4786 matches found
OESA-2023-1622 php security update
PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is...
Security Bulletin: There is a vulnerability in SQLite JDBC used by IBM Maximo Manage application in IBM Maximo Application Suite ( CVE-2023-32697)
Summary There is a vulnerability in SQLite JDBC used by IBM Maximo Manage application in IBM Maximo Application Suite. Vulnerability Details CVEID:CVE-2023-32697 DESCRIPTION: SQLite JDBC could allow a remote authenticated attacker to execute arbitrary code on the system, caused by a flaw when JDB...
Security Bulletin: There is a vulnerabiliy in SQLite JDBC used by IBM Maximo Asset Management (CVE-2023-32697)
Summary There is a vulnerabiliy in SQLite JDBC used by IBM Maximo Asset Management. Vulnerability Details CVEID:CVE-2023-32697 DESCRIPTION: SQLite JDBC could allow a remote authenticated attacker to execute arbitrary code on the system, caused by a flaw when JDBC url is attacker controlled. By...
Alert: Apache Superset Vulnerabilities Expose Servers to Remote Code Execution Attacks
Patches have been released to address two new security vulnerabilities in Apache Superset that could be exploited by an attacker to gain remote code execution on affected systems. The update version 2.1.1 plugs CVE-2023-39265 and CVE-2023-37941, which make it possible to conduct nefarious actions...
Oracle Linux 8 : sqlite (ELSA-2020-1810)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-1810 advisory. - Fixed CVE-2019-13752 1786529 - Fixed CVE-2019-13753 1786535 - Fixed CVE-2019-13734 1786509 - Fixed CVE-2019-19924 1789776 - Fixed CVE-2019-19923...
Critical Photon OS Security Update - PHSA-2023-5.0-0089
Updates of 'sqlite', 'openvswitch', 'libssh' packages of Photon OS have been released...
Oracle Linux 8 : sqlite (ELSA-2020-0273)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2020-0273 advisory. 3.26.0-4 - Fixed CVE-2019-13734 1786508 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus...
K000136109: PHP SQLite vulnerability CVE-2022-31631
Security Advisory Description In PHP versions 8.0. before 8.0.27, 8.1. before 8.1.15, 8.2. before 8.2.2 when using PDO::quote function to quote user-supplied data for SQLite, supplying an overly long string may cause the driver to incorrectly quote the data, which may further lead to SQL injectio...
Apache Superset Improper Input Validation vulnerability
Apache Superset would allow for SQLite database connections to be incorrectly registered when an attacker uses alternative driver names like sqlite+pysqlite or by using database imports. This could allow for unexpected file creation on Superset webservers. Additionally, if Apache Superset is usin...
GHSA-FM4Q-J8G4-C9J4 Apache Superset Improper Input Validation vulnerability
Apache Superset would allow for SQLite database connections to be incorrectly registered when an attacker uses alternative driver names like sqlite+pysqlite or by using database imports. This could allow for unexpected file creation on Superset webservers. Additionally, if Apache Superset is usin...
CVE-2023-39265
Apache Superset would allow for SQLite database connections to be incorrectly registered when an attacker uses alternative driver names like sqlite+pysqlite or by using database imports. This could allow for unexpected file creation on Superset webservers. Additionally, if Apache Superset is usin...
CVE-2023-39265
Apache Superset would allow for SQLite database connections to be incorrectly registered when an attacker uses alternative driver names like sqlite+pysqlite or by using database imports. This could allow for unexpected file creation on Superset webservers. Additionally, if Apache Superset is usin...
Design/Logic Flaw
Apache Superset would allow for SQLite database connections to be incorrectly registered when an attacker uses alternative driver names like sqlite+pysqlite or by using database imports. This could allow for unexpected file creation on Superset webservers. Additionally, if Apache Superset is usin...
CVE-2023-39265 Apache Superset: Possible Unauthorized Registration of SQLite Database Connections
Apache Superset would allow for SQLite database connections to be incorrectly registered when an attacker uses alternative driver names like sqlite+pysqlite or by using database imports. This could allow for unexpected file creation on Superset webservers. Additionally, if Apache Superset is usin...
CVE-2023-39265
CVE-2023-39265 describes that Apache Superset can register SQLite connections incorrectly when using alternative driver names such as sqlite+pysqlite or via database imports, potentially causing unexpected file creation on the webserver. If Superset uses SQLite for its metadata (not advised for p...
CVE-2023-39265 Apache Superset: Possible Unauthorized Registration of SQLite Database Connections
Apache Superset would allow for SQLite database connections to be incorrectly registered when an attacker uses alternative driver names like sqlite+pysqlite or by using database imports. This could allow for unexpected file creation on Superset webservers. Additionally, if Apache Superset is usin...
ICMPWatch - ICMP Packet Sniffer
ICMP Packet Sniffer is a Python program that allows you to capture and analyze ICMP Internet Control Message Protocol packets on a network interface. It provides detailed information about the captured packets, including source and destination IP addresses, MAC addresses, ICMP type, payload data,...
Apache Superset 输入验证错误漏洞
Apache Superset is a data visualization and data exploration platform from the Apache USA Foundation. A security bypass vulnerability exists in Apache Superset version 2.1.0 and earlier, which can be exploited by an attacker to register a SQLite database connection...
SQL injection in slug parameter
Description The /api/workspace/:slug endpoint exposes a critical SQL injection vulnerability in the slug parameter. This vulnerability arises due to the insecure handling of user-supplied data slug in the construction of a SQL query. An attacker can exploit this vulnerability by crafting a...
CVE-2023-39983
A vulnerability that poses a potential risk of polluting the MXsecurity sqlite database and the nsm-web UI has been identified in MXsecurity versions prior to v1.0.1. This vulnerability might allow an unauthenticated remote attacker to register or add devices via the nsm-web application...