K000130512: SQLite vulnerability CVE-2022-35737

Security Advisory Description SQLite 1.0.12 through 3.39.x before 3.39.2 sometimes allows an array-bounds overflow if billions of bytes are used in a string argument to a C API. CVE-2022-35737 Impact An authenticated remote attacker can exploit this vulnerability by sending a specially crafted...

Huawei EulerOS: Security Advisory for sqlite (EulerOS-SA-2022-2946)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for sqlite (EulerOS-SA-2022-2920)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

The vulnerability of the lkdtm_ARRAY_BOUNDS function in the drivers/misc/lkdtm/bugs.c module of the Linux kernel allows a attacker to cause a system failure or gain increased privileges.

The vulnerability of the lkdtmARRAYBOUNDS function in the drivers/misc/lkdtm/bugs.c module of the Linux kernel is related to the assignment of a null pointer. Exploiting this vulnerability could allow an attacker to cause system failures or gain increased privileges...

An issue was discovered in the Linux kernel through 5.16-rc6. lkdtm_ARRAY_BOUNDS in drivers/misc/lkdtm/bugs.c lacks check of the return value of kmalloc() and will cause the null pointer dereference.

...

UBUNTU-CVE-2022-3104

An issue was discovered in the Linux kernel through 5.16-rc6. lkdtmARRAYBOUNDS in drivers/misc/lkdtm/bugs.c lacks check of the return value of kmalloc and will cause the null pointer dereference...

PT-2024-11844

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The issue concerns an array index out of bounds error in the DCN32 DML of the Linux kernel's drm/amd/display component. Specifically, the LinkCapacitySupport array is indexed with the...

EulerOS 2.0 SP9 : sqlite (EulerOS-SA-2022-2744)

According to the versions of the sqlite package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : An issue was found in fts5UnicodeTokenize in ext/fts5/fts5tokenize.c in Sqlite. A unicode61 tokenizer configured to treat unicode...

EulerOS 2.0 SP9 : sqlite (EulerOS-SA-2022-2779)

According to the versions of the sqlite package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : An issue was found in fts5UnicodeTokenize in ext/fts5/fts5tokenize.c in Sqlite. A unicode61 tokenizer configured to treat unicode...

Huawei EulerOS: Security Advisory for sqlite (EulerOS-SA-2022-2779)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CLSA-2022-1668118023 Fix CVE(s): CVE-2022-35737

SECURITY UPDATE: array-bounds overflow if billions of bytes are used in a string argument to a C API - debian/patches/CVE-2022-35737.patch: increase the size of loop variables in the printf implementation to avoid overflow. - CVE-2022-35737...

Sudo 1.8.0 through 1.9.12 with the crypt() password backend contains a plugins/sudoers/auth/passwd.c array-out-of-bounds error that can result in a heap-based buffer over-read. This can be triggered by arbitrary local users with access to Sudo by entering a password of seven characters or fewer. The impact could vary depending on the system libraries compiler and processor architecture.

...

SUSE SLES15 Security Update : sqlite3 (SUSE-SU-2022:3307-2)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:3307-2 advisory. - DISPUTED A segmentation fault can occur in the sqlite3.exe command-line component of SQLite 3.36.0 via the idxGetTableInfo functi...

EulerOS 2.0 SP10 : sqlite (EulerOS-SA-2022-2700)

According to the versions of the sqlite package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : An issue was found in fts5UnicodeTokenize in ext/fts5/fts5tokenize.c in Sqlite. A unicode61 tokenizer configured to treat unicode...

EulerOS 2.0 SP10 : sqlite (EulerOS-SA-2022-2668)

According to the versions of the sqlite package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : An issue was found in fts5UnicodeTokenize in ext/fts5/fts5tokenize.c in Sqlite. A unicode61 tokenizer configured to treat unicode...

GLSA-202210-40 : SQLite: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202210-40 SQLite: Multiple Vulnerabilities - A flaw was found in SQLite's SELECT query functionality src/select.c. This flaw allows an attacker who is capable of running SQL queries locally on the SQLite database to cause a denial...

Buffer overflow

An issue was discovered in Softing OPC UA C++ SDK before 6.10. A buffer overflow or an excess allocation happens due to unchecked array and matrix bounds in structure data types...

CVE-2022-37453

CVE-2022-37453 affects Softing OPC UA C++ SDK prior to version 6.10. The issue is a buffer overflow or excessive allocation caused by unchecked bounds on arrays/matrices within structure data types. Impact is high (availability impact stated), with exploitation potential over the network in affec...

SUSE SLES12 Security Update : sqlite3 (SUSE-SU-2022:3401-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:3401-1 advisory. - DISPUTED A segmentation fault can occur in the sqlite3.exe command-line component of SQLite 3.36.0 via the idxGetTableInfo functi...

SUSE: Security Advisory (SUSE-SU-2022:3401-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...