Important: Red Hat Security Advisory: sqlite security update

An update for sqlite is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

Important: Red Hat Security Advisory: sqlite security update

An update for sqlite is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions and Red Hat Enterprise Linux 8.8 Telecommunications Update Service. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring Syst...

Important: Red Hat Security Advisory: sqlite security update

An update for sqlite is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

RLSA-2025:12010 Important: sqlite security update

SQLite is a C library that implements an SQL database engine. A large subset of SQL92 is supported. A complete database is stored in a single disk file. The API is designed for convenience and ease of use. Applications that link against SQLite can enjoy the power and flexibility of an SQL databas...

ALSA-2025:11933 Important: sqlite security update

SQLite is a C library that implements an SQL database engine. A large subset of SQL92 is supported. A complete database is stored in a single disk file. The API is designed for convenience and ease of use. Applications that link against SQLite can enjoy the power and flexibility of an SQL databas...

Important: sqlite security update

SQLite is a C library that implements an SQL database engine. A large subset of SQL92 is supported. A complete database is stored in a single disk file. The API is designed for convenience and ease of use. Applications that link against SQLite can enjoy the power and flexibility of an SQL databas...

ALSA-2025:11992 Important: sqlite security update

SQLite is a C library that implements an SQL database engine. A large subset of SQL92 is supported. A complete database is stored in a single disk file. The API is designed for convenience and ease of use. Applications that link against SQLite can enjoy the power and flexibility of an SQL databas...

ALSA-2025:12010 Important: sqlite security update

SQLite is a C library that implements an SQL database engine. A large subset of SQL92 is supported. A complete database is stored in a single disk file. The API is designed for convenience and ease of use. Applications that link against SQLite can enjoy the power and flexibility of an SQL databas...

Important: sqlite security update

SQLite is a C library that implements an SQL database engine. A large subset of SQL92 is supported. A complete database is stored in a single disk file. The API is designed for convenience and ease of use. Applications that link against SQLite can enjoy the power and flexibility of an SQL databas...

CVE-2025-53889

Summary: CVE-2025-53889 affects Directus up to 11.9.0 where manual trigger Flows do not validate whether the triggering user has read permissions for payload items, potentially allowing unauthorized actions. The issue is fixed in 11.9.0; a workaround is to add permission checks for read access to...

PT-2025-29526 · Directus · Directus

Name of the Vulnerable Software and Affected Versions: Directus versions 9.0.0 through 11.8.9 Description: Directus is a real-time API and App dashboard for managing SQL database content. When using Directus Flows to handle CRUD events for users, the "Log to Console" operation with a template...

PT-2025-29528 · Directus · Directus

Name of the Vulnerable Software and Affected Versions: Directus versions 9.0.0 through 11.8.99 Description: Directus is a real-time API and App dashboard for managing SQL database content. The exact Directus version number is exposed by the /server/specs/oas endpoint without authentication in...

CVE-2025-34084

The CVE CVE-2025-34084 affects the WordPress Total Upkeep (BoldGrid Backup) plugin. Affected versions are up to and including 1.14.9 (and prior to 1.14.10 per RH) and expose sensitive backup information via env-info.php and restore-info.json without authentication. Attackers can locate backup fil...

tidos-framework

The TIDoS Framework is an open-source, Python-based web application penetration testing framework. It is designed to cover various phases of a penetration test, including reconnaissance, scanning and enumeration, vulnerability analysis, and exploitation. The framework is built on top of the SQLit...

[SECURITY] [DLA 4208-1] mariadb-10.5 security update

From: Otto Kekäläinen [email protected] To: [email protected] Subject: SECURITY DLA 4208-1 mariadb-10.5 security update - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4208-1 [email protected]...

CVE-2025-24353

Directus is a real-time API and App dashboard for managing SQL database content. Prior to version 11.2.0, when sharing an item, a typical user can specify an arbitrary role. It allows the user to use a higher-privileged role to see fields that otherwise the user should not be able to see. Instanc...

CVE-2024-27296

Directus is a real-time API and App dashboard for managing SQL database content. Prior to version 10.8.3, the exact Directus version number was being shipped in compiled JS bundles which are accessible without authentication. With this information a malicious attacker can trivially look for known...

CVE-2024-46990

Directus is a real-time API and App dashboard for managing SQL database content. When relying on blocking access to localhost using the default 0.0.0.0 filter a user may bypass this block by using other registered loopback devices like 127.0.0.2 - 127.127.127.127. This issue has been addressed in...

CVE-2024-52870

Teradata Vantage Editor 1.0.1 is mostly intended for SQL database access and docs.teradata.com access, but provides unintended functionality including Chromium Developer Tools that can result in a client user accessing arbitrary remote websites...

CVE-2021-44219

Gin-Vue-Admin before 2.4.6 mishandles a SQL database...