Fedora 42 : sqlite (2025-3af464595a)

The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-3af464595a advisory. cve fixes Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for this issue bu...

Nutanix AHV : Multiple Vulnerabilities (NXSA-AHV-10.0.1.4)

The version of AHV installed on the remote host is prior to AHV-10.0.1.4. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AHV-10.0.1.4 advisory. - There exists a vulnerability in SQLite versions before 3.50.2 where the number of aggregate terms could exceed the...

CVE-2025-59163

vet is an open source software supply chain security tool. Versions 1.12.4 and below are vulnerable to a DNS rebinding attack due to lack of HTTP Host and Origin header validation. Data from the vet scan sqlite3 database may be exposed to remote attackers when vet is used as an MCP server in SSE...

CVE-2025-59163

CVE-2025-59163 describes a DNS rebinding vulnerability in the vet MCP Server SSE Transport within the open-source vet tool (github.com/safedep/vet). The issue arises from missing validation of HTTP Host and Origin headers, enabling remote attackers to access data from the vet scan sqlite3 databas...

CVE-2025-59163 vet MCP Server SSE Transport DNS Rebinding Vulnerability

vet is an open source software supply chain security tool. Versions 1.12.4 and below are vulnerable to a DNS rebinding attack due to lack of HTTP Host and Origin header validation. Data from the vet scan sqlite3 database may be exposed to remote attackers when vet is used as an MCP server in SSE...

CVE-2025-59163 vet MCP Server SSE Transport DNS Rebinding Vulnerability

vet is an open source software supply chain security tool. Versions 1.12.4 and below are vulnerable to a DNS rebinding attack due to lack of HTTP Host and Origin header validation. Data from the vet scan sqlite3 database may be exposed to remote attackers when vet is used as an MCP server in SSE...

CVE-2025-59163 vet MCP Server SSE Transport DNS Rebinding Vulnerability

vet is an open source software supply chain security tool. Versions 1.12.4 and below are vulnerable to a DNS rebinding attack due to lack of HTTP Host and Origin header validation. Data from the vet scan sqlite3 database may be exposed to remote attackers when vet is used as an MCP server in SSE...

GHSA-6Q9C-M9FR-865M vet MCP Server SSE Transport DNS Rebinding Vulnerability

SafeDep vet is vulnerable to a DNS rebinding attack due to lack of HTTP Host and Origin header validation. To exploit this vulnerability following conditions must be met: 1. A vet scan is executed and reports are saved as sqlite3 database 2. A vet MCP server is running on default port with SSE...

ROS-20250929-07

A vulnerability in the SQL concatws function of the SQLite database management system is related to integer overflow. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of denial of service via the malloc parameter...

ROS-20250929-06

A vulnerability in the SQL concatws function of the SQLite database management system is related to integer overflow. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of denial of service via the malloc parameter...

Session Fixation

Payload SQLite adapter is vulnerable to Session Fixation. The vulnerability is due to identifier reuse during account creation, which allows an attacker to reuse a previously saved JWT to authenticate and perform actions as another newly created user...

io.getkyo:kyo-bench_3 (=1.0.0-RC2), io.github.linyxus:papiers-core_3 (=0.2.0) +4 more potentially affected by CVE-2025-59822 via org.http4s:http4s-ember-server_3 (>=1.0.0-M29 <=1.0.0-M44)

org.http4s:http4s-ember-server3 MAVEN version =1.0.0-M29, =0.1, =0.1, =0.9.0, =0.9.4 Source cves: CVE-2025-59822 Source advisory: SNYK:JAVA-ORGHTTP4S-13019550...

ROS-20250923-05

A vulnerability in the sqlite3dbconfig function of the sqlite3.c file of the SQLite database management system is related to an integer overflow. Exploitation of the vulnerability could allow an attacker acting remotely, cause a denial of service via the sznBig parameter...

Photon OS 4.0: Sqlite PHSA-2025-4.0-0873

An update of the sqlite package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-4.0-0873. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Photon OS 5.0: Sqlite PHSA-2025-5.0-0624

An update of the sqlite package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-5.0-0624. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Critical Photon OS Security Update - PHSA-2025-5.0-0624

Updates of 'sqlite' packages of Photon OS have been released...

Critical Photon OS Security Update - PHSA-2025-4.0-0873

Updates of 'sqlite' packages of Photon OS have been released...

SQLite 3.49.1 < 3.50.3 Integer Overflow (GHSA-v2c8-vqqp-hv3g)

The version of SQLite installed on the remote host is prior to 3.50.3. It is, therefore, affected by a integer overflow vulnerability as referenced in GHSA-v2c8-vqqp-hv3g advisory. - An integer overflow exists in the FTS5 https://sqlite.org/fts5.html extension. It occurs when the size of an array...

macOS 26.x < 26.0 Multiple Vulnerabilities (125110)

The remote host is running a version of macOS / Mac OS X that is 26.x prior to 26.0. It is, therefore, affected by multiple vulnerabilities: - There exists a vulnerability in SQLite versions before 3.50.2 where the number of aggregate terms could exceed the number of columns available. This could...

Security Bulletin: IBM Instana Observability has addressed Multiple Vulnerabilities within Instana Agent container image

Summary Multiple vulnerabilities were remediated in IBM Observability with Instana within Instana Agent container image build 1.0.302 Vulnerability Details CVEID:CVE-2025-0913 DESCRIPTION: os.OpenFilepath, os.OCREATE|OEXCL behaved differently on Unix and Windows systems when the target path was a...