Security Bulletin: A vulnerability was identified and remediated in the IBM MaaS360 Cloud Extender (CVE-2020-13434, CVE-2020-13435)

Summary A vulnerability was identified and remediated in the IBM MaaS360 Cloud Extender Vulnerability Details CVEID: CVE-2020-13435 DESCRIPTION: SQLite is vulnerable to a denial of service, caused by flaw in the sqlite3ExprCodeTarget function in expr.c. By sending a specially-crafted request, a...

CVE-2021-28305

An issue was discovered in the diesel crate before 1.4.6 for Rust. There is a use-after-free in the SQLite backend because the semantics of sqlite3columnname are not followed...

CVE-2021-28305

An issue was discovered in the diesel crate before 1.4.6 for Rust. There is a use-after-free in the SQLite backend because the semantics of sqlite3columnname are not followed...

DEBIAN-CVE-2021-28305

An issue was discovered in the diesel crate before 1.4.6 for Rust. There is a use-after-free in the SQLite backend because the semantics of sqlite3columnname are not followed...

CVE-2021-28305

An issue was discovered in the diesel crate before 1.4.6 for Rust. There is a use-after-free in the SQLite backend because the semantics of sqlite3columnname are not followed...

Design/Logic Flaw

An issue was discovered in the diesel crate before 1.4.6 for Rust. There is a use-after-free in the SQLite backend because the semantics of sqlite3columnname are not followed...

CVE-2021-28305

An issue was discovered in the diesel crate before 1.4.6 for Rust. There is a use-after-free in the SQLite backend because the semantics of sqlite3columnname are not followed...

CVE-2021-28305

CVE-2021-28305 affects the diesel crate prior to 1.4.6 for Rust. The SQLite backend has a use-after-free due to not following sqlite3_column_name semantics. This is documented across Red Hat, OSV/GHSA entries, but the exact patch version isn’t specified here; no exploit vectors are provided. Moni...

CVE-2021-28305

An issue was discovered in the diesel crate before 1.4.6 for Rust. There is a use-after-free in the SQLite backend because the semantics of sqlite3columnname are not followed...

Huawei EulerOS: Security Advisory for sqlite (EulerOS-SA-2021-1626)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Georg Semmler diesel 资源管理错误漏洞

Georg Semmler diesel is an open source application from Georg Semmler.Diesel gets rid of database interaction samples and eliminates runtime errors without sacrificing performance. A resource management error vulnerability exists in diesel crate before 1.4.6 for Rust, which stems from the SQLite...

EulerOS Virtualization 2.9.1 : sqlite (EulerOS-SA-2021-1626)

According to the versions of the sqlite package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - In SQLite before 3.32.3, select.c mishandles query-flattener optimization, leading to a multiSelectOrderBy heap overflow because o...

NewStart CGSL MAIN 6.02 : sqlite Multiple Vulnerabilities (NS-SA-2021-0064)

The remote NewStart CGSL host, running version MAIN 6.02, has sqlite packages installed that are affected by multiple vulnerabilities: - An exploitable use after free vulnerability exists in the window function functionality of Sqlite3 3.26.0. A specially crafted SQL command can cause a use after...

The vulnerability of the SELECT function in the SQLite database management system allows a hacker to cause a service failure or execute arbitrary code.

The vulnerability of the SELECT function in the SQLite database management system is related to the use of memory after it is freed. Exploiting this vulnerability can allow a malicious actor to cause service failures or execute arbitrary code using a specially created query...

RUSTSEC-2021-0037 Fix a use-after-free bug in diesels Sqlite backend

We've misused sqlite3columnname. The SQLite documentation states that the following: The returned string pointer is valid until either the prepared statement is destroyed by sqlite3finalize or until the statement is automatically reprepared by the first call to sqlite3step for a particular run or...

Fix a use-after-free bug in diesels Sqlite backend

We've misused sqlite3columnname. The SQLite documentation states that the following: The returned string pointer is valid until either the prepared statement is destroyed by sqlite3finalize or until the statement is automatically reprepared by the first call to sqlite3step for a particular run or...

SQLite Detection (Linux/Unix SSH Login)

SSH login-based detection of SQLite. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it...

Fedora: Security Advisory for roundcubemail (FEDORA-2021-aef54ec149)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 33 Update: roundcubemail-1.4.11-1.fc33

RoundCube Webmail is a browser-based multilingual IMAP client with an application-like user interface. It provides full functionality you expect from an e-mail client, including MIME support, address book, folder manipulation, message searching and spell checking. RoundCube Webmail is written in...

[SECURITY] Fedora 32 Update: roundcubemail-1.4.11-1.fc32

RoundCube Webmail is a browser-based multilingual IMAP client with an application-like user interface. It provides full functionality you expect from an e-mail client, including MIME support, address book, folder manipulation, message searching and spell checking. RoundCube Webmail is written in...