4912 matches found
PT-2022-37207 · Sqlite3 · Sqlite3
Name of the Vulnerable Software and Affected Versions: sqlite3 affected versions not specified Description: The issue is related to a heap-buffer-overflow read. Technical details about the crash include the sqlite3VdbeExec and sqlite3 step functions, as well as the osquery::readRows function...
Security Bulletin: A vulneraqbility in SQLite affects IBM Cloud Application Performance Managment R esponse Time Monitoring RRT Agent (CVE-2021-45346)
Summary A Memory Leak vulnerabilty exists in SQLite Project SQLite3 3.35.1 and 3.37.0 via maliciously crafted SQL Queries made via editing the Database File, it is possible to query a record, and leak subsequent bytes of memory that extend beyond the record, which could let a malicous user obtain...
FLIR AX8 1.46.16 Traversal / Access Control / Command Injection / XSS
FLIR AX8 vulnerabilities. Product description: The FLIR AX8 is a thermal sensor with imaging capabilities, combining thermal and visual cameras that provides continuous temperature monitoring and alarming for critical electrical and mechanical equipment. Affected products: All FLIR AX8 thermal...
CVE-2022-37062
All FLIR AX8 thermal sensor cameras version up to and including 1.46.16 are affected by an insecure design vulnerability due to an improper directory access restriction. An unauthenticated, remote attacker can exploit this by sending a URI that contains the path of the SQLite users database and...
Design/Logic Flaw
All FLIR AX8 thermal sensor cameras version up to and including 1.46.16 are affected by an insecure design vulnerability due to an improper directory access restriction. An unauthenticated, remote attacker can exploit this by sending a URI that contains the path of the SQLite users database and...
CVE-2022-37062
All FLIR AX8 thermal sensor cameras version up to and including 1.46.16 are affected by an insecure design vulnerability due to an improper directory access restriction. An unauthenticated, remote attacker can exploit this by sending a URI that contains the path of the SQLite users database and...
CVE-2022-37062
The CVE-2022-37062 issue affects Teledyne FLIR AX8 thermal sensor cameras version up to and including 1.46.16, due to an insecure design from improper directory access restriction that allows an unauthenticated remote attacker to request a URI containing the path to the SQLite users database and ...
Database Integrity Vulnerabilities in Boeing’s Onboard Performance Tool
This post is released in a co-ordinated manner with Boeing. TL;DR: Security gaps in older, unprotected Windows desktop versions of Boeing’s Onboard Performance Tool OPT could make certain Electronic Flight Bags EFB more susceptible to attack. In particular, OPT’s use of plain text configuration...
sqlite (>=0.19.7 <=0.21.1), sqlite3-sys (>=0.6.7 <=0.9.2) +3 more potentially affected by unknown CVE via temporary (=0.5.1)
temporary CARGO version =0.5.1 is affected by a known vulnerability. The following packages have a transitive dependency on temporary and may be impacted: - sqlite =0.19.7, =0.6.7, =0.11.0, =0.2.6, =0.2.7 Source cves: unknown CVE Source advisory: OSV:GHSA-2JQ9-6XX7-3H29...
SQLite 1.0.12 < 3.39.2 Improper Input Validation Vulnerability
SQLite is prone to an improper input validation vulnerability. Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software...
GHSA-JW36-HF63-69R9 `libsqlite3-sys` via C SQLite improperly validates array index
SQLite 1.0.12 through 3.39.x before 3.39.2 sometimes allows an array-bounds overflow if billions of bytes are used in a string argument to a C API...
`libsqlite3-sys` via C SQLite improperly validates array index
SQLite 1.0.12 through 3.39.x before 3.39.2 sometimes allows an array-bounds overflow if billions of bytes are used in a string argument to a C API...
`libsqlite3-sys` via C SQLite CVE-2022-35737
It was sometimes possible for SQLite versions = 1.0.12, 3.39.2 to allow an array-bounds overflow when large string were input into SQLite's printf function. As libsqlite3-sys bundles SQLite, it is susceptible to the vulnerability. libsqlite3-sys was updated to bundle the patched version of SQLite...
RUSTSEC-2022-0090 `libsqlite3-sys` via C SQLite CVE-2022-35737
It was sometimes possible for SQLite versions = 1.0.12, 3.39.2 to allow an array-bounds overflow when large string were input into SQLite's printf function. As libsqlite3-sys bundles SQLite, it is susceptible to the vulnerability. libsqlite3-sys was updated to bundle the patched version of SQLite...
CVE-2022-35737
SQLite 1.0.12 through 3.39.x before 3.39.2 sometimes allows an array-bounds overflow if billions of bytes are used in a string argument to a C API...
CVE-2022-35737
SQLite 1.0.12 through 3.39.x before 3.39.2 sometimes allows an array-bounds overflow if billions of bytes are used in a string argument to a C API...
AZL-10467 CVE-2022-35737 affecting package sqlite for versions less than 3.39.2-1
SQLite 1.0.12 through 3.39.x before 3.39.2 sometimes allows an array-bounds overflow if billions of bytes are used in a string argument to a C API...
DEBIAN-CVE-2022-35737
SQLite 1.0.12 through 3.39.x before 3.39.2 sometimes allows an array-bounds overflow if billions of bytes are used in a string argument to a C API...
ALPINE-CVE-2022-35737
SQLite 1.0.12 through 3.39.x before 3.39.2 sometimes allows an array-bounds overflow if billions of bytes are used in a string argument to a C API...
Design/Logic Flaw
SQLite 1.0.12 through 3.39.x before 3.39.2 sometimes allows an array-bounds overflow if billions of bytes are used in a string argument to a C API...