4786 matches found
AZL-38458 CVE-2018-20346 affecting package ceph for versions less than 18.2.1-1
SQLite before 3.25.3, when the FTS3 extension is enabled, encounters an integer overflow and resultant buffer overflow for FTS3 queries that occur after crafted changes to FTS3 shadow tables, allowing remote attackers to execute arbitrary code by leveraging the ability to run arbitrary SQL...
DEBIAN-CVE-2018-20346
SQLite before 3.25.3, when the FTS3 extension is enabled, encounters an integer overflow and resultant buffer overflow for FTS3 queries that occur after crafted changes to FTS3 shadow tables, allowing remote attackers to execute arbitrary code by leveraging the ability to run arbitrary SQL...
CVE-2018-20346
SQLite before 3.25.3, when the FTS3 extension is enabled, encounters an integer overflow and resultant buffer overflow for FTS3 queries that occur after crafted changes to FTS3 shadow tables, allowing remote attackers to execute arbitrary code by leveraging the ability to run arbitrary SQL...
CVE-2018-20346
SQLite before 3.25.3, when the FTS3 extension is enabled, encounters an integer overflow and resultant buffer overflow for FTS3 queries that occur after crafted changes to FTS3 shadow tables, allowing remote attackers to execute arbitrary code by leveraging the ability to run arbitrary SQL...
CVE-2018-20346
CVE-2018-20346 affects SQLite when the FTS3 extension is enabled. SQLite before 3.25.3 exhibits an integer overflow (and resulting buffer overflow) for FTS3 queries after crafted changes to FTS3 shadow tables, enabling remote attackers to execute arbitrary SQL statements and potentially take cont...
CVE-2018-20346
SQLite before 3.25.3, when the FTS3 extension is enabled, encounters an integer overflow and resultant buffer overflow for FTS3 queries that occur after crafted changes to FTS3 shadow tables, allowing remote attackers to execute arbitrary code by leveraging the ability to run arbitrary SQL...
CVE-2018-20346
SQLite before 3.25.3, when the FTS3 extension is enabled, encounters an integer overflow and resultant buffer overflow for FTS3 queries that occur after crafted changes to FTS3 shadow tables, allowing remote attackers to execute arbitrary code by leveraging the ability to run arbitrary SQL...
[SECURITY] Fedora 29 Update: sqlite-3.26.0-1.fc29
SQLite is a C library that implements an SQL database engine. A large subset of SQL92 is supported. A complete database is stored in a single disk file. The API is designed for convenience and ease of use. Applications that link against SQLite can enjoy the power and flexibility of an SQL databas...
CVE-2018-20346
SQLite before 3.25.3, when the FTS3 extension is enabled, encounters an integer overflow and resultant buffer overflow for FTS3 queries that occur after crafted changes to FTS3 shadow tables, allowing remote attackers to execute arbitrary code by leveraging the ability to run arbitrary SQL...
UBUNTU-CVE-2018-20346
SQLite before 3.25.3, when the FTS3 extension is enabled, encounters an integer overflow and resultant buffer overflow for FTS3 queries that occur after crafted changes to FTS3 shadow tables, allowing remote attackers to execute arbitrary code by leveraging the ability to run arbitrary SQL...
FreeBSD : bro -- 'Magellan' remote code execution vulnerability in bundled sqlite (b80f039d-579e-4b82-95ad-b534a709f220)
Bro Network security Monitor reports : Bro 2.6.1 updates the embedded SQLite to version 3.26.0 to address the 'Magellan' remote code execution vulnerability. The stock Bro configuration/scripts don't use SQLite by default, but custom user scripts/packages may. C Tenable Network Security, Inc. The...
Magellan SQLite SQL Injection
A SQL injection vulnerability exists in SQLite-based applications. Successful exploitation could allow attacker to disclose confidential information, modify or shut down the database or execute arbitrary code on affected servers...
Security update for Chromium (important)
This update to Chromium 71.0.3578.98 fixes the following issues: Security issues fixed boo1118529: - CVE-2018-17480: Out of bounds write in V8 - CVE-2018-17481: Use after frees in PDFium - CVE-2018-18335: Heap buffer overflow in Skia - CVE-2018-18336: Use after free in PDFium - CVE-2018-18337: Us...
Critical SQLite Flaw Leaves Millions of Apps Vulnerable to Hackers
Cybersecurity researchers have discovered a critical vulnerability in widely used SQLite database software that exposes billions of deployments to hackers. Dubbed as 'Magellan' by Tencent's Blade security team, the newly discovered SQLite flaw could allow remote attackers to execute arbitrary or...
Critical SQLite Flaw Leaves Millions of Apps Vulnerable to Hackers
Cybersecurity researchers have discovered a critical vulnerability in widely used SQLite database software that exposes billions of deployments to hackers. Dubbed as 'Magellan ' by Tencent's Blade security team, the newly discovered SQLite flaw could allow remote attackers to execute arbitrary or...
Google Chrome 70 - SQLite Magellan Crash (PoC)
Google Chrome 70 - SQLite Magellan Crash PoC This proof-of-concept crashes the Chrome renderer process using Tencent Blade Team's Magellan SQLite3 bug. It's based on a SQLite test case from the commit that fixed the bug. If you're using Chrome 70 or below, tap the button below to crash this page:...
Google Chrome 70 - SQLite Magellan Crash (PoC)
This proof-of-concept crashes the Chrome renderer process using Tencent Blade Team's Magellan SQLite3 bug. It's based on a SQLite test case from the commit that fixed the bug. If you're using Chrome 70 or below, tap the button below to crash this page: Crash this page Your browser's user agent is...
openSUSE Security Update : Chromium (openSUSE-2018-1521)
This update to Chromium version 71.0.3578.80 fixes security issues and bugs. Security issues fixed boo1118529 : - CVE-2018-17480: Out of bounds write in V8 - CVE-2018-17481: Use after frees in PDFium - CVE-2018-18335: Heap buffer overflow in Skia - CVE-2018-18336: Use after free in PDFium -...
SQLite and Chrome SQLite Component Remote Code Execution Vulnerability
SQLite is an open source embedded relational database management system based on C. Google Chromium is a Web browser developed by Google Google. A remote code execution vulnerability exists in the SQLite and Chrome SQLite components. An attacker can exploit the vulnerability to remotely execute...
Stable Channel Update for Desktop
The Chrome team is delighted to announce the promotion of Chrome 71 to the stable channel for Windows, Mac and Linux. This will roll out over the coming days/weeks. Chrome 71.0.3578.80 contains a number of fixes and improvements -- a list of changes is available in the log. Watch out for upcoming...