About the security content of iCloud for Windows 7.21

About the security content of iCloud for Windows 7.21 This document describes the security content of iCloud for Windows 7.21. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or...

Security Bulletin: A vulneraqbility in SQLite affects IBM Cloud Application Performance Managment R esponse Time Monitoring Agent (CVE-2020-15358)

Summary In SQLite before 3.32.3, select.c mishandles query-flattener optimization, leading to a multiSelectOrderBy heap overflow because of misuse of transitive properties for constant propagation. Vulnerability Details CVEID: CVE-2020-15358 DESCRIPTION: SQLite is vulnerable to a heap-based buffe...

Information Disclosure

chromium is vulnerable to information disclosure. Out of bounds read in SQLite in Google Chrome allows a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page...

Information Disclosure

chromium-browser is vulnerable to information disclosure. Uninitialized data in SQLite in Google Chrome allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page...

Arbitrary Code Execution

SQLite is vulnerable to arbitrary code execution. A stack-based buffer overflow and integer overflow in the sqlite3VXPrintf function in printf.c allows an attacker to execute arbitrary code on the host OS due to improperly handling of precision and width values during floating-point conversions...

Integer Overflow

sqlite3 is vlnerable to Integer overflow in SQLite via WebSQL in Google Chrome. It allows a remote attacker to potentially exploit heap corruption via a crafted HTML page...

Out Of Bound Reads

Google chrome is vulnerable to out of bound reads. Out of bounds read in SQLite in Google Chrome allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page...

Authorization Bypass

chrome is vulnerable to authorization bypass. Insufficient data validation in the SQLite allows a remote attacker to bypass authorization measures via a malicious HTML page...

openSUSE Security Update : fossil (openSUSE-2020-1478)

This update for fossil fixes the following issues : - fossil 2.12.1 : - CVE-2020-24614: Remote authenticated users with check-in or administrative privileges could have executed arbitrary code boo1175760 - Security fix in the 'fossil git export' command. New 'safety-net' features were added to...

Security update for fossil (important)

openSUSE Security Update: Security update for fossil Announcement ID: openSUSE-SU-2020:1478-1 Rating: important References: 1047218 1175760 Cross-References: CVE-2020-24614 Affected Products: openSUSE Leap 15.2 openSUSE Leap 15.1 openSUSE Backports SLE-15-SP2 openSUSE Backports SLE-15-SP1 An upda...

The vulnerabilities of the alter.c and build.c components of the SQLite database management system allow a hacker to rename any columns in the table.

The vulnerability of the alter.c and build.c components of the SQLite database management system exists due to insufficient validation of input data. Exploiting this vulnerability could allow an attacker to rename any columns in the table at will...

The vulnerability of the ext/fts3/fts3_snippet.c component of the SQLite database management system, which allows a hacker to cause a service failure.

The vulnerability of the ext/fts3/fts3snippet.c component of the SQLite database management system is related to the assignment of a null pointer. Exploiting this vulnerability could allow an attacker to cause a service failure...

KLA12007 Multiple vulnerabilities in Apple iTunes

Multiple vulnerabilities were found in Apple iTunes. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, obtain sensitive information. Below is a complete list of vulnerabilities: 1. An out-of-bounds write vulnerability in ImageIO can be exploited...

About the security content of iTunes 12.10.9 for Windows

About the security content of iTunes 12.10.9 for Windows This document describes the security content of iTunes 12.10.9 for Windows. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and...

EulerOS Virtualization for ARM 64 3.0.2.0 : sqlite (EulerOS-SA-2020-1987)

According to the versions of the sqlite package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - A NULL pointer dereference flaw was found in SQLite when rewriting select statements for window functions. This flaw...

Huawei EulerOS: Security Advisory for sqlite (EulerOS-SA-2020-1987)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SQLMap v1.4.9 - Automatic SQL Injection And Database Takeover Tool

SQLMap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a powerful detection engine, many niche features for the ultimate penetration tester and a broad range of switches lastin...

Huawei EulerOS: Security Advisory for sqlite (EulerOS-SA-2020-1930)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

GHSA-FW4P-36J9-RRJ3 Denial of Service in sequelize

Versions of sequelize prior to 4.44.4 are vulnerable to Denial of Service DoS. The SQLite dialect fails to catch a TypeError exception for the results variable. The results value may be undefined and trigger the error on a .map call. This may allow attackers to submit malicious input that forces...

Denial of Service in sequelize

Versions of sequelize prior to 4.44.4 are vulnerable to Denial of Service DoS. The SQLite dialect fails to catch a TypeError exception for the results variable. The results value may be undefined and trigger the error on a .map call. This may allow attackers to submit malicious input that forces...