Information Disclosure

SQLite is vulnerable to information disclosure. An attacker could trigger a heap-based buffer over-read in fts5HashEntrySort in sqlite3.c leading to a disclosure of sensitive information...

Arbitrary Code Execution

SQLite is vulnerable to arbitrary code execution. A remote attacker is able to execute arbitrary code via a buffer overflow when the FTS3 extension is enabled...

About the security content of iCloud for Windows 11.5

About the security content of iCloud for Windows 11.5 This document describes the security content of iCloud for Windows 11.5. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or...

KLA12017 Mulitple vulnerabilities in Apple iCloud

Multiple vulnerabilities were found in Apple iCloud. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, obtain sensitive information, bypass security restrictions. Below is a complete list of vulnerabilities: 1. A use after free vulnerability in...

CVE-2020-25738

CyberArk Endpoint Privilege Manager EPM 11.1.0.173 allows attackers to bypass a Credential Theft protection mechanism by injecting a DLL into a process that normally has credential access, such as a Chrome process that reads credentials from a SQLite database...

Design/Logic Flaw

CyberArk Endpoint Privilege Manager EPM 11.1.0.173 allows attackers to bypass a Credential Theft protection mechanism by injecting a DLL into a process that normally has credential access, such as a Chrome process that reads credentials from a SQLite database...

CVE-2020-25738

CyberArk Endpoint Privilege Manager (EPM) 11.1.0.173 is affected. The issue involves injecting a DLL into a process that normally has credential access (e.g., Chrome) to bypass a Credential Theft protection mechanism, enabling access to credentials read from a SQLite database. The impact is crede...

CVE-2020-25738

CyberArk Endpoint Privilege Manager EPM 11.1.0.173 allows attackers to bypass a Credential Theft protection mechanism by injecting a DLL into a process that normally has credential access, such as a Chrome process that reads credentials from a SQLite database...

Zetetic Sqlcipher 资源管理错误漏洞

Zetetic Sqlcipher is a SqlLite-based database from Zetetic USA. The database provides a SqlLite-like access API while adding numerous security elements. A resource management error vulnerability exists in Zetetic SQLCipher versions 4.x through 4.4.1, which stems from sqlciphercodecpragma and...

CVE-2020-27557

Unprotected Storage of Credentials vulnerability in BASETech GE-131 BT-1837836 firmware 20180921 allows local users to gain access to the video streaming username and password via SQLite files containing plain text credentials...

CVE-2020-27557

Unprotected Storage of Credentials vulnerability in BASETech GE-131 BT-1837836 firmware 20180921 allows local users to gain access to the video streaming username and password via SQLite files containing plain text credentials...

Design/Logic Flaw

Unprotected Storage of Credentials vulnerability in BASETech GE-131 BT-1837836 firmware 20180921 allows local users to gain access to the video streaming username and password via SQLite files containing plain text credentials...

CVE-2020-27557

Unprotected Storage of Credentials vulnerability in BASETech GE-131 BT-1837836 firmware 20180921 allows local users to gain access to the video streaming username and password via SQLite files containing plain text credentials...

CVE-2020-27557

CVE-2020-27557 describes an Unprotected Storage of Credentials vulnerability in BASETech GE-131 BT-1837836 firmware 20180921. The issue allows local users to access the video streaming username and password via SQLite files containing plain text credentials. Affected software/hardware: BASETech G...

About the security content of iTunes 12.10.9 for Windows - Apple Support

About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security updates page. Apple security documents reference...

KLA12006 Multiple vulnerabilities in Apple iCloud

Multiple vulnerabilities were found in Apple iCloud. Malicious users can exploit these vulnerabilities to perform cross-site scripting attack, bypass security restrictions, cause denial of service. Below is a complete list of vulnerabilities: 1. An input validation vulnerability in WebKit can be...

Oracle Linux 8 : sqlite (ELSA-2020-4442)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-4442 advisory. - Fixed bug in CVE-2019-20218 1791592 - Fixed CVE-2020-13632 1845572 - Fixed CVE-2020-13631 1845474 - Fixed CVE-2020-13630 1845153 - Fixed CVE-2019-501...

sqlite security update

3.26.0-11 - Fixed bug in CVE-2019-20218 1791592 3.26.0-10 - Fixed CVE-2020-13632 1845572 - Fixed CVE-2020-13631 1845474 - Fixed CVE-2020-13630 1845153 3.26.0-9 - Fixed CVE-2019-5018 1721509 3.26.0-8 - Fixed CVE-2019-16168 1826897 3.26.0-7 - Fixed CVE-2019-20218 1791592 - Fixed CVE-2020-6405 18048...

Hetty - An HTTP Toolkit For Security Research

Hetty is an HTTP toolkit for security research. It aims to become an open source alternative to commercial software like Burp Suite Pro, with powerful features tailored to the needs of the infosec and bug bounty community. Features Man-in-the-middle MITM HTTP/1.1 proxy with logs Project based...

EulerOS Virtualization 3.0.6.6 : sqlite (EulerOS-SA-2020-2453)

According to the versions of the sqlite packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - SQLite through 3.32.0 has a segmentation fault in sqlite3ExprCodeTarget in expr.c.CVE-2020-13435 - SQLite through 3.32.0 has an...