Astra Linux - уязвимость в nasm

In libnasm.a in Netwide Assembler NASM 2.14.xx, asm/pragma.c allows a NULL pointer dereference in processpragma, searchpragmalist, and nasmsetlimit when "%pragma limit" is mishandled...

Siemens SIMATIC S7-1500 Improper Check for Unusual or Exceptional Conditions (CVE-2019-19646)

pragma.c in SQLite through 3.30.1 mishandles NOT NULL in an integritycheck PRAGMA command in certain cases of generated columns. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc...

EUVD-2000-0704

Malware in sbrugna...

EUVD-2001-1244

Malware in sbrugna...

EUVD-2006-2422

Malware in sbrugna...

EUVD-2008-0166

Malware in sbrugna...

EUVD-2019-5488

Malware in sbrugna...

EUVD-2005-1971

Malware in sbrugna...

pragma.c in SQLite through 3.30.1 mishandles NOT NULL in an integrity_check PRAGMA command in certain cases of generated columns.

...

SUSE CVE-2019-14248

In libnasm.a in Netwide Assembler NASM 2.14.xx, asm/pragma.c allows a NULL pointer dereference in processpragma, searchpragmalist, and nasmsetlimit when "%pragma limit" is mishandled...

Integer overflow in AdaptativeFee

Lines of code Vulnerability details Impact You have to take into account that when using a pragma lower than 0.8.X there is no compiler protection against any overflow. The method AdaptiveFee.exp is vulnerable to an integer overflows. Proof of Concept Using the following recipe: x = uint256.Max g...

Contracts calls to main ENS services will fail. Plus, ETHRegistrarController#withdraw() with future upgrades will revert

Lines of code Vulnerability details This is a classic Code4rena issue. The transfer call has a hard coded gas budget whenever this affect another part of the EVM will be very harmful for those usage which will make the system and its users at risk. There is two parts of this issue; when the calle...

Wrong pragma

Lines of code Vulnerability details Impact Use a buggy version of solidity with immutable. Proof of Concept The contract use immutable, and this solidity version defined in the pragma has some issues with them, as you can see here. Recommended Mitigation Steps Use at least 0.8.9 --- The text was...

Zetetic Sqlcipher 资源管理错误漏洞

Zetetic Sqlcipher is a SqlLite-based database from Zetetic USA. The database provides a SqlLite-like access API while adding numerous security elements. A resource management error vulnerability exists in Zetetic SQLCipher versions 4.x through 4.4.1, which stems from sqlciphercodecpragma and...

CVE-2019-19000 eSOMS Cachecontrol (Pragma) HTTP Header

For ABB eSOMS 4.0 to 6.0.3, the Cache-Control and Pragma HTTP headers have not been properly configured within the application response. This can potentially allow browsers and proxies to cache sensitive information...

PT-2020-6879 · Abb · Esoms

Name of the Vulnerable Software and Affected Versions: ABB eSOMS versions 4.0 through 6.0.3 Description: The issue is related to the improper configuration of the Cache-Control and Pragma HTTP headers within the application response. This can potentially allow browsers and proxies to cache...

SQLite code issue vulnerability (CNVD-2020-09632)

SQLite is a self-contained, serverless, zero-configuration, transactional SQL database engine. A code issue vulnerability exists in the pragma.c file in SQLite 3.30.1 and earlier versions. No detailed vulnerability details are provided at this time...

AZL-38566 CVE-2019-19646 affecting package ceph for versions less than 18.2.1-1

pragma.c in SQLite through 3.30.1 mishandles NOT NULL in an integritycheck PRAGMA command in certain cases of generated columns...

CVE-2019-19646

SQLite: CVE-2019-19646 affects SQLite 3.30.1 and earlier; pragma.c mishandles NOT NULL in an integrity_check PRAGMA when used with generated columns. This is a generated-column-related NOT NULL handling issue in the integrity_check PRAGMA, per the description. It is high-severity (per CVSS) and m...

CVE-2019-16168

In SQLite through 3.29.0, whereLoopAddBtreeIndex in sqlite3.c can crash a browser or other application because of missing validation of a sqlitestat1 sz field, aka a "severe division by zero in the query planner." Mitigation An user can mitigate the risk of this vulnerability by: 1 Avoid using...