Linux Distros Unpatched Vulnerability : CVE-2020-36191

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - JupyterHub 1.1.0 allows CSRF in the admin panel via a request that lacks an xsrf field, as demonstrated by a /hub/api/user request to add or remove a user...

CVE-2021-36191

A url redirection to untrusted site 'open redirect' in Fortinet FortiWeb version 6.4.1 and below, 6.3.15 and below allows attacker to use the device as proxy via crafted GET parameters in requests to error handlers...

Fortinet FortiWeb Open redirect due to missing domain whitelisting (FG-IR-21-133)

The version of FortiWeb installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-21-133 advisory. - A url redirection to untrusted site 'open redirect' in Fortinet FortiWeb version 6.4.1 and below, 6.3.15 and below allows...

Photon OS 5.0: Sqlite PHSA-2023-5.0-0089

An update of the sqlite package has been released. File data PhotonOSPHSA-2023-50-0089sqlite.nasl...

Photon OS 4.0: Telegraf PHSA-2023-4.0-0428

An update of the telegraf package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2023-4.0-0428. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

CVE-2024-36191

Adobe Experience Manager versions 6.5.20 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page...

CVE-2024-36191

CVE-2024-36191 affects Adobe Experience Manager 6.5.20 and earlier with a stored XSS in vulnerable form fields. The issue allows malicious JavaScript to execute in a victim’s browser when visiting pages containing the affected fields. CVSS 3.1 base score 5.4 (Medium); attack vector NETWORK, attac...

RHEL 9 : sqlite (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 9 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - sqlite: use-after-free bug in jsonParseAddNodeArray CVE-2024-0232 - Rejected reason: DO NOT USE THIS...

EulerOS Virtualization 2.11.1 : sqlite (EulerOS-SA-2023-3369)

According to the versions of the sqlite package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further...

EulerOS Virtualization 2.11.0 : sqlite (EulerOS-SA-2023-3387)

According to the versions of the sqlite package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further...

EulerOS 2.0 SP11 : sqlite (EulerOS-SA-2023-3022)

According to the versions of the sqlite package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showe...

Huawei EulerOS: Security Advisory for sqlite (EulerOS-SA-2023-3387)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for sqlite (EulerOS-SA-2023-3022)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for sqlite (EulerOS-SA-2023-3045)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

OESA-2023-1484 sqlite security update

SQLite is a C-language library that implements a small, fast, self-contained, high-reliability, full-featured, SQL database engine. SQLite is the most used database engine in the world. SQLite is built into all mobile phones and most computers and comes bundled inside countless other applications...

OESA-2023-1486 sqlite security update

SQLite is a C-language library that implements a small, fast, self-contained, high-reliability, full-featured, SQL database engine. SQLite is the most used database engine in the world. SQLite is built into all mobile phones and most computers and comes bundled inside countless other applications...

CVE-2023-36191

A segmentation fault was discovered in SQLite. This issue exists due to a boundary error within the /sqlite3aflpp/shell.c which could allow a local user to send a specially crafted request to the database to trigger memory corruption and perform a denial of service DoS attack...

CVE-2023-36191

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none...

CVE-2023-36191

sqlite3 v3.40.1 was discovered to contain a segmentation violation at /sqlite3aflpp/shell.c...

CVE-2023-36191

Removed by vendor...