SQLancer - Detecting Logic Bugs In DBMS

SQLancer Synthesized Query Lancer is a tool to automatically test Database Management Systems DBMS in order to find logic bugs in their implementation. We refer to logic bugs as those bugs that cause the DBMS to fetch an incorrect result set e.g., by omitting a record. SQLancer operates in the...

CVE-2021-0646

CVE-2021-0646 affects Android via an out-of-bounds write in sqlite3_str_vappendf (sqlite3.c) caused by improper input validation. This could enable local privilege escalation if an attacker can inject a printf into a privileged process' SQL; exploitation does not require user interaction. Android...

Security Bulletin: IBM Data Risk Manager is affected by multiple vulnerabilities

Summary IBM Data Risk Manager has addressed the following vulnerabilities: Vulnerability Details CVEID: CVE-2020-13871 DESCRIPTION: SQLite is vulnerable to a denial of service, caused by a use-after-free in resetAccumulator in select.c. By sending a specially crafted request, a remote attacker...

Vxscan

This is a Python script named Vxscan, which is a comprehensive scanning tool for sensitive file detection, WAF/CDN identification, port scanning, fingerprint/service identification, operating system identification, weak password detection, POC scanning, SQL injection, and other functions. The...

Hotel Druid SQL Injection Vulnerability

Hotel Druid is an open source application for hotel management developed by DigitalDruid.Net. A security vulnerability exists in Hotel Druid version 3.0.2, which stems from the fact that malicious attackers can exploit the vulnerability to issue SQL commands to SQLite databases via the vulnerable...

DEBIAN-CVE-2021-30569

Use after free in sqlite in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

CVE-2021-30569

Use after free in sqlite in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

CVE-2021-30569

Use after free in sqlite in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

UBUNTU-CVE-2021-30569

Use after free in sqlite in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

Design/Logic Flaw

Use after free in sqlite in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

CVE-2021-30569

Use after free in sqlite in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

CVE-2021-30569

CVE-2021-30569 is a use-after-free in the sqlite component of the Chromium browser engine (Chrome) before version 92.0.4515.107. The vulnerability could allow a remote attacker to cause heap corruption via a crafted HTML page, potentially enabling arbitrary code execution. The connected data from...

CVE-2021-30569

Use after free in sqlite in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

CVE-2021-30569

Use after free in sqlite in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

CVE-2021-30569

Use after free in sqlite in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

DEBIAN-CVE-2021-37832

A SQL injection vulnerability exists in version 3.0.2 of Hotel Druid when SQLite is being used as the application database. A malicious attacker can issue SQL commands to the SQLite database through the vulnerable idappartamenti parameter...

CVE-2021-37832

A SQL injection vulnerability exists in version 3.0.2 of Hotel Druid when SQLite is being used as the application database. A malicious attacker can issue SQL commands to the SQLite database through the vulnerable idappartamenti parameter...

CVE-2021-37832

A SQL injection vulnerability exists in version 3.0.2 of Hotel Druid when SQLite is being used as the application database. A malicious attacker can issue SQL commands to the SQLite database through the vulnerable idappartamenti parameter...

UBUNTU-CVE-2021-37832

A SQL injection vulnerability exists in version 3.0.2 of Hotel Druid when SQLite is being used as the application database. A malicious attacker can issue SQL commands to the SQLite database through the vulnerable idappartamenti parameter...

Sql injection

A SQL injection vulnerability exists in version 3.0.2 of Hotel Druid when SQLite is being used as the application database. A malicious attacker can issue SQL commands to the SQLite database through the vulnerable idappartamenti parameter...