K000138425: SQLite vulnerability CVE-2023-7104

Security Advisory Description A vulnerability was found in SQLite SQLite3 up to 3.43.0 and classified as critical. This issue affects the function sessionReadRecord of the file ext/session/sqlite3session.c of the component make alltest Handler. The manipulation leads to heap-based buffer overflow...

RHEL 8 : sqlite (RHSA-2024:0589)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:0589 advisory. SQLite is a C library that implements an SQL database engine. A large subset of SQL92 is supported. A complete database is stored in a single disk...

Amazon Linux 2 : firefox (ALASFIREFOX-2024-020)

The version of firefox installed on the remote host is prior to 115.6.0-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2FIREFOX-2024-020 advisory. A vulnerability was found in SQLite SQLite3 up to 3.43.0 and classified as critical. This issue affects the function...

Important: firefox

Issue Overview: A vulnerability was found in SQLite SQLite3 up to 3.43.0 and classified as critical. This issue affects the function sessionReadRecord of the file ext/session/sqlite3session.c of the component make alltest Handler. The manipulation leads to heap-based buffer overflow. It is...

Rocky Linux 8 : sqlite (RLSA-2024:0253)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2024:0253 advisory. - A vulnerability was found in SQLite SQLite3 up to 3.43.0 and classified as critical. This issue affects the function sessionReadRecord of the file...

Use After Free

sqlite3 is vulnerable to a Heap Based Use After Free. The vulnerability is caused due to a flaw in function jsonParseAddNodeArray within sqlite3.c. This flaw allows a local attacker to leverage a victim to pass specially crafted malicious input to the application, potentially causing a crash and...

Ubuntu: Security Advisory (USN-6566-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2023-7104

A vulnerability was found in SQLite3. This issue affects the sessionReadRecord function of the ext/session/sqlite3session.c function in the make alltest Handler component. Manipulation may cause a heap-based buffer overflow to occur. Mitigation Mitigation for this issue is either not available or...

CVE-2023-7104

A vulnerability was found in SQLite SQLite3 up to 3.43.0 and classified as critical. This issue affects the function sessionReadRecord of the file ext/session/sqlite3session.c of the component make alltest Handler. The manipulation leads to heap-based buffer overflow. It is recommended to apply a...

CVE-2023-7104 SQLite SQLite3 make alltest sqlite3session.c sessionReadRecord heap-based overflow

A vulnerability was found in SQLite SQLite3 up to 3.43.0 and classified as critical. This issue affects the function sessionReadRecord of the file ext/session/sqlite3session.c of the component make alltest Handler. The manipulation leads to heap-based buffer overflow. It is recommended to apply a...

CVE-2023-7104

CVE-2023-7104 : SQLite3 up to 3.43.0 is vulnerable in the extension code, specifically the function sessionReadRecord in ext/session/sqlite3session.c. The issue permits a heap-based buffer overflow due to improper input validation, as described in multiple sources (including Brocade security note...

Nutanix AHV : Multiple Vulnerabilities (NXSA-AHV-20230302.1011)

The version of AHV installed on the remote host is prior to 20230302.102005. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AHV-20230302.1011 advisory. - Error handling in the SSH protocol in 1 SSH Tectia Client and Server and Connector 4.0 through 4.4.11, 5.0...

SUSE: Security Advisory (SUSE-SU-2023:4619-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : sqlite3 (SUSE-SU-2023:4619-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:4619-1 advisory. - Heap buffer overflow in sqlite in Google Chrome prior to 112.0.5615.137 allowed a remote attacker to...

SUSE-SU-2023:4619-1 Security update for sqlite3

This update for sqlite3 fixes the following issues: - CVE-2023-2137: Fixed heap buffer overflow bsc1210660...

SUSE: Security Advisory (SUSE-SU-2023:4576-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLES12 Security Update : sqlite3 (SUSE-SU-2023:4576-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:4576-1 advisory. - Heap buffer overflow in sqlite in Google Chrome prior to 112.0.5615.137 allowed a remote attacker to potentially exploit heap corruption v...

SUSE-SU-2023:4576-1 Security update for sqlite3

This update for sqlite3 fixes the following issues: - CVE-2023-2137: Fixed heap buffer overflow bsc1210660...

Ubuntu 16.04 LTS / 18.04 LTS : Berkeley DB vulnerability (USN-4004-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-4004-1 advisory. It was discovered that Berkeley DB incorrectly handled certain inputs. An attacker could possibly use this issue to read sensitive information. Tenabl...

DorXNG - Next Generation DorX. Built By Dorks, For Dorks

DorXNG is a modern solution for harvesting OSINT data using advanced search engine operators through multiple upstream search providers. On the backend it leverages a purpose built containerized image of SearXNG, a self-hosted, hackable, privacy focused, meta-search engine. Our SearXNG...