MuM Map Edit 3.2.6.0 SQL Injection / File Manipulation / Poor Practices

Security Advisory -- Multiple Vulnerabilities - MuM Map Edit Product Vendor: Mensch und Maschine Software SE / Mensch und Maschine acadGraph GmbH Product: MapEdit Affected software version: 3.2.6.0 MuM MapEdit provides geodata to the internet and intranets and is deployed on several communal and...

Multiple Denial of Service Vulnerabilities in PHP 'ext/sqlite3/sqlite3.c'

PHP is an open source general-purpose computer scripting language. PHP 'ext/sqlite3/sqlite3.c' has multiple denial of service vulnerabilities that could be exploited by an attacker to crash an application, resulting in a denial of service...

QuickerBB 0.7.0 - Register Cross Site Scripting Vulnerability

Document Title: =============== QuickerBB 0.7.0 - Register Cross Site Scripting Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1895 Release Date: ============= 2016-08-11 Vulnerability Laboratory ID VL-ID:...

EyeLock nano NXT 3.5 - Local File Disclosure

Exploit for php platform in category web applications EyeLock nano NXT 3.5 Local File Disclosure Vulnerability Vendor: EyeLock, LLC Product web page: http://www.eyelock.com Affected version: NXT Firmware: 3.05.1193 ICM: 3.5.1 NXT Firmware: 3.04.1108 ICM: 3.4.13 NXT Firmware: 3.03.944 ICM: 3.3.2 N...

EyeLock nano NXT 3.5 Local File Disclosure

i? EyeLock nano NXT 3.5 Local File Disclosure Vulnerability Vendor: EyeLock, LLC Product web page: http://www.eyelock.com Affected version: NXT Firmware: 3.05.1193 ICM: 3.5.1 NXT Firmware: 3.04.1108 ICM: 3.4.13 NXT Firmware: 3.03.944 ICM: 3.3.2 NXT Firmware: 3.01.646 ICM: 3.1.13 Platform: Hardwar...

EyeLock nano NXT 3.5 - Local File Disclosure

EyeLock nano NXT 3.5 - Local File Disclosure EyeLock nano NXT 3.5 Local File Disclosure Vulnerability Vendor: EyeLock, LLC Product web page: http://www.eyelock.com Affected version: NXT Firmware: 3.05.1193 ICM: 3.5.1 NXT Firmware: 3.04.1108 ICM: 3.4.13 NXT Firmware: 3.03.944 ICM: 3.3.2 NXT...

Fedora Update for sqlite FEDORA-2016-0138339b54

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 24 : sqlite (2016-0138339b54)

Security fix for CVE-2016-6153 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300...

Vulnerabilities of the Debian GNU/Linux operating system, which allow a remote attacker to compromise the confidentiality and integrity of protected information

Multiple vulnerabilities exist in the rt3.6-db-sqlite package of the Debian GNU/Linux operating system. Exploitation of these vulnerabilities may lead to breaches of confidentiality and integrity of protected information. These vulnerabilities can be exploited remotely...

CVE-2016-6153

osunix.c in SQLite before 3.13.0 improperly implements the temporary directory search algorithm, which might allow local users to obtain sensitive information, cause a denial of service application crash, or have unspecified other impact by leveraging use of the current working directory for...

SQLite Tempdir Selection

KL-001-2016-003 : SQLite Tempdir Selection Vulnerability Title: SQLite Tempdir Selection Vulnerability Advisory ID: KL-001-2016-003 Publication Date: 2016.07.01 Publication URL: https://www.korelogic.com/Resources/Advisories/KL-001-2016-003.txt 1. Vulnerability Details Affected Vendor: SQLite/Hwa...

SQLite Tempdir Selection Vulnerability

Vulnerability Details Affected Vendor: SQLite/Hwaci Affected Product: SQLite Affected Version: All versions prior to 3.13.0 Platform: UNIX, GNU/Linux CWE Classification: CWE-379: Creation of Temporary File in Directory with Incorrect Permissions Impact: Data Leakage Attack vector: Local 2...

[SECURITY] Fedora 24 Update: roundcubemail-1.2.0-1.fc24

RoundCube Webmail is a browser-based multilingual IMAP client with an application-like user interface. It provides full functionality you expect from an e-mail client, including MIME support, address book, folder manipulation, message searching and spell checking. RoundCube Webmail is written in...

План счетов Украина - External URLs, SQLite database found, Suspicious files vulnerabilities

HackApp vulnerability scanner discovered that application План счетов Украина published at the 'play' market has multiple vulnerabilities...

F5 Networks BIG-IP : SQLite vulnerability (K16950)

The sqlite3VXPrintf function in printf.c in SQLite before 3.8.9 does not properly handle precision and width values during floating-point conversions, which allows context-dependent attackers to cause a denial of service integer overflow and stack-based buffer overflow or possibly have unspecifie...

SOL37236006 - SQLite vulnerabilities CVE-2015-3414 and CVE-2015-3415

Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...

[SECURITY] Fedora 23 Update: roundcubemail-1.2.0-1.fc23

RoundCube Webmail is a browser-based multilingual IMAP client with an application-like user interface. It provides full functionality you expect from an e-mail client, including MIME support, address book, folder manipulation, message searching and spell checking. RoundCube Webmail is written in...

Marfil - An Extension of the Aircrack-ng Suite used to assess WiFi Network Security

Marfil is an extension of the Aircrack-ng suite, used to assess WiFi network security. It allows to split the work of performing long running dictionary attacks among many computers. Motivation The Aircrack-ng suite provides the aircrack-ng tool, which is a 802.11 WEP and WPA/WPA2-PSK key crackin...

[SECURITY] Fedora 24 Update: roundcubemail-1.1.5-1.fc24

RoundCube Webmail is a browser-based multilingual IMAP client with an application-like user interface. It provides full functionality you expect from an e-mail client, including MIME support, address book, folder manipulation, message searching and spell checking. RoundCube Webmail is written in...

SQL Injection

Overview Affected versions of sequelize use MySQL's backslash-based escape syntax when connecting to SQLite, despite the fact that SQLite uses PostgreSQL's escape syntax, which can result in a SQL Injection vulnerability. Recommendation Update to version 1.7.0-alpha3 or later. References - Commit...