24 matches found
Linux Distros Unpatched Vulnerability : CVE-2020-11655
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - SQLite through 3.31.1 allows attackers to cause a denial of service segmentation fault via a malformed window-function query because the AggInfo object's...
CVE-2020-11655 affecting package ceph for versions less than 18.2.1-1
CVE-2020-11655 affecting package ceph for versions less than 18.2.1-1. An upgraded version of the package is available that resolves this issue...
Siemens SINEC INS
1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SINEC INS Vulnerability: Using Components with Known Vulnerabilities 2. RISK EVALUATION Successful exploitation of this vulnerability in third-party components could allow an attacker...
Mageia: Security Advisory (MGASA-2021-0303)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE 15 Security Update : php7 (openSUSE-SU-2021:1130-1)
The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:1130-1 advisory. - Tenable.sc leverages third-party software to help provide underlying functionality. Multiple third-party components were found to contain...
Advisory ROSA-SA-2021-1975
Software: sqlite 3.7.17 OS: Cobalt 7.9 CVE-ID: CVE-2015-3717 CVE-Crit: HIGH CVE-DESC: Multiple buffer overflows in SQLite's printf function, used in Apple iOS before 8.4 and OS X before 10.10.4, allow remote attackers to execute arbitrary code or cause a denial of service application crash via...
Security Bulletin: IBM MaaS360 Cloud Extender has security vulnerabilities (CVE-2020-1155, CVE-2020-1156)
Summary A vulnerability was identified and remediated in the IBM MaaS360 Cloud Extender Vulnerability Details CVEID: CVE-2020-11656 DESCRIPTION: SQLite could allow a remote attacker to obtain sensitive information, caused by a use-after-free in the ALTER TABLE implementation. By sending a special...
Security Bulletin: A vulneraqbility in SQLite affects IBM Cloud Application Performance Managment R esponse Time Monitoring Agent (CVE-2020-11655, CVE-2020-11656)
Summary SQLite through 3.31.1 allows attackers to cause a denial of service segmentation fault via a malformed window-function query because the AggInfo object's initialization is mishandled. Or the ALTER TABLE implementation has a use-after-free, as demonstrated by an ORDER BY clause that belong...
FreeBSD-SA-20:22.sqlite
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-20:22.sqlite Security Advisory The FreeBSD Project Topic: Multiple vulnerabilities in sqlite3 Category: contrib Module: sqlite3 Announced: 2020-08-05 Affects:...
GLSA-202007-26 : SQLite: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-202007-26 SQLite: Multiple vulnerabilities Multiple vulnerabilities have been discovered in SQLite. Please review the CVE identifiers referenced below for details. Impact : Please review the referenced CVE identifiers for details...
Security Bulletin: Addressing the Sqlite Vulnerability CVE-2020-11656, CVE-2020-11655
Summary IBM Tivoli Composite Application Manager ITCAM for Transactions - Transaction Tracking has addressed the following SQLite vulnerability: Vulnerability Details CVEID: CVE-2020-11656 DESCRIPTION: SQLite could allow a remote attacker to obtain sensitive information, caused by a use-after-fre...
FreeBSD : several security issues in sqlite3 (c4ac9c79-ab37-11ea-8b5e-b42e99a1b9c3)
sqlite3 update : Various security issues could be used by an attacker to cause SQLite to crash, resulting in a denial of service, or possibly execute arbitrary code. - CVE-2020-11655: SQLite through 3.31.1 allows attackers to cause a denial of service segmentation fault via a malformed...
Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS : SQLite vulnerabilities (USN-4394-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4394-1 advisory. It was discovered that SQLite incorrectly handled certain corruped schemas. An attacker could possibly use this issue to cause a...
Ubuntu: Security Advisory (USN-4394-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-4394-1: SQLite vulnerabilities
It was discovered that SQLite incorrectly handled certain corruped schemas. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 18.04 LTS. CVE-2018-8740 It was discovered that SQLite incorrectly handled certain SELECT statements. An attacker cou...
several security issues in sqlite3
sqlite3 update: Various security issues could be used by an attacker to cause SQLite to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2020-11655: SQLite through 3.31.1 allows attackers to cause a denial of service segmentation fault via a malformed window-functi...
Security Bulletin: A security vulnerability has been identified in SQLite shipped with IBM Watson Machine Learning Community Edition (WMLCE)
Summary Multiple vulnerabilities have been found in the SQLite package, which is either built in to or distributed with IBM WMLCE. Vulnerability Details CVEID: CVE-2020-11656 DESCRIPTION: SQLite could allow a remote attacker to obtain sensitive information, caused by a use-after-free in the ALTER...
Debian: Security Advisory (DLA-2203-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 2203-1] sqlite3 security update
Package : sqlite3 Version : 3.8.7.1-1+deb8u5 CVE ID : CVE-2020-11655 It was discovered that there was a denial of service attack in the SQLite database, often embedded into other programs and servers. In the event of a semantic error in an aggregate query, SQLite did not return early from the...
Huawei EulerOS: Security Advisory for sqlite (EulerOS-SA-2020-1512)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...