CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

4786 matches found

CNNVD•added 2024/09/25 12:0 a.m.•1 views

sqlite-vec 安全漏洞

sqlite-vec is a SQLite extension from the individual developer Alex Garcia. A security vulnerability exists in sqlite-vec version v0.1.1, which stems from the presence of a heap buffer overflow that allows an attacker to cause a denial of service DoS via a crafted file...

9.1CVSS6.6AI score0.00141EPSS

Exploits2References2

CVE•added 2024/09/25 12:0 a.m.•43 views

CVE-2024-46488

sqlite-vec v0.1.1 contains a heap-based buffer overflow in the npy_token_next function that can be triggered by processing crafted files, leading to Denial of Service (DoS). The CVE-2024-46488 entry is corroborated by Red Hat, Veracode, GitHub advisory GHSA-vrcx-gx3g-j3h8, OSV, NVD, CVE list, and...

9.1CVSS7.7AI score0.00141EPSS

Exploits2References1Affected Software1

Vulnrichment•added 2024/09/25 12:0 a.m.•10 views

CVE-2024-46488

sqlite-vec v0.1.1 was discovered to contain a heap buffer overflow via the npytokennext function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted file...

7.7AI score0.00141EPSS

Exploits2References1

RubySec•added 2024/09/25 12:0 a.m.•13 views

Heap-based Buffer Overflow in sqlite-vec

sqlite-vec v0.1.1 was discovered to contain a heap buffer overflow via the npytokennext function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted file. Workaround for CVE in release 0.1.3...

9.1CVSS7.2AI score0.00141EPSS

Exploits2References1Affected Software1

Cvelist•added 2024/09/24 3:19 p.m.•16 views

CVE-2024-8877 SQL Injection

Improper neutralization of special elements results in a SQL Injection vulnerability in Riello Netman 204. It is only limited to the SQLite database of measurement data.This issue affects Netman 204: through 4.05...

6.9CVSS0.83804EPSS

Exploits2References1

CVE•added 2024/09/24 3:19 p.m.•85 views

CVE-2024-8877

Riello Netman 204 contains a SQL injection in three CGI endpoints: /cgi-bin/db_datalog_w.cgi, /cgi-bin/db_eventlog_w.cgi, and /cgi-bin/db_multimetr_w.cgi. The Nuclei template details unauthenticated SQLi that lets an attacker modify collected log data. The CVE description confirms the issue is li...

9.8CVSS9.8AI score0.83804EPSS

In wildExploits2References2Affected Software1

Vulnrichment•added 2024/09/24 3:19 p.m.•17 views

CVE-2024-8877 SQL Injection

6.9CVSS7.6AI score0.83804EPSS

Exploits2References1

Tenable Nessus•added 2024/09/24 12:0 a.m.•16 views

EulerOS 2.0 SP8 : sqlite (EulerOS-SA-2024-2490)

According to the versions of the sqlite packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A vulnerability was found in SQLite SQLite3 up to 3.43.0 and classified as critical. This issue affects the function sessionReadRecord of the file...

7.3CVSS6AI score0.00133EPSS

Exploits1References2

OpenVAS•added 2024/09/23 12:0 a.m.•10 views

Huawei EulerOS: Security Advisory for sqlite (EulerOS-SA-2024-2490)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.3CVSS6.1AI score0.00133EPSS

Exploits1References2

F5 Networks•added 2024/09/17 11:53 p.m.•43 views

K000141090: SQLite vulnerability CVE-2020-13630

Security Advisory Description ext/fts3/fts3.c in SQLite before 3.32.0 has a use-after-free in fts3EvalNextRow, related to the snippet feature. CVE-2020-13630 Impact When this vulnerability is exploited, an attacker can cause SQLite to crash, resulting in a denial-of-service DoS, or possibly execu...

7CVSS8.5AI score0.00122EPSS

Exploits0Affected Software1

F5 Networks•added 2024/09/17 11:8 p.m.•25 views

K000141088: SQLite vulnerability CVE-2017-10989

Security Advisory Description The getNodeSize function in ext/rtree/rtree.c in SQLite through 3.19.3, as used in GDAL and other products, mishandles undersized RTree blobs in a crafted database, leading to a heap-based buffer over-read or possibly unspecified other impact. CVE-2017-10989 Impact...

9.8CVSS8.1AI score0.13108EPSS

Exploits0Affected Software1