CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

650 matches found

OpenVAS•added 2022/01/28 12:0 a.m.•26 views

Mageia: Security Advisory (MGASA-2019-0240)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.9AI score0.31274EPSS

Exploits0References4

OpenVAS•added 2022/01/28 12:0 a.m.•21 views

Mageia: Security Advisory (MGASA-2021-0458)

8.8CVSS9.1AI score0.00765EPSS

Exploits0References4

OpenVAS•added 2022/01/28 12:0 a.m.•24 views

Mageia: Security Advisory (MGASA-2016-0255)

5.9CVSS7AI score0.00092EPSS

Exploits0References4

OpenVAS•added 2022/01/28 12:0 a.m.•25 views

Mageia: Security Advisory (MGASA-2017-0238)

9.8CVSS9.4AI score0.13108EPSS

Exploits0References5

OpenVAS•added 2022/01/28 12:0 a.m.•30 views

Mageia: Security Advisory (MGASA-2020-0070)

8.8CVSS8AI score0.08438EPSS

Exploits0References10

OpenVAS•added 2022/01/28 12:0 a.m.•29 views

Mageia: Security Advisory (MGASA-2013-0320)

10CVSS7.1AI score0.06864EPSS

Exploits0References12

OpenVAS•added 2022/01/28 12:0 a.m.•26 views

Mageia: Security Advisory (MGASA-2021-0303)

7.5CVSS7.4AI score0.05017EPSS

Exploits5References14

OpenVAS•added 2022/01/28 12:0 a.m.•28 views

Mageia: Security Advisory (MGASA-2015-0234)

7.5CVSS8.4AI score0.0794EPSS

Exploits0References17

OpenVAS•added 2022/01/28 12:0 a.m.•21 views

Mageia: Security Advisory (MGASA-2014-0421)

7.5CVSS9.8AI score0.04667EPSS

Exploits1References14

OpenVAS•added 2022/01/28 12:0 a.m.•12 views

Mageia: Security Advisory (MGASA-2018-0489)

8.1CVSS8.3AI score0.13522EPSS

Exploits1References5

OpenVAS•added 2022/01/28 12:0 a.m.•15 views

Mageia: Security Advisory (MGASA-2018-0181)

7.5CVSS7.8AI score0.1384EPSS

Exploits0References4

Huntr•added 2021/11/02 2:6 a.m.•38 views

OS Command Injection in ohmyzsh/ohmyzsh

Description In Oh My Zsh, there is a function called omzurldecode, which is used to decode URLs. Since this function is using eval with user inputs without any sanitization, it's possible to inject arbitrary commands into the eval context, which allows an attacker to achieve the command injection...

5.1CVSS0.4AI score0.00203EPSS

Exploits0

OpenVAS•added 2021/09/24 12:0 a.m.•37 views

SUSE: Security Advisory (SUSE-SU-2021:3215-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS6.8AI score0.31274EPSS

Exploits4References24

NCSC•added 2021/09/24 12:0 a.m.•1 views

Vulnerabilities fixed in sqlite3

Vulnerabilities have been fixed in sqlite. The vulnerabilities allow a malicious person to perform attacks that lead to the following categories of damage: Denial-of-Service DoS Remote code execution User Rights Access to sensitive data -= SUSE =- SUSE has made updates available to address the...

9.8CVSS9AI score0.31274EPSS

Exploits4

OSV•added 2021/09/23 2:26 p.m.•18 views

SUSE-SU-2021:3215-1 Security update for sqlite3

This update for sqlite3 fixes the following issues: sqlite3 is sync version 3.36.0 from Factory jscSLE-16032. The following CVEs have been fixed in upstream releases up to this point, but were not mentioned in the change log so far: bsc1173641, CVE-2020-15358: heap-based buffer overflow in...

9.8CVSS7.5AI score0.31274EPSS

Exploits4References50

Veracode•added 2021/08/26 6:11 a.m.•29 views

Denial Of Service

sqlite3 is vulnerable to denial of service. The vulnerability exists due to a segmentation fault via the idxGetTableInfo function...

7.5CVSS3.5AI score0.0172EPSS

Exploits1References12Affected Software1

OSV•added 2021/08/24 2:15 p.m.•1 views

AZL-8484 CVE-2021-36690 affecting package sqlite for versions less than 3.36.0-3

A segmentation fault can occur in the sqlite3.exe command-line component of SQLite 3.36.0 via the idxGetTableInfo function when there is a crafted SQL query. NOTE: the vendor disputes the relevance of this report because a sqlite3.exe user already has full privileges e.g., is intentionally allowe...

7.5CVSS6.8AI score0.0172EPSS

Exploits1References1

OSV•added 2021/08/24 2:15 p.m.•1 views

DEBIAN-CVE-2021-36690

7.5CVSS7.6AI score0.0172EPSS

Exploits1References1

CVE•added 2021/08/24 12:0 a.m.•191 views

CVE-2021-36690

CVE-2021-36690: A segmentation fault can occur in the sqlite3.exe command-line component of SQLite 3.36.0 via idxGetTableInfo when given a crafted SQL query. The vendor disputes the relevance (user already has full privileges). Public details note remediation via package upgrades; Debian LTS advi...

7.5CVSS7.6AI score0.0172EPSS

Exploits1References11Affected Software1

UbuntuCve•added 2021/08/17 7:15 p.m.•38 views

CVE-2021-0646

In sqlite3strvappendf of sqlite3.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege if the user can also inject a printf into a privileged process's SQL with no additional execution privileges needed. User interaction is n...

7.8CVSS7.3AI score0.00031EPSS

Exploits0References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by