122 matches found
MINI-3277-M7MX-WF3V
Bulletin has no description...
MINI-72F5-3277-8QQR
Bulletin has no description...
CVE-2026-3277
The OpenID Connect OIDC authentication configuration in PowerShell Universal before 2026.1.3 stores the OIDC client secret in cleartext in the .universal/authentication.ps1 script, which allows an attacker with read access to that file to obtain the OIDC client credentials...
MiracleLinux 8 : nodejs:22 (AXSA:2025-9926:01)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-9926:01 advisory. c-ares: c-ares has a use-after-free in readanswers CVE-2025-31498 SQLite: integer overflow in SQLite CVE-2025-3277 Tenable has extracted the precedi...
Siemens SIMATIC S7-1500 Heap-based Buffer Overflow (CVE-2025-3277)
An integer overflow can be triggered in SQLite's 'concatws' function. The resulting, truncated integer is then used to allocate a buffer. When SQLite then writes the resulting string to the buffer, it uses the original, untruncated size and thus a wild Heap Buffer overflow of size 4GB can be...
Linux Distros Unpatched Vulnerability : CVE-2025-3277
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An integer overflow can be triggered in SQLite's concatws function. The resulting, truncated integer is then used to allocate a buffer. When SQLite then writes...
RockyLinux 10 : sqlite (RLSA-2025:7517)
The remote RockyLinux 10 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2025:7517 advisory. SQLite: integer overflow in SQLite CVE-2025-3277 Tenable has extracted the preceding description block directly from the RockyLinux security advisory. Note that...
RLSA-2025:7517 Important: sqlite security update
SQLite is a C library that implements an SQL database engine. A large subset of SQL92 is supported. A complete database is stored in a single disk file. The API is designed for convenience and ease of use. Applications that link against SQLite can enjoy the power and flexibility of an SQL databas...
Security update for bluez
This update for bluez fixes the following issues: CVE-2023-45866: keystroke injection and arbitrary command execution via HID device connections bsc1217877. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security Bulletin: Multiple vulnerabilities affect IBM watsonx Orchestrate with watsonx Assistant Cartridge
Summary Potential vulnerabilities have been identified that affect IBM watsonx Orchestrate with watsonx Assistant Cartridge - UAB Component. The vulnerabilities have been addressed. Refer to details for additional information. Vulnerability Details CVEID:CVE-2025-23166 DESCRIPTION: The C++ method...
Oracle Linux 10 : sqlite (ELSA-2025-11933)
The remote Oracle Linux 10 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-11933 advisory. - Fix CVE-2025-6965 - Fix for CVE-2025-3277 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that...
RockyLinux 8 : nodejs:22 (RLSA-2025:4459)
The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:4459 advisory. c-ares: c-ares has a use-after-free in readanswers CVE-2025-31498 SQLite: integer overflow in SQLite CVE-2025-3277 Tenable has extracted the preceding...
RLSA-2025:7433 Important: nodejs:22 security update
Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: c-ares: c-ares has a use-after-free in readanswers CVE-2025-31498 SQLite: integer overflow in SQLite CVE-2025-3277 For more details about the...
RLSA-2025:4459 Important: nodejs:22 security update
Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: c-ares: c-ares has a use-after-free in readanswers CVE-2025-31498 SQLite: integer overflow in SQLite CVE-2025-3277 For more details about the...
Security Bulletin: AIX/VIOS is vulnerable to arbitrary code execution (CVE-2025-3277, CVE-2025-29087) and denial of service (CVE-2025-29088) due to RPM
Summary Vulnerabilities in RPM could allow an attacker to execute arbitrary code CVE-2025-3277, CVE-2025-29087 or cause a denial of service CVE-2025-29088. RPM is used by AIX for package management. Vulnerability Details CVEID:CVE-2025-3277 DESCRIPTION: An integer overflow can be triggered in...
AIX is vulnerable to arbitrary code execution (CVE-2025-3277 CVE-2025-29087) and denial of service (CVE-2025-29088) due to RPM
IBM SECURITY ADVISORY First Issued: Thu Jul 17 09:32:10 CDT 2025 The most recent version of this document is available here: https://aix.software.ibm.com/aix/efixes/security/rpmadvisory3.asc Security Bulletin: AIX is vulnerable to arbitrary code execution CVE-2025-3277, CVE-2025-29087 and denial ...
SUSE: Security Advisory (SUSE-SU-2025:01456-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2025:01455-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Oracle Linux 10 : sqlite (ELSA-2025-7517)
The remote Oracle Linux 10 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-7517 advisory. - Fix for CVE-2025-3277 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has not tested...
RHEL 10 : sqlite (RHSA-2025:7517)
The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:7517 advisory. SQLite is a C library that implements an SQL database engine. A large subset of SQL92 is supported. A complete database is stored in a single disk...