17 matches found
Security Bulletin: AIX/VIOS is vulnerable to arbitrary code execution (CVE-2025-3277, CVE-2025-29087) and denial of service (CVE-2025-29088) due to RPM
Summary Vulnerabilities in RPM could allow an attacker to execute arbitrary code CVE-2025-3277, CVE-2025-29087 or cause a denial of service CVE-2025-29088. RPM is used by AIX for package management. Vulnerability Details CVEID:CVE-2025-3277 DESCRIPTION: An integer overflow can be triggered in...
AIX is vulnerable to arbitrary code execution (CVE-2025-3277 CVE-2025-29087) and denial of service (CVE-2025-29088) due to RPM
IBM SECURITY ADVISORY First Issued: Thu Jul 17 09:32:10 CDT 2025 The most recent version of this document is available here: https://aix.software.ibm.com/aix/efixes/security/rpmadvisory3.asc Security Bulletin: AIX is vulnerable to arbitrary code execution CVE-2025-3277, CVE-2025-29087 and denial ...
SUSE: Security Advisory (SUSE-SU-2025:01456-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2025:01455-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2025:1456-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu: Security Advisory (USN-7528-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-7528-1 sqlite3 vulnerabilities
It was discovered that SQLite incorrectly handled the concatws function. An attacker could use this issue to cause SQLite to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 24.04 LTS, and Ubuntu 24.10. CVE-2025-29087, CVE-2025-3277 It w...
openSUSE Security Advisory (SUSE-SU-2025:1456-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
libsqlite3-0-3.49.1-3.1 on GA media (moderate)
libsqlite3-0-3.49.1-3.1 on GA media Announcement ID: openSUSE-SU-2025:14991-1 Rating: moderate Cross-References: CVE-2025-29087 CVE-2025-29088 CVSS scores: CVE-2025-29087 SUSE : 5.7 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:L CVE-2025-29087 SUSE : 5.9...
SQLite 3.44.0 - 3.49.0 Multiple Vulnerabilities
SQLite is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:sqlite:sqlite"; ifdescription...
SUSE CVE-2025-29087
In SQLite 3.44.0 through 3.49.0 before 3.49.1, the concatws SQL function can cause memory to be written beyond the end of a malloc-allocated buffer. If the separator argument is attacker-controlled and has a large string e.g., 2MB or more, an integer overflow occurs in calculating the size of the...
Linux Distros Unpatched Vulnerability : CVE-2025-29087
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In SQLite 3.44.0 through 3.49.0 before 3.49.1, the concatws SQL function can cause memory to be written beyond the end of a malloc-allocated buffer. If the...
DEBIAN-CVE-2025-29087
In SQLite 3.44.0 through 3.49.0 before 3.49.1, the concatws SQL function can cause memory to be written beyond the end of a malloc-allocated buffer. If the separator argument is attacker-controlled and has a large string e.g., 2MB or more, an integer overflow occurs in calculating the size of the...
CVE-2025-29087
In SQLite 3.44.0 through 3.49.0 before 3.49.1, the concatws SQL function can cause memory to be written beyond the end of a malloc-allocated buffer. If the separator argument is attacker-controlled and has a large string e.g., 2MB or more, an integer overflow occurs in calculating the size of the...
UBUNTU-CVE-2025-29087
In SQLite 3.44.0 through 3.49.0 before 3.49.1, the concatws SQL function can cause memory to be written beyond the end of a malloc-allocated buffer. If the separator argument is attacker-controlled and has a large string e.g., 2MB or more, an integer overflow occurs in calculating the size of the...
CVE-2025-29087
creationtimestamp| type| source ---|---|--- 2025-04-07 19:45:26+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/10762 2025-04-07 22:55:44+00:00| seen| https://t.me/cvedetector/22344 2025-04-08 15:48:09+00:00| seen|...
SQLite report about CVE-2025-29087
Duplicate of CVE-2025-3277...