SUSE-SU-2025:20395-1 Security update for sqlite3

This update for sqlite3 fixes the following issues: - Update to release 3.49.1: Improve portability of makefiles and configure scripts. CVE-2025-29087: Fixed Integer Overflow in SQLite concat Function bsc1241020 CVE-2025-29088: Fixed integer overflow through the SQLITEDBCONFIGLOOKASIDE component...

SUSE-SU-2025:20323-1 Security update for sqlite3

This update for sqlite3 fixes the following issues: - Update to release 3.49.1: Improve portability of makefiles and configure scripts. CVE-2025-29087, bsc1241020: Fix a bug in the concatws function, introduced in version 3.44.0, that could lead to a memory error if the separator string is very...

SUSE CVE-2025-29088

In SQLite 3.49.0 before 3.49.1, certain argument values to sqlite3dbconfig in the C-language API can cause a denial of service application crash. An sznBig multiplication is not cast to a 64-bit integer, and consequently some memory allocations may be incorrect...

ALPINE-CVE-2025-29088

In SQLite 3.49.0 before 3.49.1, certain argument values to sqlite3dbconfig in the C-language API can cause a denial of service application crash. An sznBig multiplication is not cast to a 64-bit integer, and consequently some memory allocations may be incorrect...

UBUNTU-CVE-2017-10140

Postfix before 2.11.10, 3.0.x before 3.0.10, 3.1.x before 3.1.6, and 3.2.x before 3.2.2 might allow local users to gain privileges by leveraging undocumented functionality in Berkeley DB 2.x and later, related to reading settings from DBCONFIG in the current directory...

All Club CMS <= 0.0.2 - Remote DB Config Retrieve Exploit

No description provided by source. !/usr/bin/perl =about All Club CMS = 0.0.2 Remote DB Config Retrieve Exploit ------------------------------------------------------- by athos - stakerathotmaildotit download on http://sourceforge.net ------------------------------------------------------- Usage:...

Big Sister File Exchange Server 0.03 Disclosure

Application Name : Big Sister File Exchange Server 0.03 Vulnerable Type : Arbitrary Db Config Download Vulnerability Infection : SQL Info Get... Author : Septemb0x Script Down.& WebSite : http://sourceforge.net/projects/bigsifes/files/bigsifes/bigsifes-0.03.tgz EXPLOIT : http://target/path/config...

All Club CMS &lt;= 0.0.2 Remote DB Config Retrieve Exploit

No description provided by source. !/usr/bin/perl =about All Club CMS = 0.0.2 Remote DB Config Retrieve Exploit ------------------------------------------------------- by athos - stakerathotmaildotit download on http://sourceforge.net ------------------------------------------------------- Usage:...

allclubcms-dbretrieve.txt

!/usr/bin/perl =about All Club CMS 'Lynx textmode', timeout = 5, or die $!; my $send = $http-get"http://$host/$path/accms.dat"; if$send-issuccess print STDOUT $send-content; exit; else print STDERR $send-statusline; exit; if$mode = /default/i $data9 = s/\s/\0/; password $data8 = s/DBPASS/\0/;...

All Club CMS <= 0.0.2 Remote DB Config Retrieve Exploit

Exploit for unknown platform in category web applications ======================================================= All Club CMS 'Lynx textmode', timeout = 5, or die $!; my $send = $http-get"http://$host/$path/accms.dat"; if$send-issuccess print STDOUT $send-content; exit; else print STDERR...

Code injection

Variable overwrite vulnerability in libsecure.php in Turnkey PHP Live Helper 2.0.1 and earlier, when registerglobals is enabled, allows remote attackers to overwrite arbitrary variables related to the db config file. NOTE: this can be leveraged for code injection by overwriting the language file...

EUVD-2008-3749

Variable overwrite vulnerability in libsecure.php in Turnkey PHP Live Helper 2.0.1 and earlier, when registerglobals is enabled, allows remote attackers to overwrite arbitrary variables related to the db config file. NOTE: this can be leveraged for code injection by overwriting the language file...

CVE-2008-3763

Variable overwrite vulnerability in libsecure.php in Turnkey PHP Live Helper 2.0.1 and earlier, when registerglobals is enabled, allows remote attackers to overwrite arbitrary variables related to the db config file. NOTE: this can be leveraged for code injection by overwriting the language file...