The vulnerability of the command-line interface of the SQLite database management system allows a hacker to gain unauthorized access to prohibited user functions.

The vulnerability of the command-line interface of the SQLite database management system is related to errors in the implementation of the azAllowedFunctions protection mechanism. Exploiting this vulnerability can allow an attacker to gain unauthorized access to prohibited user functions...

The vulnerability of Apache Superset’s data visualization software lies in insufficient validation of input data. This allows attackers to create arbitrary files and gain unauthorized access to protected information.

The vulnerability of Apache Superset’s data visualization software relates to the use of alternative driver names during database import. Exploiting this vulnerability allows an attacker to create arbitrary files and gain unauthorized access to protected information by connecting to SQLite...

Medium: php

Issue Overview: A flaw was found in PHP. This issue occurs due to an uncaught integer overflow in PDO::quote of PDOSQLite returning an improperly quoted string. With the implementation of sqlite3snprintf, it is possible to force the function to return a single apostrophe if the function is called...

Medium: php

Issue Overview: A flaw was found in PHP. This issue occurs due to an uncaught integer overflow in PDO::quote of PDOSQLite returning an improperly quoted string. With the implementation of sqlite3snprintf, it is possible to force the function to return a single apostrophe if the function is called...

Improper Input Validation

apache-superset is vulnerable to Improper Input Validation. The vulnerability allows an attacker to trick a user into potentially registering a SQLite database connection incorrectly if an attacker employs alternative driver names such as sqlite+pysqlite or utilizes database imports. This...

OESA-2023-1622 php security update

PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is...

The vulnerability of the library for accessing and creating SQLite JDBC files is related to improper code generation. This allows an attacker to execute arbitrary code.

The vulnerability of the library for accessing and creating SQLite JDBC files is related to improper code generation. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

Security Bulletin: There is a vulnerability in SQLite JDBC used by IBM Maximo Manage application in IBM Maximo Application Suite ( CVE-2023-32697)

Summary There is a vulnerability in SQLite JDBC used by IBM Maximo Manage application in IBM Maximo Application Suite. Vulnerability Details CVEID:CVE-2023-32697 DESCRIPTION: SQLite JDBC could allow a remote authenticated attacker to execute arbitrary code on the system, caused by a flaw when JDB...

Security Bulletin: There is a vulnerabiliy in SQLite JDBC used by IBM Maximo Asset Management (CVE-2023-32697)

Summary There is a vulnerabiliy in SQLite JDBC used by IBM Maximo Asset Management. Vulnerability Details CVEID:CVE-2023-32697 DESCRIPTION: SQLite JDBC could allow a remote authenticated attacker to execute arbitrary code on the system, caused by a flaw when JDBC url is attacker controlled. By...

Alert: Apache Superset Vulnerabilities Expose Servers to Remote Code Execution Attacks

Patches have been released to address two new security vulnerabilities in Apache Superset that could be exploited by an attacker to gain remote code execution on affected systems. The update version 2.1.1 plugs CVE-2023-39265 and CVE-2023-37941, which make it possible to conduct nefarious actions...

Oracle Linux 8 : sqlite (ELSA-2020-1810)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-1810 advisory. - Fixed CVE-2019-13752 1786529 - Fixed CVE-2019-13753 1786535 - Fixed CVE-2019-13734 1786509 - Fixed CVE-2019-19924 1789776 - Fixed CVE-2019-19923...

Oracle Linux 8 : sqlite (ELSA-2020-0273)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2020-0273 advisory. 3.26.0-4 - Fixed CVE-2019-13734 1786508 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus...

Critical Photon OS Security Update - PHSA-2023-5.0-0089

Updates of 'libssh', 'openvswitch', 'sqlite' packages of Photon OS have been released...

K000136109: PHP SQLite vulnerability CVE-2022-31631

Security Advisory Description In PHP versions 8.0. before 8.0.27, 8.1. before 8.1.15, 8.2. before 8.2.2 when using PDO::quote function to quote user-supplied data for SQLite, supplying an overly long string may cause the driver to incorrectly quote the data, which may further lead to SQL injectio...

GHSA-FM4Q-J8G4-C9J4 Apache Superset Improper Input Validation vulnerability

Apache Superset would allow for SQLite database connections to be incorrectly registered when an attacker uses alternative driver names like sqlite+pysqlite or by using database imports. This could allow for unexpected file creation on Superset webservers. Additionally, if Apache Superset is usin...

Apache Superset Improper Input Validation vulnerability

Apache Superset would allow for SQLite database connections to be incorrectly registered when an attacker uses alternative driver names like sqlite+pysqlite or by using database imports. This could allow for unexpected file creation on Superset webservers. Additionally, if Apache Superset is usin...

CVE-2023-39265

Apache Superset would allow for SQLite database connections to be incorrectly registered when an attacker uses alternative driver names like sqlite+pysqlite or by using database imports. This could allow for unexpected file creation on Superset webservers. Additionally, if Apache Superset is usin...

CVE-2023-39265

Apache Superset would allow for SQLite database connections to be incorrectly registered when an attacker uses alternative driver names like sqlite+pysqlite or by using database imports. This could allow for unexpected file creation on Superset webservers. Additionally, if Apache Superset is usin...

Design/Logic Flaw

Apache Superset would allow for SQLite database connections to be incorrectly registered when an attacker uses alternative driver names like sqlite+pysqlite or by using database imports. This could allow for unexpected file creation on Superset webservers. Additionally, if Apache Superset is usin...

CVE-2023-39265 Apache Superset: Possible Unauthorized Registration of SQLite Database Connections

Apache Superset would allow for SQLite database connections to be incorrectly registered when an attacker uses alternative driver names like sqlite+pysqlite or by using database imports. This could allow for unexpected file creation on Superset webservers. Additionally, if Apache Superset is usin...