sqlite3:ossfuzz: Heap-buffer-overflow in whereLoopAddBtreeIndex

Detailed Report: https://oss-fuzz.com/testcase?key=6503337062301696 Project: sqlite3 Fuzzing Engine: honggfuzz Fuzz Target: ossfuzz Job Type: honggfuzzasansqlite3 Platform Id: linux Crash Type: Heap-buffer-overflow READ 2 Crash Address: 0x60f0000003b8 Crash State: whereLoopAddBtreeIndex...

FreeBSD : several security issues in sqlite3 (c4ac9c79-ab37-11ea-8b5e-b42e99a1b9c3)

sqlite3 update : Various security issues could be used by an attacker to cause SQLite to crash, resulting in a denial of service, or possibly execute arbitrary code. - CVE-2020-11655: SQLite through 3.31.1 allows attackers to cause a denial of service segmentation fault via a malformed...

Ubuntu: Security Advisory (USN-4394-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-4394-1 sqlite3 vulnerabilities

It was discovered that SQLite incorrectly handled certain corruped schemas. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 18.04 LTS. CVE-2018-8740 It was discovered that SQLite incorrectly handled certain SELECT statements. An attacker cou...

sqlite3:ossfuzz: Use-of-uninitialized-value in sqlite3Atoi64

Detailed Report: https://oss-fuzz.com/testcase?key=5706433432911872 Project: sqlite3 Fuzzing Engine: libFuzzer Fuzz Target: ossfuzz Job Type: libfuzzermsansqlite3 Platform Id: linux Crash Type: Use-of-uninitialized-value Crash Address: Crash State: sqlite3Atoi64 computeNumericType numericType...

Debian DLA-2221-1 : sqlite3

An integer overflow vulnerability was found in the sqlite3strvappendf function of the src/printf.c file of sqlite3 from version 3.8.3. For Debian 8 'Jessie', this problem has been fixed in version 3.8.7.1-1+deb8u6. We recommend that you upgrade your sqlite3 packages. NOTE: Tenable Network Securit...

Debian: Security Advisory (DLA-2221-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DLA 2221-1] sqlite3

Package : sqlite3 Version : 3.8.7.1-1+deb8u6 CVE ID : CVE-2020-13434 An integer overflow vulnerability was found in the sqlite3strvappendf function of the src/printf.c file of sqlite3 from version 3.8.3. For Debian 8 "Jessie", this problem has been fixed in version 3.8.7.1-1+deb8u6. We recommend...

DLA-2221-1 sqlite3 - security update

Bulletin has no description...

AZL-38614 CVE-2020-13434 affecting package ceph for versions less than 18.2.1-1

SQLite through 3.32.0 has an integer overflow in sqlite3strvappendf in printf.c...

[SECURITY] [DLA 2203-1] sqlite3 security update

Package : sqlite3 Version : 3.8.7.1-1+deb8u5 CVE ID : CVE-2020-11655 It was discovered that there was a denial of service attack in the SQLite database, often embedded into other programs and servers. In the event of a semantic error in an aggregate query, SQLite did not return early from the...

DLA-2203-1 sqlite3 - security update

Bulletin has no description...

SeedDMS 5.1.18 Persistent Cross Site Scripting

Document Title: =============== SeedDMS v5.1.18 - Multiple Persistent Web Vulnerabilities References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2209 Release Date: ============= 2020-04-15 Vulnerability Laboratory ID VL-ID: ====================================...

sqlite3:ossfuzz: Use-of-uninitialized-value in sqlite3Atoi64

Detailed Report: https://oss-fuzz.com/testcase?key=5676952943067136 Project: sqlite3 Fuzzing Engine: libFuzzer Fuzz Target: ossfuzz Job Type: libfuzzermsansqlite3 Platform Id: linux Crash Type: Use-of-uninitialized-value Crash Address: Crash State: sqlite3Atoi64 computeNumericType numericType...

Fedora 30 : php (2020-ce5a2a7403)

PHP version 7.3.16 19 Mar 2020 Core: - Fixed bug php63206 restoreerrorhandler does not restore previous errors mask. Mark Plomer DOM: - Fixed bug php77569: Write Access Violation in DomImplementation. Nikita, cmb - Fixed bug php79271 DOMDocumentType::$childNodes is NULL. cmb Enchant: - Fixed bug...

Fedora 31 : php (2020-0bf228857a)

PHP version 7.3.16 19 Mar 2020 Core: - Fixed bug php63206 restoreerrorhandler does not restore previous errors mask. Mark Plomer DOM: - Fixed bug php77569: Write Access Violation in DomImplementation. Nikita, cmb - Fixed bug php79271 DOMDocumentType::$childNodes is NULL. cmb Enchant: - Fixed bug...

10-Strike Network Inventory Explorer 8.54 - Add Local Buffer Overflow (SEH)

10-Strike Network Inventory Explorer 8.54 - Add Local Buffer Overflow SEH Exploit Title: 10-Strike Network Inventory Explorer 8.54 - 'Add' Local Buffer Overflow SEH Date: 2020-03-24 Author: Felipe Winsnes Vendor Homepage: https://www.10-strike.com/ Software Link:...

10-Strike Network Inventory Explorer 8.54 - 'Add' Local Buffer Overflow (SEH)

Exploit Title: 10-Strike Network Inventory Explorer 8.54 - 'Add' Local Buffer Overflow SEH Date: 2020-03-24 Author: Felipe Winsnes Vendor Homepage: https://www.10-strike.com/ Software Link: https://www.10-strike.com/networkinventoryexplorer/network-inventory-setup.exe Version: 8.54 Tested on:...

10-Strike Network Inventory Explorer 8.54 Buffer Overflow

Exploit Title: 10-Strike Network Inventory Explorer 8.54 - 'Add' Local Buffer Overflow SEH Date: 2020-03-24 Author: Felipe Winsnes Vendor Homepage: https://www.10-strike.com/ Software Link: https://www.10-strike.com/networkinventoryexplorer/network-inventory-setup.exe Version: 8.54 Tested on:...

Ubuntu: Security Advisory (USN-4298-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...