[SECURITY] [DLA 3489-1] mediawiki security update

Debian LTS Advisory DLA-3489-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany July 10, 2023 https://wiki.debian.org/LTS Package : mediawiki Version : 1:1.31.16-1+deb10u5 CVE ID : CVE-2022-47927 A security issue was discovered in MediaWiki, a website engine for...

Mageia: Security Advisory (MGASA-2023-0214)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

MGASA-2023-0214 Updated perl-DBD-SQLite packages fix security vulnerability

Possible unfixed security issues due to bundled sqlite3...

Updated perl-DBD-SQLite packages fix security vulnerability

Possible unfixed security issues due to bundled sqlite3...

PT-2023-36346 · Sqlite3 · Sqlite3

Name of the Vulnerable Software and Affected Versions: sqlite3 affected versions not specified Description: The issue is related to possible unfixed security issues due to bundled sqlite3. Recommendations: At the moment, there is no information about a newer version that contains a fix for this...

Security Bulletin: IBM Watson Assistant for IBM Cloud Pak for Data is vulnerable to SQLite denial of service vulnerability( CVE-2022-35737)

Summary Potential SQLite denial of service vulnerability CVE-2022-35737 has been identified that may affect IBM Watson Assistant for IBM Cloud Pak for Data. Refer to details for additional information. Vulnerability Details CVEID:CVE-2022-35737 DESCRIPTION: SQLite is vulnerable to a denial of...

CVE-2023-36191

A segmentation fault was discovered in SQLite. This issue exists due to a boundary error within the /sqlite3aflpp/shell.c which could allow a local user to send a specially crafted request to the database to trigger memory corruption and perform a denial of service DoS attack...

sqlite security update

3.26.0-18.0.1 - Bumped release to add correct changelog entry. Version 3.26.0-18 fixes CVE-2020-24736 3.26.0-18 - Fixed CVE-2022-24736...

Nessus Network Monitor < 6.2.2 Multiple Vulnerabilities (TNS-2023-23)

According to its self-reported version, the Nessus Network Monitor running on the remote host is prior to 6.2.2. It is, therefore, affected by multiple vulnerabilities as referenced in the TNS-2023-23 advisory. Several of the third-party components were found to contain vulnerabilities, and updat...

CLSA-2023-1688070107 sqlite: Fix of CVE-2020-24736

CVE-2020-24736: internally, remove all references to a Window object that belongs to an expression in an ORDER BY clause if that expression is converted to an alias of a result-set expression...

CLSA-2023-1688069016 sqlite: Fix of CVE-2020-24736

CVE-2020-24736: internally, remove all references to a Window object that belongs to an expression in an ORDER BY clause if that expression is converted to an alias of a result-set expression...

SUSE SLES12 Security Update : sqlite3 (SUSE-SU-2023:2668-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:2668-1 advisory. - SQLite through 3.40.0, when relying on --safe for execution of an untrusted CLI script, does not properly implement the...

Mageia: Security Advisory (MGASA-2023-0208)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

AlmaLinux 8 : sqlite (ALSA-2023:3840)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2023:3840 advisory. - Buffer Overflow vulnerability found in SQLite3 v.3.27.1 and before allows a local attacker to cause a denial of service via a crafted script. CVE-2020-24736 Note...

MGASA-2023-0204 Updated mediawiki packages fix security vulnerability

Bundled PapaParse copy in VisualEditor has known ReDos CVE-2020-36649. An issue was discovered in MediaWiki before 1.35.9. When installing with a pre-existing data directory that has weak permissions, the SQLite files are created with file mode 0644, i.e., world readable to local users. These fil...

MGASA-2023-0208 Updated sqlite packages fix security vulnerability

osunix.c in SQLite before 3.13.0 improperly implements the temporary directory search algorithm, which might allow local users to obtain sensitive information, cause a denial of service application crash, or have unspecified other impact by leveraging use of the current working directory for...

Updated mediawiki packages fix security vulnerability

Bundled PapaParse copy in VisualEditor has known ReDos CVE-2020-36649. An issue was discovered in MediaWiki before 1.35.9. When installing with a pre-existing data directory that has weak permissions, the SQLite files are created with file mode 0644, i.e., world readable to local users. These fil...

Updated sqlite packages fix security vulnerability

osunix.c in SQLite before 3.13.0 improperly implements the temporary directory search algorithm, which might allow local users to obtain sensitive information, cause a denial of service application crash, or have unspecified other impact by leveraging use of the current working directory for...

sqlite: Crash due to misuse of window functions.

A flaw was found in SQLite. A buffer overflow vulnerability allows a local attacker to cause a denial of service via a crafted script...

Moderate: Red Hat Security Advisory: sqlite security update

An update for sqlite is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...