sqlite: NULL pointer dereference in ext/fts3/fts3_snippet.c via a crafted matchinfo() query

A NULL pointer dereference flaw was found in the matchinfo auxiliary function of the SQLite FTS3 extension module. This flaw allows an attacker who can execute SQL statements to crash the application, resulting in a denial of service...

EulerOS 2.0 SP9 : unbound (EulerOS-SA-2020-2423)

According to the version of the unbound packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - Unbound before 1.9.4 accesses uninitialized memory, which allows remote attackers to trigger a crash via a crafted NOTIFY query. The source IP...

F5 Networks BIG-IP : BIND vulnerability (K82252291)

In BIND 9.10.0 - 9.11.21, 9.12.0 - 9.16.5, 9.17.0 - 9.17.3, also affects 9.10.5-S1 - 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker that can reach a vulnerable system with a specially crafted query packet can trigger a crash. To be vulnerable, the system must: be running BIND tha...

ISC BIND 9.10.x < 9.11.22, 9.12.x < 9.16.6, 9.17.x < 9.17.4 DoS

According to its self-reported version number, the installation of ISC BIND running on the remote name server is version 9.10.x prior to 9.11.22, 9.12.x prior to 9.16.6 or 9.17.x prior to 9.17.4. It is, therefore, affected by a denial of service DoS. If BIND is built with --enable-native-pkcs11...

CVE-2020-8623

In BIND 9.10.0 - 9.11.21, 9.12.0 - 9.16.5, 9.17.0 - 9.17.3, also affects 9.10.5-S1 - 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker that can reach a vulnerable system with a specially crafted query packet can trigger a crash. To be vulnerable, the system must: be running BIND tha...

ALPINE-CVE-2020-8623

In BIND 9.10.0 - 9.11.21, 9.12.0 - 9.16.5, 9.17.0 - 9.17.3, also affects 9.10.5-S1 - 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker that can reach a vulnerable system with a specially crafted query packet can trigger a crash. To be vulnerable, the system must: be running BIND tha...

CVE-2020-8623

In BIND 9.10.0 - 9.11.21, 9.12.0 - 9.16.5, 9.17.0 - 9.17.3, also affects 9.10.5-S1 - 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker that can reach a vulnerable system with a specially crafted query packet can trigger a crash. To be vulnerable, the system must: be running BIND tha...

CVE-2020-8623

A flaw was found in bind. An assertion failure can occur when a specially crafted query for a zone signed with an RSA key. BIND must be compiled with "--enable-native-pkcs11" for the system to be affected. The highest threat from this vulnerability is to system availability...

CVE-2019-16244

OMERO.server before 5.6.1 allows attackers to bypass the security filters and access hidden objects via a crafted query...

CVE-2019-16244

OMERO.server before 5.6.1 allows attackers to bypass the security filters and access hidden objects via a crafted query...

Security feature bypass

OMERO.server before 5.6.1 allows attackers to bypass the security filters and access hidden objects via a crafted query...

CVE-2019-16244

OMERO.server contains a vulnerability (CVE-2019-16244) affecting versions prior to 5.6.1 where a crafted query can bypass security filters and access hidden objects. The issue is documented across multiple sources (NVD entry and CNVD/CVE references) with a high-severity impact (CVSS 3.1: Critical...

CVE-2019-16244

OMERO.server before 5.6.1 allows attackers to bypass the security filters and access hidden objects via a crafted query...

[ASA-202006-11] sqlite: arbitrary code execution

Arch Linux Security Advisory ASA-202006-11 ========================================== Severity: High Date : 2020-06-28 CVE-ID : CVE-2020-13871 Package : sqlite Type : arbitrary code execution Remote : No Link : https://security.archlinux.org/AVG-1182 Summary ======= The package sqlite before...

CVE-2020-13632

ext/fts3/fts3snippet.c in SQLite before 3.32.0 has a NULL pointer dereference via a crafted matchinfo query...

CVE-2015-5230

The DNS packet parsing/generation code in PowerDNS aka pdns Authoritative Server 3.4.x before 3.4.6 allows remote attackers to cause a denial of service crash via crafted query packets...

CVE-2015-5230

The DNS packet parsing/generation code in PowerDNS aka pdns Authoritative Server 3.4.x before 3.4.6 allows remote attackers to cause a denial of service crash via crafted query packets...

PYSEC-2019-172

In Apache Incubator Superset before 0.31 user could query database metadata information from a database he has no access to, by using a specially crafted complex query...

PT-2019-12792 · Apache · Apache Incubator Superset

Name of the Vulnerable Software and Affected Versions: Apache Incubator Superset versions prior to 0.31 Description: The issue allows a user to query database metadata information from a database they have no access to, by using a specially crafted complex query. Recommendations: For versions pri...

CVE-2019-16866

Unbound before 1.9.4 accesses uninitialized memory, which allows remote attackers to trigger a crash via a crafted NOTIFY query. The source IP address of the query must match an access-control rule...