SQLite: Multiple vulnerabilities

Background SQLite is a C library that implements an SQL database engine. Description Multiple vulnerabilities have been discovered in SQLite. Please review the CVE identifiers referenced below for details. Impact A remote attacker could possibly execute arbitrary code with the privileges of the...

The use of SQLite database files to achieve arbitrary code execution-vulnerability warning-the black bar safety net

! Foreword Recently, we have the Belkin WeMo smart home devices security is analyzed. In the course of the study, we developed a novelSQL injectiontechnology, this technology is for SQLite database. Experiments show that we can use this SQLite injection technology in the SQLite database to achiev...

uSQLite Denial of Service Vulnerability

SQLite is a database that is an ACID-compliant relational database management system contained in a relatively small C library. A denial of service vulnerability exists in uSQLite version 1.0.0, which can be exploited by an attacker to cause a denial of service program crash...

InfraPower PPS-02-S Q213V1 Cross Site Request Forgery

InfraPower PPS-02-S Q213V1 Cross-Site Request Forgery Vendor: Austin Hughes Electronics Ltd. Product web page: http://www.austin-hughes.com Affected version: Q213V1 Firmware: V2395S Summary: InfraPower Manager PPS-02-S is a FREE built-in GUI of each IP dongle IPD-02-S only to remotely monitor the...

InfraPower PPS-02-S Q213V1 - Local File Disclosure Vulnerability

Exploit for php platform in category web applications InfraPower PPS-02-S Q213V1 Local File Disclosure Vulnerability Vendor: Austin Hughes Electronics Ltd. Product web page: http://www.austin-hughes.com Affected version: Q213V1 Firmware: V2395S Fixed version: Q216V3 Firmware: IPD-02-FW-v03 Summar...

InfraPower PPS-02-S Q213V1 - Cross-Site Request Forgery Vulnerability

Exploit for php platform in category web applications InfraPower PPS-02-S Q213V1 Cross-Site Request Forgery Vendor: Austin Hughes Electronics Ltd. Product web page: http://www.austin-hughes.com Affected version: Q213V1 Firmware: V2395S Summary: InfraPower Manager PPS-02-S is a FREE built-in GUI o...

InfraPower PPS-02-S Q213V1 - Insecure Direct Object Reference

Exploit for php platform in category web applications InfraPower PPS-02-S Q213V1 Insecure Direct Object Reference Authorization Bypass Vendor: Austin Hughes Electronics Ltd. Product web page: http://www.austin-hughes.com Affected version: Q213V1 Firmware: V2395S Fixed version: Q216V3 Firmware:...

InfraPower PPS-02-S Q213V1 Hard-coded Credentials Remote Root Access

Summary InfraPower Manager PPS-02-S is a FREE built-in GUI of each IP dongle IPD-02-S only to remotely monitor the connected PDUs. Patented IP Dongle provides IP remote access to the PDUs by a true network IP address chain. Only 1xIP dongle allows access to max. 16 PDUs in daisy chain - which is ...

InfraPower PPS-02-S Q213V1 - Local File Disclosure

InfraPower PPS-02-S Q213V1 Local File Disclosure Vulnerability Vendor: Austin Hughes Electronics Ltd. Product web page: http://www.austin-hughes.com Affected version: Q213V1 Firmware: V2395S Fixed version: Q216V3 Firmware: IPD-02-FW-v03 Summary: InfraPower Manager PPS-02-S is a FREE built-in GUI ...

InfraPower PPS-02-S Q213V1 - Insecure Direct Object Reference

InfraPower PPS-02-S Q213V1 - Insecure Direct Object Reference InfraPower PPS-02-S Q213V1 Insecure Direct Object Reference Authorization Bypass Vendor: Austin Hughes Electronics Ltd. Product web page: http://www.austin-hughes.com Affected version: Q213V1 Firmware: V2395S Fixed version: Q216V3...

InfraPower PPS-02-S Q213V1 - Remote Command Execution

InfraPower PPS-02-S Q213V1 Unauthenticated Remote Root Command Execution Vendor: Austin Hughes Electronics Ltd. Product web page: http://www.austin-hughes.com Affected version: Q213V1 Firmware: V2395S Fixed version: Q216V3 Firmware: IPD-02-FW-v03 Summary: InfraPower Manager PPS-02-S is a FREE...

InfraPower PPS-02-S Q213V1 - Local File Disclosure

InfraPower PPS-02-S Q213V1 - Local File Disclosure InfraPower PPS-02-S Q213V1 Local File Disclosure Vulnerability Vendor: Austin Hughes Electronics Ltd. Product web page: http://www.austin-hughes.com Affected version: Q213V1 Firmware: V2395S Fixed version: Q216V3 Firmware: IPD-02-FW-v03 Summary:...

InfraPower PPS-02-S Q213V1 - Cross-Site Request Forgery

InfraPower PPS-02-S Q213V1 Cross-Site Request Forgery Vendor: Austin Hughes Electronics Ltd. Product web page: http://www.austin-hughes.com Affected version: Q213V1 Firmware: V2395S Summary: InfraPower Manager PPS-02-S is a FREE built-in GUI of each IP dongle IPD-02-S only to remotely monitor the...

InfraPower PPS-02-S Q213V1 - Unauthenticated Remote Root Command Execution Vulnerability

Exploit for php platform in category web applications InfraPower PPS-02-S Q213V1 Unauthenticated Remote Root Command Execution Vendor: Austin Hughes Electronics Ltd. Product web page: http://www.austin-hughes.com Affected version: Q213V1 Firmware: V2395S Fixed version: Q216V3 Firmware:...

InfraPower PPS-02-S Q213V1 - Cross-Site Request Forgery

InfraPower PPS-02-S Q213V1 - Cross-Site Request Forgery InfraPower PPS-02-S Q213V1 Cross-Site Request Forgery Vendor: Austin Hughes Electronics Ltd. Product web page: http://www.austin-hughes.com Affected version: Q213V1 Firmware: V2395S Summary: InfraPower Manager PPS-02-S is a FREE built-in GUI...

Mobile Banking - Dangerous filesystem permissions, External URLs, SQLite database found vulnerabilities

HackApp vulnerability scanner discovered that application Mobile Banking published at the 'play' market has multiple vulnerabilities...

SUSE SLES12 Security Update : apache2-mod_nss (SUSE-SU-2016:2396-1) (POODLE)

This update provides apache2-modnss 1.0.14, which brings several fixes and enhancements : - Fix OpenSSL ciphers stopped parsing at +. CVE-2016-3099 - Created valgrind suppression files to ease debugging. - Implement SSLPPTYPEFILTER to call executables to get the key password pins. - Improvements ...

SUSE-SU-2016:2396-1 Security update for apache2-mod_nss

This update provides apache2-modnss 1.0.14, which brings several fixes and enhancements: - Fix OpenSSL ciphers stopped parsing at +. CVE-2016-3099 - Created valgrind suppression files to ease debugging. - Implement SSLPPTYPEFILTER to call executables to get the key password pins. - Improvements t...

DEBIAN-CVE-2016-6153

osunix.c in SQLite before 3.13.0 improperly implements the temporary directory search algorithm, which might allow local users to obtain sensitive information, cause a denial of service application crash, or have unspecified other impact by leveraging use of the current working directory for...

CVE-2016-6153

osunix.c in SQLite before 3.13.0 improperly implements the temporary directory search algorithm, which might allow local users to obtain sensitive information, cause a denial of service application crash, or have unspecified other impact by leveraging use of the current working directory for...