12 matches found
openSUSE 15 Security Update : sqlite3 (openSUSE-SU-2021:1058-1)
The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:1058-1 advisory. - SQLite before 3.8.9 does not properly implement the dequoting of collation-sequence names, which allows context-dependent attackers to...
Updated Firefox, Thunderbird & sqlite3 packages fix security vulnerabilities
Updated firefox, thunderbird, and sqlite3 packages fix security vulnerabilities: Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox or Thunderbird to crash or, potentially, execute arbitrary code with the privileges of...
Mandriva Linux Security Advisory : sqlite3 (MDVSA-2015:217)
Multiple vulnerabilities has been found and corrected in sqlite3 : SQLite before 3.8.9 does not properly implement the dequoting of collation-sequence names, which allows context-dependent attackers to cause a denial of service uninitialized memory access and application crash or possibly have...
CVE-2015-3415
The CVE-2015-3415 entry concerns SQLite: the sqlite3VdbeExec function in vdbe.c does not correctly implement comparison operators, enabling context-dependent attackers to trigger a DoS (invalid free) or other unspecified impacts via a crafted CHECK clause (e.g., CHECK(0&O>O) in a CREATE TABLE)...
FreeBSD : sqlite -- multiple vulnerabilities (dec3164f-3121-45ef-af18-bb113ac5082f)
NVD reports : SQLite before 3.8.9 does not properly implement the dequoting of collation-sequence names, which allows context-dependent attackers to cause a denial of service uninitialized memory access and application crash or possibly have unspecified other impact via a crafted COLLATE clause, ...
Command injection
The libxlDomainGetNumaParameters function in the libxl driver libxl/libxldriver.c in libvirt before 1.2.1 does not properly initialize the nodemap, which allows local users to cause a denial of service invalid free operation and crash or possibly execute arbitrary code via an inactive domain to t...
CVE-2013-2864
CVE-2013-2864 affects Google Chrome prior to version 27.0.1453.110, with the PDF functionality being the vector. The issue can cause a denial of service via an invalid free operation and may have unspecified other impact. The NVD assigns a CVSSv2 base score of 7.5 (HIGH) with network attack vecto...
Heap overflow
Heap-based buffer overflow in the server in xArrow before 3.4.1 allows remote attackers to execute arbitrary code via packets that trigger an invalid free operation...
CVE-2012-2427
Heap-based buffer overflow in the server in xArrow before 3.4.1 allows remote attackers to execute arbitrary code via packets that trigger an invalid free operation...
Memory corruption
The pshglyphfindstrongpoints function in pshinter/pshalgo.c in FreeType before 2.4.0 does not properly implement hinting masks, which allows remote attackers to cause a denial of service heap memory corruption and application crash or possibly execute arbitrary code via a crafted font file that...
CVE-2010-2498
The pshglyphfindstrongpoints function in pshinter/pshalgo.c in FreeType before 2.4.0 does not properly implement hinting masks, which allows remote attackers to cause a denial of service heap memory corruption and application crash or possibly execute arbitrary code via a crafted font file that...
CVE-2010-2498
The pshglyphfindstrongpoints function in pshinter/pshalgo.c in FreeType before 2.4.0 does not properly implement hinting masks, which allows remote attackers to cause a denial of service heap memory corruption and application crash or possibly execute arbitrary code via a crafted font file that...