CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

4912 matches found

Gitee•added 2021/08/31 8:37 p.m.•2 views

IMChecker

This repository is an offensive tool for API misuse detection. The tool is called IMChecker, and it is designed to automatically detect API misuse in C programs. The tool uses a constraint-directed static analysis technique powered by a domain-specific language DSL for specifying API usage...

6.9AI score

Exploits0

CNVD•added 2021/08/25 12:0 a.m.•32 views

SQLite Segmentation Error Vulnerability

SQLite is a self-sufficient, serverless, zero-configuration, transactional SQL database engine. idxGetTableInfo function in SQLite version 3.36.0 is vulnerable to a segmentation error. An attacker could exploit the vulnerability via a specially crafted SQL query to cause a denial of service...

7.5CVSS5.2AI score0.03898EPSS

Exploits1References1

OpenVAS•added 2021/08/25 12:0 a.m.•22 views

SQLite 3.36.3 DoS Vulnerability

SQLite is prone to a denial of service DoS vulnerability. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you...

7.5CVSS7.4AI score0.03898EPSS

Exploits1References2

NVD•added 2021/08/24 2:15 p.m.•16 views

CVE-2021-36690

A segmentation fault can occur in the sqlite3.exe command-line component of SQLite 3.36.0 via the idxGetTableInfo function when there is a crafted SQL query. NOTE: the vendor disputes the relevance of this report because a sqlite3.exe user already has full privileges e.g., is intentionally allowe...

7.5CVSS0.03898EPSS

Exploits1References11

OSV•added 2021/08/24 2:15 p.m.•7 views

CVE-2021-36690

7.5CVSS7.6AI score

Exploits0References11

AlpineLinux•added 2021/08/24 2:15 p.m.•29 views

CVE-2021-36690

DISPUTED A segmentation fault can occur in the sqlite3.exe command-line component of SQLite 3.36.0 via the idxGetTableInfo function when there is a crafted SQL query. NOTE: the vendor disputes the relevance of this report because a sqlite3.exe user already has full privileges e.g., is intentional...

7.5CVSS4.8AI score0.03898EPSS

Exploits1

UbuntuCve•added 2021/08/24 2:15 p.m.•44 views

CVE-2021-36690

7.5CVSS6.8AI score0.03898EPSS

Exploits1References3

Prion•added 2021/08/24 2:15 p.m.•21 views

Design/Logic Flaw

5CVSS7.6AI score0.03898EPSS

Exploits1References10Affected Software6

OSV•added 2021/08/24 2:15 p.m.•0 views

UBUNTU-CVE-2021-36690

7.5CVSS6.8AI score0.03898EPSS

Exploits1References4

CNNVD•added 2021/08/24 12:0 a.m.•3 views

SQLite 缓冲区错误漏洞

7.5CVSS6.7AI score0.03898EPSS

Exploits1References23

CNVD•added 2021/08/24 12:0 a.m.•25 views

flatCore Cross-Site Scripting Vulnerability (CNVD-2021-94950)

flatCore is a PHP and SQLite based Web Content Management System CMS. flatCore version 2.0.7 suffers from a cross-site scripting vulnerability. An attacker can exploit the vulnerability to conduct cross-site scripting attacks via the upload image feature...

5.4CVSS3AI score0.017EPSS

Exploits1References1

Cvelist•added 2021/08/24 12:0 a.m.•22 views

CVE-2021-36690

8AI score0.03898EPSS

Exploits1References10

CVE•added 2021/08/24 12:0 a.m.•207 views

CVE-2021-36690

CVE-2021-36690: A segmentation fault can occur in the sqlite3.exe command-line component of SQLite 3.36.0 via idxGetTableInfo when given a crafted SQL query. The vendor disputes the relevance (user already has full privileges). Public details note remediation via package upgrades; Debian LTS advi...

7.5CVSS7.6AI score0.03898EPSS

Exploits1References11Affected Software1

CNVD•added 2021/08/24 12:0 a.m.•133 views

flatCore remote code execution vulnerability

flatCore is a PHP and SQLite based Web Content Management System CMS. flatCore version 2.0.7 is vulnerable to remote code execution. An attacker can exploit the vulnerability to execute arbitrary php code by uploading the addon plugin...

9CVSS5.7AI score0.46872EPSS

Exploits4References1

Debian CVE•added 2021/08/24 12:0 a.m.•32 views

CVE-2021-36690

7.5CVSS6.8AI score0.03898EPSS

Exploits1

CNNVD•added 2021/08/23 12:0 a.m.•3 views

FlatCore-CMS 代码问题漏洞

9CVSS6.6AI score0.46872EPSS

Exploits4References4

Kitploit•added 2021/08/22 12:30 p.m.•87 views

SQLancer - Detecting Logic Bugs In DBMS

SQLancer Synthesized Query Lancer is a tool to automatically test Database Management Systems DBMS in order to find logic bugs in their implementation. We refer to logic bugs as those bugs that cause the DBMS to fetch an incorrect result set e.g., by omitting a record. SQLancer operates in the...

7.8AI score

Exploits0References5

CVE•added 2021/08/17 6:28 p.m.•152 views

CVE-2021-0646

CVE-2021-0646 affects Android via an out-of-bounds write in sqlite3_str_vappendf (sqlite3.c) caused by improper input validation. This could enable local privilege escalation if an attacker can inject a printf into a privileged process' SQL; exploitation does not require user interaction. Android...

7.8CVSS7.8AI score0.0012EPSS

Exploits0References1Affected Software1

IBM Security Bulletins•added 2021/08/13 10:15 p.m.•389 views

Security Bulletin: IBM Data Risk Manager is affected by multiple vulnerabilities

Summary IBM Data Risk Manager has addressed the following vulnerabilities: Vulnerability Details CVEID: CVE-2020-13871 DESCRIPTION: SQLite is vulnerable to a denial of service, caused by a use-after-free in resetAccumulator in select.c. By sending a specially crafted request, a remote attacker...

10CVSS10.5AI score0.9927EPSS

Exploits180Affected Software1

Gitee•added 2021/08/10 10:6 a.m.•5 views

Vxscan

This is a Python script named Vxscan, which is a comprehensive scanning tool for sensitive file detection, WAF/CDN identification, port scanning, fingerprint/service identification, operating system identification, weak password detection, POC scanning, SQL injection, and other functions. The...

7.5AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by