PT-2025-35201

Name of the Vulnerable Software and Affected Versions: Payload versions prior to 3.44.0 Description: A session fixation issue existed in Payload's SQLite adapter due to identifier reuse during account creation. An attacker could create an account, save its JSON Web Token JWT, delete the account,...

[R1] Stand-alone Security Patches Available for Tenable Security Center versions 6.4.x, 6.5.1 and 6.6.0: SC-202508.1

R1 Stand-alone Security Patches Available for Tenable Security Center versions 6.4.x, 6.5.1 and 6.6.0: SC-202508.1 Arnie Cabral Thu, 08/28/2025 - 11:18 Security Center leverages third-party software to help provide underlying functionality. Several of the third-party components Apache, PHP, sqlit...

RockyLinux 8 : nodejs:22 (RLSA-2025:11803)

The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2025:11803 advisory. sqlite: Integer Truncation in SQLite CVE-2025-6965 Tenable has extracted the preceding description block directly from the RockyLinux security advisory. Note tha...

FreeBSD : SQLite -- application crash (6989312e-8366-11f0-9bc6-b42e991fc52e)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 6989312e-8366-11f0-9bc6-b42e991fc52e advisory. [email protected] reports: In SQLite 3.49.0 before 3.49.1, certain argument values to sqlite3dbconfig in th...

CVE-2025-50983

SQL Injection vulnerability exists in the sortKey parameter of the GET /api/v1/wanted/cutoff API endpoint in readarr 0.4.15.2787. The endpoint fails to properly sanitize user-supplied input, allowing attackers to inject and execute arbitrary SQL commands against the backend SQLite database. Sqlma...

CVE-2025-50983

SQL Injection vulnerability exists in the sortKey parameter of the GET /api/v1/wanted/cutoff API endpoint in readarr 0.4.15.2787. The endpoint fails to properly sanitize user-supplied input, allowing attackers to inject and execute arbitrary SQL commands against the backend SQLite database. Sqlma...

CVE-2025-50983

SQL Injection vulnerability exists in the sortKey parameter of the GET /api/v1/wanted/cutoff API endpoint in readarr 0.4.15.2787. The endpoint fails to properly sanitize user-supplied input, allowing attackers to inject and execute arbitrary SQL commands against the backend SQLite database. Sqlma...

CVE-2025-50983

SQL Injection vulnerability exists in the sortKey parameter of the GET /api/v1/wanted/cutoff API endpoint in readarr 0.4.15.2787. The endpoint fails to properly sanitize user-supplied input, allowing attackers to inject and execute arbitrary SQL commands against the backend SQLite database. Sqlma...

PT-2025-34881 · Unknown · Diskover-Web

Name of the Vulnerable Software and Affected Versions: diskover-web version 2.3.0 Description: The application is susceptible to multiple boolean-based blind SQL injection flaws in its Elasticsearch configuration form. Improper input validation and parameterization in JSON-based query constructio...

PT-2025-34877 · Readarr · Readarr

Name of the Vulnerable Software and Affected Versions: readarr version 0.4.15.2787 Description: A SQL Injection issue exists in readarr that allows attackers to inject and execute arbitrary SQL commands against the backend SQLite database. The /api/v1/wanted/cutoff API endpoint does not properly...

Linux Distros Unpatched Vulnerability : CVE-2023-32697

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - SQLite JDBC is a library for accessing and creating SQLite database files in Java. Sqlite-jdbc addresses a remote code execution vulnerability via JDBC URL. Thi...

TencentOS Server 4: sqlite (TSSA-2025:0702)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0702 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

CVE-2025-6965 affecting package sqlite for versions less than 3.44.0-2

CVE-2025-6965 affecting package sqlite for versions less than 3.44.0-2. A patched version of the package is available...

Exploit for Out-of-bounds Write in Php

Task Management APP CVE-2019-11043 Lab Minimal PHP app with...

Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-7.3.0.6)

The version of AOS installed on the remote host is prior to 7.3.0.6. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-7.3.0.6 advisory. - LZ4 before 1.9.2 has a heap-based buffer overflow in LZ4write32 related to LZ4compressdestSize, affecting applications that...

Alibaba Cloud Linux 3 : 0140: mingw-sqlite (ALINUX3-SA-2025:0140)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2025:0140 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2025-6965: There exists a vulnerability in SQLi...

ROS-20250825-06

A vulnerability in the Aggregate Term Handler component of the SQLite database management system is related to errors in the numeric truncation errors. Exploitation of the vulnerability could allow an attacker acting remotely to impact the confidentiality, integrity, and availability of the SQLit...

[Important] [Security] Vulnerability Fix in sqlite (CVE-2025-6965) for VzLinux 7.9

This update fixes the vulnerability in sqlite registered as CVE-2025-6965...

CLSA-2025-1755885175 Fix CVE(s): CVE-2025-29088

SECURITY UPDATE: denial of service via sqlite3dbconfig argument values - debian/patches/CVE-2025-29088.patch: harden the SQLITEDBCONFIGLOOKASIDE interface against misuse, such as described in forum post 48f365daec Enhancements to the SQLITEDBCONFIGLOOKASIDE documentation - CVE-2025-29088...

Astra Linux – Vulnerability in SQLite3

There is a vulnerability in SQLite versions before 3.50.2, where the number of aggregate terms can exceed the number of available columns. This could lead to a memory corruption issue. We recommend upgrading to version 3.50.2 or higher...