4786 matches found
SQLite Memory Corruption Vulnerability in Multiple Apple Products
Apple iOS and so on are the products of the United States Apple Apple. Apple iOS is a set of operating systems developed for mobile devices; tvOS is a set of smart TV operating system. SQLite is one of the set of C-based open source embedded relational database management components developed by...
SQLite memory corruption vulnerability in multiple Apple products (CNVD-2019-03293)
Apple iOS and so on are the products of the United States Apple Apple. Apple iOS is a set of operating systems developed for mobile devices; tvOS is a set of smart TV operating system. SQLite is one of the set of C-based open source embedded relational database management components developed by...
Apple iTunes < 12.9.3 Multiple Vulnerabilities (credentialed check)
The version of Apple iTunes installed on the remote Windows host is prior to 12.9.3. It is, therefore, affected by multiple vulnerabilities as referenced in the HT209450 advisory: - Multiple vulnerabilities exist due to input processing flaws in the WebKit component. An attacker may be able to...
What is a vulnerability and what is not?
It looks like a pretty simple question. I used it to started my MIPT lecture. But actually the answer is not so obvious. There are lots of formal definitions of a vulnerability. For example in NIST Glossary there are 17 different definitions. The most popular one used in 13 documents is:...
macOS 10.14.x < 10.14.3 Multiple Vulnerabilities
The remote host is running a version of macOS / Mac OS X that is 10.14.x prior to 10.14.3. It is, therefore, affected by multiple vulnerabilities related to the following components: - AppleKeyStore - Bluetooth - Core Media - CoreAnimation - FaceTime - IOKit - Kernel - libxpc - Natural Language...
About the security content of iTunes 12.9.3 for Windows
About the security content of iTunes 12.9.3 for Windows This document describes the security content of iTunes 12.9.3 for Windows. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patche...
KLA11408 Multiple vulnerabilities in Apple iTunes
Multiple vulnerabilities were found in Apple iTunes. Malicious users can exploit these vulnerabilities to bypass security restrictions, gain privileges, execute arbitrary code, perform cross-site scripting attack. Below is a complete list of vulnerabilities: 1. A memory corruption vulnerability i...
About the security content of iCloud for Windows 7.10
About the security content of iCloud for Windows 7.10 This document describes the security content of iCloud for Windows 7.10. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or...
About the security content of watchOS 5.1.3
About the security content of watchOS 5.1.3 This document describes the security content of watchOS 5.1.3. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are...
SQLite FTS Integer Overflow (CVE-2018-20346)
An integer overflow vulnerability exists in SQLite-based applications. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Debian: Security Advisory (DLA-1633-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2018-17197
A carefully crafted or corrupt sqlite file can cause an infinite loop in Apache Tika's SQLite3Parser in versions 1.8-1.19.1 of Apache Tika...
FreeBSD : chromium -- multiple vulnerabilities (546d4dd4-10ea-11e9-b407-080027ef1a23)
Google Chrome Releases reports : 43 security fixes in this release, including : - High CVE-2018-17480: Out of bounds write in V8 - High CVE-2018-17481: Use after free in PDFium - High CVE-2018-18335: Heap buffer overflow in Skia - High CVE-2018-18336: Use after free in PDFium - High CVE-2018-1833...
CVE-2018-20346
Multiple flaws were found in sqlite. An attacker having the ability to run arbitrary SQL commands could use this flaw to execute arbitrary code with the permission of the user running the sqlite application...
Fedora 29 : spatialite-tools / sqlite (2018-ccbe8b931c)
Security fix for fts3/4 corrupt database exploit sqlite rebased to version 3.26.0 per: https://sqlite.org/releaselog/3260.html spatialite-tools rebuilt for latest sqlite version Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system...
Fedora 28 : sqlite (2018-5f91fbf4fd)
Security fix for fts3/4 corrupt database exploit Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...
Fedora 28 : sqlite (2018-bb66329dee)
Security fix for CVE-2018-8740 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300...
SQLite report about CVE-2019-19959
Malicious SQL statement causes a NULL pointer dereference in the Zipfile virtual table extension and denial-of-service. This is only possible when the optional Zipfile virtual table extension is deployed, which is not the case in default builds. details...
SQLite report about CVE-2019-19925
Malicious SQL statement causes a NULL pointer dereference and in the Zipfile virtual table extension and denial-of-service. This is only possible when the optional Zipfile virtual table extension is deployed, which is not the case in default builds. details...
SQLite report about CVE-2019-19926
Malicious SQL statement causes an uninitialized pointer read and denial-of-service. details...