CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

4856 matches found

CVE•added 2021/09/08 10:50 a.m.•79 views

CVE-2021-23404

CVE-2021-23404 affects all versions of sqlite-web. The vulnerability is a Cross-Site Request Forgery (CSRF) in the SQL dashboard area that can cause sensitive actions to be performed without confirming the request origin. The issue is documented across multiple sources (NVD, GHSA, OSV, Snyk) with...

8.8CVSS8.4AI score0.00141EPSS

Exploits1References2Affected Software1

ATTACKERKB•added 2021/09/08 10:48 a.m.•10 views

CVE-2021-23404

This affects all versions of package sqlite-web. The SQL dashboard area allows sensitive actions to be performed without validating that the request originated from the application. This could enable an attacker to trick a user into performing these actions unknowingly through a Cross Site Reques...

8.8CVSS5.7AI score0.00141EPSS

Exploits1References3

CNNVD•added 2021/09/08 12:0 a.m.•3 views

Sqlite 跨站请求伪造漏洞

Sqlite is a lightweight database that is ACID compliant relational database management system. A security vulnerability exists in sqlite sqlite-web that allows sensitive operations to be performed without verifying that the request is from the application...

8.8CVSS7.8AI score0.00141EPSS

Exploits1References3

Tenable Nessus•added 2021/09/03 12:0 a.m.•57 views

Tenable SecurityCenter < 5.19.0 Multiple Vulnerabilities (TNS-2021-14)

According to its self-reported version, the Tenable SecurityCenter application installed on the remote host is less than 5.19.0 and is therefore affected by multiple vulnerabilities in the following components: - Apache FOP - Underscore - Handlebars - PHP - sqlite Note that successful exploitatio...

9.8CVSS7.6AI score0.94053EPSS

Exploits84References43

Gitee•added 2021/08/31 8:37 p.m.•1 views

IMChecker

This repository is an offensive tool for API misuse detection. The tool is called IMChecker, and it is designed to automatically detect API misuse in C programs. The tool uses a constraint-directed static analysis technique powered by a domain-specific language DSL for specifying API usage...

6.9AI score

Exploits0

OpenVAS•added 2021/08/25 12:0 a.m.•21 views

SQLite 3.36.3 DoS Vulnerability

SQLite is prone to a denial of service DoS vulnerability. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you...

7.5CVSS7.4AI score0.0172EPSS

Exploits1References2

CNVD•added 2021/08/25 12:0 a.m.•30 views

SQLite Segmentation Error Vulnerability

SQLite is a self-sufficient, serverless, zero-configuration, transactional SQL database engine. idxGetTableInfo function in SQLite version 3.36.0 is vulnerable to a segmentation error. An attacker could exploit the vulnerability via a specially crafted SQL query to cause a denial of service...

7.5CVSS5.2AI score0.0172EPSS

Exploits1References1

OSV•added 2021/08/24 2:15 p.m.•5 views

CVE-2021-36690

A segmentation fault can occur in the sqlite3.exe command-line component of SQLite 3.36.0 via the idxGetTableInfo function when there is a crafted SQL query. NOTE: the vendor disputes the relevance of this report because a sqlite3.exe user already has full privileges e.g., is intentionally allowe...

7.5CVSS7.6AI score

Exploits0References11

NVD•added 2021/08/24 2:15 p.m.•13 views

CVE-2021-36690

7.5CVSS0.0172EPSS

Exploits1References11

AlpineLinux•added 2021/08/24 2:15 p.m.•27 views

CVE-2021-36690

DISPUTED A segmentation fault can occur in the sqlite3.exe command-line component of SQLite 3.36.0 via the idxGetTableInfo function when there is a crafted SQL query. NOTE: the vendor disputes the relevance of this report because a sqlite3.exe user already has full privileges e.g., is intentional...

7.5CVSS4.8AI score0.0172EPSS

Exploits1

OSV•added 2021/08/24 2:15 p.m.•0 views

UBUNTU-CVE-2021-36690

7.5CVSS6.8AI score0.0172EPSS

Exploits1References4

UbuntuCve•added 2021/08/24 2:15 p.m.•42 views

CVE-2021-36690

7.5CVSS6.8AI score0.0172EPSS

Exploits1References3

Prion•added 2021/08/24 2:15 p.m.•18 views

Design/Logic Flaw

5CVSS7.6AI score0.0172EPSS

Exploits1References10Affected Software6

CNNVD•added 2021/08/24 12:0 a.m.•2 views

SQLite 缓冲区错误漏洞

7.5CVSS6.7AI score0.0172EPSS

Exploits1References23

CNVD•added 2021/08/24 12:0 a.m.•24 views

flatCore Cross-Site Scripting Vulnerability (CNVD-2021-94950)

flatCore is a PHP and SQLite based Web Content Management System CMS. flatCore version 2.0.7 suffers from a cross-site scripting vulnerability. An attacker can exploit the vulnerability to conduct cross-site scripting attacks via the upload image feature...

5.4CVSS3AI score0.00567EPSS

Exploits1References1

Debian CVE•added 2021/08/24 12:0 a.m.•31 views

CVE-2021-36690

7.5CVSS6.8AI score0.0172EPSS

Exploits1

CNVD•added 2021/08/24 12:0 a.m.•114 views

flatCore remote code execution vulnerability

flatCore is a PHP and SQLite based Web Content Management System CMS. flatCore version 2.0.7 is vulnerable to remote code execution. An attacker can exploit the vulnerability to execute arbitrary php code by uploading the addon plugin...

9CVSS5.7AI score0.16897EPSS

Exploits4References1

Cvelist•added 2021/08/24 12:0 a.m.•15 views

CVE-2021-36690

8AI score0.0172EPSS

Exploits1References10

CVE•added 2021/08/24 12:0 a.m.•206 views

CVE-2021-36690

CVE-2021-36690: A segmentation fault can occur in the sqlite3.exe command-line component of SQLite 3.36.0 via idxGetTableInfo when given a crafted SQL query. The vendor disputes the relevance (user already has full privileges). Public details note remediation via package upgrades; Debian LTS advi...

7.5CVSS7.6AI score0.0172EPSS

Exploits1References11Affected Software1

CNNVD•added 2021/08/23 12:0 a.m.•2 views

FlatCore-CMS 代码问题漏洞

9CVSS6.6AI score0.16897EPSS

Exploits4References4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by