Security Bulletin: Using Components with Known Vulnerabilities affects IBM Security Guardium (multiple CVEs)

Summary IBM Security Guardium is vulnerable to several possible remote attacks Vulnerability Details CVEID: CVE-2015-4881 DESCRIPTION: An unspecified vulnerability in Oracle Java SE related to the CORBA component has complete confidentiality impact, complete integrity impact, and complete...

Security Bulletin: A vulnerability in SQLite affects IBM Security Access Manager for Mobile (CVE-2015-3416)

Summary There is a denial of service vulnerability in SQLite, which affects IBM Security Access Manager for Mobile. Vulnerability Details CVEID: CVE-2015-3416 DESCRIPTION: SQLite is vulnerable to a denial of service, caused by the failure to properly handle precision and width values during...

Security Bulletin: A vulnerability in SQLite affects IBM Security Access Manager for Web (CVE-2015-3416)

Summary There is a denial of service vulnerability in SQLite, which affects IBM Security Access Manager for Web. Vulnerability Details CVEID: CVE-2015-3416 DESCRIPTION: SQLite is vulnerable to a denial of service, caused by the failure to properly handle precision and width values during...

Security Bulletin: A vulnerability in SQLite affects IBM Security Network Protection (CVE-2015-3416)

Summary A security vulnerability has been discovered in SQLite used with IBM Security Network Protection. Vulnerability Details CVEID: CVE-2015-3416 DESCRIPTION: SQLite is vulnerable to a denial of service, caused by the failure to properly handle precision and width values during floating-point...

Malicious JavaScript Package Detection

Detection and reporting of known malicious JavaScript packages or package versions. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescripti...

Fedora Update for sqlite FEDORA-2018-8d8f0e1643

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 27 : sqlite (2018-8d8f0e1643)

Security fix for CVE-2017-13685 CVE-2017-15286 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...

Malicious Module

node-sqlite was a malicious module as it is developed to hijack environment variables and send it to attacker's controlled location...

CVE-2017-16048

node-sqlite was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm...

Code injection

node-sqlite was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm...

CVE-2017-16050

The CVE-2017-16050 entry concerns the sqlite.js npm package, a malware payload published to hijack environment variables. Multiple connected records confirm that sqlite.js steals environment variables and exfiltrates them to attacker-controlled locations, and that all versions were unpublished fr...

CVE-2017-16048

The CVE-2017-16048 entry covers the node-sqlite package, identified as malware that hijacks environment variables. Connected advisories confirm that the malware steals environment variables and exfiltrates to attacker-controlled locations; all versions were unpublished from npm. Practical impact ...

CVE-2017-16048

node-sqlite was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm...

ReverseAPK - Quickly Analyze And Reverse Engineer Android Packages

Quickly analyze and reverse engineer Android applications. FEATURES: Displays all extracted files for easy reference Automatically decompile APK files to Java and Smali format Analyze AndroidManifest.xml for common vulnerabilities and behavior Static source code analysis for common vulnerabilitie...

CVE-2016-10554

sequelize is an Object-relational mapping, or a middleman to convert things from Postgres, MySQL, MariaDB, SQLite and Microsoft SQL Server into usable data for NodeJS. Before version 1.7.0-alpha3, sequelize defaulted SQLite to use MySQL backslash escaping, even though SQLite uses Postgres escapin...

CVE-2016-10554

sequelize is an Object-relational mapping, or a middleman to convert things from Postgres, MySQL, MariaDB, SQLite and Microsoft SQL Server into usable data for NodeJS. Before version 1.7.0-alpha3, sequelize defaulted SQLite to use MySQL backslash escaping, even though SQLite uses Postgres escapin...

CVE-2016-10553

sequelize is an Object-relational mapping, or a middleman to convert things from Postgres, MySQL, MariaDB, SQLite and Microsoft SQL Server into usable data for NodeJS. A fix was pushed out that fixed potential SQL injection in sequelize 2.1.3 and earlier...

CVE-2016-10553

sequelize is an Object-relational mapping, or a middleman to convert things from Postgres, MySQL, MariaDB, SQLite and Microsoft SQL Server into usable data for NodeJS. A fix was pushed out that fixed potential SQL injection in sequelize 2.1.3 and earlier...

Sql injection

sequelize is an Object-relational mapping, or a middleman to convert things from Postgres, MySQL, MariaDB, SQLite and Microsoft SQL Server into usable data for NodeJS. A fix was pushed out that fixed potential SQL injection in sequelize 2.1.3 and earlier...

Code injection

sequelize is an Object-relational mapping, or a middleman to convert things from Postgres, MySQL, MariaDB, SQLite and Microsoft SQL Server into usable data for NodeJS. Before version 1.7.0-alpha3, sequelize defaulted SQLite to use MySQL backslash escaping, even though SQLite uses Postgres escapin...