4912 matches found
CVE-2023-39265 Apache Superset: Possible Unauthorized Registration of SQLite Database Connections
Apache Superset would allow for SQLite database connections to be incorrectly registered when an attacker uses alternative driver names like sqlite+pysqlite or by using database imports. This could allow for unexpected file creation on Superset webservers. Additionally, if Apache Superset is usin...
CVE-2023-39265
CVE-2023-39265 : Multiple connected documents describe a vulnerability in Apache Superset where SQLite database connections can be registered incorrectly when using alternative driver names (e.g., sqlite+pysqlite) or via database imports. This may allow arbitrary file creation on Superset webserv...
ICMPWatch - ICMP Packet Sniffer
ICMP Packet Sniffer is a Python program that allows you to capture and analyze ICMP Internet Control Message Protocol packets on a network interface. It provides detailed information about the captured packets, including source and destination IP addresses, MAC addresses, ICMP type, payload data,...
Apache Superset 输入验证错误漏洞
Apache Superset is a data visualization and data exploration platform from the Apache USA Foundation. A security bypass vulnerability exists in Apache Superset version 2.1.0 and earlier, which can be exploited by an attacker to register a SQLite database connection...
The vulnerability of the ext/fts3/fts3.c component of the SQLite database management system allows a hacker to execute arbitrary code.
The vulnerability of the ext/fts3/fts3.c component of the SQLite database management system is related to integer overflow. Exploiting this vulnerability could allow an attacker to execute arbitrary code...
SQL injection in slug parameter
Description The /api/workspace/:slug endpoint exposes a critical SQL injection vulnerability in the slug parameter. This vulnerability arises due to the insecure handling of user-supplied data slug in the construction of a SQL query. An attacker can exploit this vulnerability by crafting a...
CVE-2023-39983
A vulnerability that poses a potential risk of polluting the MXsecurity sqlite database and the nsm-web UI has been identified in MXsecurity versions prior to v1.0.1. This vulnerability might allow an unauthenticated remote attacker to register or add devices via the nsm-web application...
CVE-2023-39983 MXsecurity Register Database Pollution
A vulnerability that poses a potential risk of polluting the MXsecurity sqlite database and the nsm-web UI has been identified in MXsecurity versions prior to v1.0.1. This vulnerability might allow an unauthenticated remote attacker to register or add devices via the nsm-web application...
CVE-2023-39983 MXsecurity Register Database Pollution
A vulnerability that poses a potential risk of polluting the MXsecurity sqlite database and the nsm-web UI has been identified in MXsecurity versions prior to v1.0.1. This vulnerability might allow an unauthenticated remote attacker to register or add devices via the nsm-web application...
The vulnerability of the sqlite3_str_vappendf function in the printf.c file of the SQLite database management system, which allows a attacker to cause a service failure
The vulnerability of the sqlite3strvappendf function in the printf.c file of the SQLite database management system is related to integer overflow. Exploiting this vulnerability could allow an attacker to cause a service failure...
Important Photon OS Security Update - PHSA-2023-4.0-0463
Updates of 'open-vm-tools', 'hwloc', 'sqlite' packages of Photon OS have been released...
RLSA-2023:3840 Moderate: sqlite security update
SQLite is a C library that implements an SQL database engine. A large subset of SQL92 is supported. A complete database is stored in a single disk file. The API is designed for convenience and ease of use. Applications that link against SQLite can enjoy the power and flexibility of an SQL databas...
sqlite security update
An update is available for sqlite. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list SQLite is a C library that implements an SQL database engine. A large subset o...
The vulnerability in the `appendvfs.c` component of the SQLite database management system allows a hacker to cause a service failure.
The vulnerability of the appendvfs.c component in the SQLite database management system is related to reading data beyond the permissible buffer size. Exploiting this vulnerability could allow a remote attacker to cause service interruptions...
CVE-2023-39939
SQL injection vulnerability in LuxCal Web Calendar prior to 5.2.3M MySQL version and LuxCal Web Calendar prior to 5.2.3L SQLite version allows a remote unauthenticated attacker to execute arbitrary queries against the database and obtain or alter the information in it...
CVE-2023-39543
Cross-site scripting vulnerability in LuxCal Web Calendar prior to 5.2.3M MySQL version and LuxCal Web Calendar prior to 5.2.3L SQLite version allows a remote unauthenticated attacker to execute an arbitrary script on the web browser of the user who is using the product...
Sql injection
SQL injection vulnerability in LuxCal Web Calendar prior to 5.2.3M MySQL version and LuxCal Web Calendar prior to 5.2.3L SQLite version allows a remote unauthenticated attacker to execute arbitrary queries against the database and obtain or alter the information in it...
Cross site scripting
Cross-site scripting vulnerability in LuxCal Web Calendar prior to 5.2.3M MySQL version and LuxCal Web Calendar prior to 5.2.3L SQLite version allows a remote unauthenticated attacker to execute an arbitrary script on the web browser of the user who is using the product...
CVE-2023-39939
SQL injection vulnerability in LuxCal Web Calendar prior to 5.2.3M MySQL version and LuxCal Web Calendar prior to 5.2.3L SQLite version allows a remote unauthenticated attacker to execute arbitrary queries against the database and obtain or alter the information in it...
CVE-2023-39543
Cross-site scripting vulnerability in LuxCal Web Calendar prior to 5.2.3M MySQL version and LuxCal Web Calendar prior to 5.2.3L SQLite version allows a remote unauthenticated attacker to execute an arbitrary script on the web browser of the user who is using the product...