Huawei EulerOS: Security Advisory for sqlite (EulerOS-SA-2023-1578)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for sqlite (EulerOS-SA-2023-1588)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP11 : sqlite (EulerOS-SA-2023-1588)

According to the versions of the sqlite package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - SQLite through 3.40.0, when relying on --safe for execution of an untrusted CLI script, does not properly implement the azProhibitedFunctions...

EulerOS 2.0 SP11 : sqlite (EulerOS-SA-2023-1578)

According to the versions of the sqlite package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - SQLite through 3.40.0, when relying on --safe for execution of an untrusted CLI script, does not properly implement the azProhibitedFunctions...

Important: sqlite

Issue Overview: SQLite 1.0.12 through 3.39.x before 3.39.2 sometimes allows an array-bounds overflow if billions of bytes are used in a string argument to a C API. CVE-2022-35737 Affected Packages: sqlite Issue Correction: Run dnf update sqlite --releasever 2023.0.20230322 or dnf update --advisor...

Amazon Linux 2023 : lemon, sqlite, sqlite-analyzer (ALAS2023-2023-089)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2023-089 advisory. SQLite 1.0.12 through 3.39.x before 3.39.2 sometimes allows an array-bounds overflow if billions of bytes are used in a string argument to a C API. CVE-2022-35737 Tenable has extracted the preceding...

CBL Mariner 2.0 Security Update: sqlite (CVE-2022-46908)

The version of sqlite installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-46908 advisory. - SQLite through 3.40.0, when relying on --safe for execution of an untrusted CLI script, does not properly...

Wifi_Db - Script To Parse Aircrack-ng Captures To A SQLite Database

Script to parse Aircrack-ng captures into a SQLite database and extract useful information like handshakes in 22000 hashcat format, MGT identities, interesting relations between APs, clients and it's Probes, WPS information and a global view of all the APs seen. / | | || | \ \ /\ / /| || | | | / ...

node-sqlite3 安全漏洞

node-sqlite3 is an asynchronous, non-blocking SQLite3 interface library based on Node.js. A security vulnerability exists in node-sqlite3 that stems from the fact that Node.js' SQLite3 bindings are vulnerable to the execution of arbitrary JavaScript code if the binding parameters are well-designe...

sqlite vulnerable to code execution due to Object coercion

Impact Due to the underlying implementation of .ToString, it's possible to execute arbitrary JavaScript, or to achieve a denial-of-service, if a binding parameter is a crafted Object. Users of sqlite3 v5.0.0 - v5.1.4 are affected by this. Patches Fixed in v5.1.5. All users are recommended to...

GHSA-JQV5-7XPX-QJ74 sqlite vulnerable to code execution due to Object coercion

Impact Due to the underlying implementation of .ToString, it's possible to execute arbitrary JavaScript, or to achieve a denial-of-service, if a binding parameter is a crafted Object. Users of sqlite3 v5.0.0 - v5.1.4 are affected by this. Patches Fixed in v5.1.5. All users are recommended to...

CVEfixes-db

This repository is an offensive tool for collecting and processing CVE Common Vulnerabilities and Exposures data. It is a Python-based tool that collects CVE data from various sources, including the National Vulnerability Database NVD and GitHub, and stores it in a SQLite database. The tool is...

Debian: Security Advisory (DSA-3714)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

php: PDO:: quote() may return unquoted string due to an integer overflow

A flaw was found in PHP. This issue occurs due to an uncaught integer overflow in PDO::quote of PDOSQLite returning an improperly quoted string. With the implementation of sqlite3snprintf, it is possible to force the function to return a single apostrophe if the function is called on user-supplie...

CVE-Vulnerability-Information-Downloader - Downloads Information From NIST (CVSS), First.Org (EPSS), And CISA (Exploited Vulnerabilities) And Combines Them Into One List

Common Vulnerability Scoring System CVSS is a free and open industry standard for assessing the severity of computer system security vulnerabilities. Exploit Prediction Scoring System EPSS estimates the likelihood that a software vulnerability will be exploited in the wild. CISA publishes a list ...

Security Bulletin: Vulnerability in sqlite affects IBM VM Recovery Manager DR GUI

Summary There is vulnerability in sqlite opensource package which affects IBM VM Recovery Manager HA and DR GUI. No impacts to VM Recovery Manager HA and DR cli. Vulnerability Details CVEID:CVE-2022-21227 DESCRIPTION: Node.js sqlite3 module is vulnerable to a denial of service, caused by improper...

Security Bulletin: Vulnerability in sqlite affects IBM VM Recovery Manager HA GUI

Summary There is vulnerability in sqlite opensource package which affects IBM VM Recovery Manager HA and DR GUI. No impacts to VM Recovery Manager HA and DR cli. Vulnerability Details CVEID:CVE-2022-21227 DESCRIPTION: Node.js sqlite3 module is vulnerable to a denial of service, caused by improper...

K96300145: C Library (SQLite & libxslt) vulnerabilities CVE-2019-16168 CVE-2019-13117 CVE-2019-13118

Security Advisory Description CVE-2019-16168 In SQLite through 3.29.0, whereLoopAddBtreeIndex in sqlite3.c can crash a browser or other application because of missing validation of a sqlitestat1 sz field, aka a "severe division by zero in the query planner." CVE-2019-13117 In numbers.c in libxslt...

K15903: Multiple PHP vulnerabilities

Security Advisory Description Description CVE-2012-3365 The SQLite functionality in PHP before 5.3.15 allows remote attackers to bypass the openbasedir protection mechanism via unspecified vectors. CVE-2012-2329 Buffer overflow in the apacherequestheaders function in sapi/cgi/cgimain.c in PHP 5.4...

K16950: SQLite vulnerability CVE-2015-3416

Security Advisory Description The sqlite3VXPrintf function in printf.c in SQLite before 3.8.9 does not properly handle precision and width values during floating-point conversions, which allows context-dependent attackers to cause a denial of service integer overflow and stack-based buffer overfl...