CVE-2022-47927

An issue was discovered in MediaWiki before 1.35.9, 1.36.x through 1.38.x before 1.38.5, and 1.39.x before 1.39.1. When installing with a pre-existing data directory that has weak permissions, the SQLite files are created with file mode 0644, i.e., world readable to local users. These files inclu...

Huawei EulerOS: Security Advisory for sqlite (EulerOS-SA-2023-1205)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

sqlite security update

3.26.0-17 - Fixed CVE-2022-35737...

EulerOS Virtualization 2.9.0 : sqlite (EulerOS-SA-2023-1235)

According to the versions of the sqlite package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : An issue was found in fts5UnicodeTokenize in ext/fts5/fts5tokenize.c in Sqlite. A unicode61 tokenizer configured to treat unicode...

SQLite < 3.32.0 Multiple Vulnerabilities

SQLite is prone to multiple vulnerabilities. Copyright C 2023 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

EulerOS Virtualization 2.9.1 : sqlite (EulerOS-SA-2023-1205)

According to the versions of the sqlite package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : An issue was found in fts5UnicodeTokenize in ext/fts5/fts5tokenize.c in Sqlite. A unicode61 tokenizer configured to treat unicode...

Security Bulletin: Multiple Security Vulnerabilities may affect IBM Robotic Process Automation for Cloud Pak.

Summary Multiple Security Vulnerabilities may affect IBM Robotic Process Automation for Cloud Pak. Apache Commons is used by IBM Robotic Process Automation as part of the Watson NLP functionality CVE-2022-42889. Connect2id Nimbus JOSE+JWT is used by IBM Robotic Process Automation as part of the...

K000130512: SQLite vulnerability CVE-2022-35737

Security Advisory Description SQLite 1.0.12 through 3.39.x before 3.39.2 sometimes allows an array-bounds overflow if billions of bytes are used in a string argument to a C API. CVE-2022-35737 Impact An authenticated remote attacker can exploit this vulnerability by sending a specially crafted...

SUSE: Security Advisory (SUSE-SU-2023:0030-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Restrictions Bypass

sqlite is vulnerable to security restrictions bypass. When relying on --safe for execution of an untrusted CLI script, it does not properly implement the azProhibitedFunctions protection mechanism, and instead allows UDF functions such as WRITEFILE...

SUSE-SU-2023:0030-1 Security update for tcl

This update for tcl fixes the following issues: - Fixed a race condition in test socket-13.1. - Removed the SQLite extension and use the packaged sqlite3 instead bsc1195773...

UBUNTU-CVE-2022-31631

In PHP versions 8.0. before 8.0.27, 8.1. before 8.1.15, 8.2. before 8.2.2 when using PDO::quote function to quote user-supplied data for SQLite, supplying an overly long string may cause the driver to incorrectly quote the data, which may further lead to SQL injection vulnerabilities...

PT-2023-36105 · Tcl · Tcl

Name of the Vulnerable Software and Affected Versions: tcl affected versions not specified Description: The issue involves a race condition in test socket-13.1. Additionally, the SQLite extension has been removed, and the packaged sqlite3 is used instead. Recommendations: At the moment, there is ...

SQLite report about CVE-2023-7104

This is a bug in the session extension of SQLite, not in the SQLite core. This bug is only reachable by applications that recompile SQLite using the -DSQLITEENABLESESSION compile-time option and then use the Session C-language APIs to process a changeset that has been subtly corrupted by an...

SQLite report about CVE-2023-39543

This is not a bug in SQLite. This is an XSS vulnerability in a separate application LuxCal Web Calendar that links against SQLite. The bug is in the application, not in SQLite. However "SQLite" is mentioned in the description and so we list it here...

SQLite report about CVE-2023-39939

This is not a bug in SQLite. This is an SQL injection bug in an application LuxCal Web Calendar that links against SQLite. Even though this CVE is not about SQLite, "SQLite" is mentioned in the description and so we list it here...

SQLite report about CVE-2023-32697

This is a bug in the SQLite JDBC library, which is a wrapper library that provides access to SQLite from Java. SQLite JDBC is created and maintained independently from SQLite. Despite the use of "SQLite" in the name, the SQLite JDBC library is not affiliated with the SQLite project in any way. Th...

Security Bulletin: IBM Cloud Transformation Advisor is vulnerable to multiple vulnerabilities

Summary IBM Cloud Transformation Advisor has addressed multiple security vulnerabilities including those in Node.js, IBM WebSphere Application Server Liberty and various other libraries. Vulnerability Details CVEID:CVE-2022-3171 DESCRIPTION: protobuf-java core and lite are vulnerable to a denial ...

Huawei EulerOS: Security Advisory for sqlite (EulerOS-SA-2022-2920)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for sqlite (EulerOS-SA-2022-2946)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...