sqlite3 (important)

openSUSE Security Update: Security update for sqlite3 Announcement ID: openSUSE-SU-2021:1058-1 Rating: important References: 1157818 1158812 1158958 1158959 1158960 1159491 1159715 1159847 1159850 1160309 1160438 1160439 1164719 1172091 1172115 1172234 1172236 1172240 1173641 928700 928701...