Hotel Druid SQL注入漏洞

Hotel Druid is an open source application for hotel management developed by DigitalDruid.Net. A security vulnerability exists in Hotel Druid version 3.0.2, which stems from the fact that malicious attackers can exploit the vulnerability to issue SQL commands to SQLite databases via the vulnerable...

The vulnerability of the SQLite component in Google Chrome web browsers allows a hacker to trigger a service failure or execute arbitrary code.

The vulnerability of the SQLite component in Google Chrome web browsers relates to the use of memory after it is freed. Exploiting this vulnerability could allow an attacker to cause a service failure or execute arbitrary code by opening a malicious web page...

Exploit for SQL Injection in Digitaldruid Hoteldruid

CVE 2021-37832 Hotel Druid 3.0.2 SQL Injection Vulnerability...

ASB-A-153352319

In sqlite3strvappendf of sqlite3.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege if the user can also inject a printf into a privileged process's SQL with no additional execution privileges needed. User interaction is n...

openSUSE 15 Security Update : php7 (openSUSE-SU-2021:2575-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE-SU-2021:2575-1 advisory. - Tenable.sc leverages third-party software to help provide underlying functionality. Multiple third-party components were found to contain...

Remote Code Execution (RCE)

chromium is vulnerable to remote code execution. The vulnerability exists due to a Use after free in sqlite...

Chromium: CVE-2021-30569 Use after free in sqlite

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

Security Bulletin: Addressing the Sqlite Vulnerability CVE-2021-20227

Summary IBM Tivoli Composite Application Manager ITCAM for Transactions - Transaction Tracking has addressed the following SQLite vulnerability: Vulnerability Details CVEID: CVE-2021-20227 DESCRIPTION: SQLite is vulnerable to a denial of service, caused by a use-after-free flaw in the SELECT quer...

Google Chrome sqlite code execution vulnerability

Google Chrome is a web browser from Google, Inc. A security vulnerability exists in sqlite in versions of Google Chrome prior to 92.0.4515.107. A remote attacker could exploit this vulnerability to execute arbitrary code on the system or cause a denial of service condition...

[ASA-202107-47] chromium: multiple issues

Arch Linux Security Advisory ASA-202107-47 ========================================== Severity: High Date : 2021-07-21 CVE-ID : CVE-2021-30565 CVE-2021-30566 CVE-2021-30567 CVE-2021-30568 CVE-2021-30569 CVE-2021-30571 CVE-2021-30572 CVE-2021-30573 CVE-2021-30574 CVE-2021-30575 CVE-2021-30576...

Microsoft Edge 资源管理错误漏洞

Google Chrome is a web browser from Google, Inc. A security vulnerability exists in sqlite in versions of Google Chrome prior to 92.0.4515.107. A remote attacker could exploit this vulnerability to execute arbitrary code on the system or cause a denial of service condition...

KLA12236 Multiple vulnerabilities in Google Chrome

Multiple vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to bypass security restrictions, execute arbitrary code, cause denial of service, spoof user interface, obtain sensitive information, perform cross-site scripting attack. Below is a complete li...

openSUSE 15 Security Update : sqlite3 (openSUSE-SU-2021:1058-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:1058-1 advisory. - SQLite before 3.8.9 does not properly implement the dequoting of collation-sequence names, which allows context-dependent attackers to...

Security update for fossil (moderate)

openSUSE Security Update: Security update for fossil Announcement ID: openSUSE-SU-2021:1051-1 Rating: moderate References: 1187988 Affected Products: openSUSE Backports SLE-15-SP2 An update that contains security fixes can now be installed. Description: This update for fossil fixes the following...

Security update for fossil (moderate)

openSUSE Security Update: Security update for fossil Announcement ID: openSUSE-SU-2021:1052-1 Rating: moderate References: 1187988 Affected Products: openSUSE Backports SLE-15-SP1 An update that contains security fixes can now be installed. Description: This update for fossil fixes the following...

openSUSE 15 Security Update : sqlite3 (openSUSE-SU-2021:2320-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:2320-1 advisory. - SQLite before 3.8.9 does not properly implement the dequoting of collation-sequence names, which allows context-dependent attackers to...

SUSE SLED15 / SLES15 Security Update : sqlite3 (SUSE-SU-2021:2320-1)

The remote SUSE Linux SLED15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:2320-1 advisory. - Update to version 3.36.0 - CVE-2020-15358: heap-based buffer overflow in multiSelectOrderBy due to mishandling of...

Qualys API Best Practices: Host List Detection API

Host List Detection is your subscriptions list of hosts and their corresponding up-to-date detections including: 1. Confirmed Vulnerability Detections 2. Potential Vulnerability Detections 3. Information Gathered Detections about your system After extracting Host List Detection vulnerability data...

db-systray (>=0.1.0 <=0.1.2), dbm-systray (>=0.1.3 <=0.2.0) +6 more potentially affected by CVE-2021-23404 via sqlite-web (>=0.6.8 <=0.7.2)

sqlite-web PYPI version =0.6.8, =0.1.0, =0.1.3, =0.0.2, =0.0.2, =0.0.1, =0.2.1, =0.1.8, =0.2.6 Source cves: CVE-2021-23404 Source advisory: SNYK:PYTHON-SQLITEWEB-1316324...

Cross-site Request Forgery (CSRF)

Overview sqlite-web is a Web-based SQLite database browser. Affected versions of this package are vulnerable to Cross-site Request Forgery CSRF. The SQL dashboard area allows sensitive actions to be performed without validating that the request originated from the application. This could enable a...