CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

2 matches found

NVD•added 2020/12/16 2:15 a.m.•12 views

CVE-2020-26273

osquery is a SQL powered operating system instrumentation, monitoring, and analytics framework. In osquery before version 4.6.0, by using sqlite's ATTACH verb, someone with administrative access to osquery can cause reads and writes to arbitrary sqlite databases on disk. This does allow arbitrary...

5.2CVSS5.4AI score0.00231EPSS

Exploits1References4

CVE•added 2020/12/16 1:20 a.m.•89 views

CVE-2020-26273

Summary: CVE-2020-26273 affects osquery prior to 4.6.0. By abusing sqlite’s ATTACH verb, an administrator can read/write to arbitrary sqlite databases on disk, potentially creating new sqlite files. Existing non-sqlite files are not overwritten according to the sources. The vulnerability is mitig...

5.2CVSS5.4AI score0.00231EPSS

Exploits1References4Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by