CVE-2019-19603

SQLite 3.30.1 mishandles certain SELECT statements with a nonexistent VIEW, leading to an application crash...

CVE-2019-19603

CVE-2019-19603 affects SQLite 3.30.1 (mishandling of certain SELECTs with nonexistent VIEW leading to app crash). Astra Linux bulletin confirms the same SQLite behavior. IBM CP4S advisory lists CP4S 1.7.2.0, 1.8.0.0, and 1.8.1.0 as affected, with remediation to CP4S 1.9.0.0. Action: upgrade to CP...

CVE-2019-19603

SQLite 3.30.1 mishandles certain SELECT statements with a nonexistent VIEW, leading to an application crash...

Concrete CMS: XSS in select attribute options

To reproduce 1. Create a new select attribute. 2. Add a select attribute option with value alert'XSS' and hit Save. 3. Edit the newly created attribute again and see XSS dialog. The vulnerability lays in the typeform.php file, see...

SQLite elect.c file denial of service vulnerability

SQLite is an open source C-based embedded relational database management system . A security vulnerability exists in sqlite3Select in the select.c file in SQLite version 3.30.1. An attacker can exploit this vulnerability to cause the program to crash...

CVE-2019-19244

sqlite3Select in select.c in SQLite 3.30.1 allows a crash if a sub-select uses both DISTINCT and window functions, and also has certain ORDER BY usage...

Sql injection

sqlite3Select in select.c in SQLite 3.30.1 allows a crash if a sub-select uses both DISTINCT and window functions, and also has certain ORDER BY usage...

CVE-2019-19244

sqlite3Select in select.c in SQLite 3.30.1 allows a crash if a sub-select uses both DISTINCT and window functions, and also has certain ORDER BY usage...

CVE-2019-19244

sqlite3Select in select.c in SQLite 3.30.1 allows a crash if a sub-select uses both DISTINCT and window functions, and also has certain ORDER BY usage...

CVE-2019-19244

sqlite3Select in select.c in SQLite 3.30.1 allows a crash if a sub-select uses both DISTINCT and window functions, and also has certain ORDER BY usage...

CVE-2019-19244

CVE-2019-19244 affects SQLite 3.30.1, where sqlite3Select in select.c can crash if a sub‑select uses both DISTINCT and window functions and there is particular ORDER BY usage. The consequence is a denial of service via crash. Connected IBM/ASTRA pages confirm the CVE and describe the same SQLite ...

CVE-2019-19244

sqlite3Select in select.c in SQLite 3.30.1 allows a crash if a sub-select uses both DISTINCT and window functions, and also has certain ORDER BY usage...

CVE-2014-6310

Buffer overflow in CHICKEN 4.9.0 and 4.9.0.1 may allow remote attackers to execute arbitrary code via the 'select' function...

CVE-2014-6310

Buffer overflow in CHICKEN 4.9.0 and 4.9.0.1 may allow remote attackers to execute arbitrary code via the 'select' function...

Buffer overflow

Buffer overflow in CHICKEN 4.9.0 and 4.9.0.1 may allow remote attackers to execute arbitrary code via the 'select' function...

CVE-2014-6310

CVE-2014-6310 describes a buffer overflow in CHICKEN (versions 4.9.0 and 4.9.0.1) that may allow remote attackers to execute arbitrary code via the 'select' function. The connected documents confirm the affected product and the vulnerable vector, but do not provide specific exploit details, PoCs,...

CVE-2014-6310

Buffer overflow in CHICKEN 4.9.0 and 4.9.0.1 may allow remote attackers to execute arbitrary code via the 'select' function...

NetApp ONTAP Select Deploy Code Injection Vulnerability

ONTAP Select Deploy is a management utility for deploying and managing ONTAP Select clusters. A code injection vulnerability exists in ONTAP Select Deploy. An attacker could exploit the vulnerability to enable and use privileged user accounts...

NetApp ONTAP Select Deploy Elevation of Privilege Vulnerability

ONTAP Select Deploy is a management utility for deploying and managing ONTAP Select clusters. An elevation of privilege vulnerability exists in ONTAP Select Deploy. An attacker could exploit this vulnerability to achieve elevation of privilege...

CVE-2019-5509

ONTAP Select Deploy administration utility versions 2.11.2 through 2.12.2 are susceptible to a code injection vulnerability which when successfully exploited could allow an unauthenticated remote attacker to enable and use a privileged user account...