CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Tenable Nessus•added 2016/02/18 12:0 a.m.•27 views

FreeBSD : adminer -- remote code execution (dd563930-d59a-11e5-8fa8-14dae9d210b8)

Jakub Vrana reports : Fix remote code execution in SQLite query %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from the FreeBSD VuXML database : Copyright 2003-2018 Jacques Vidrine and contributors Redistribution and use ...

8.2AI score

FreeBSD•added 2016/02/06 12:0 a.m.•19 views

adminer -- remote code execution

Jakub Vrana reports: Fix remote code execution in SQLite query...

2.8AI score

Fedora•added 2016/01/08 3:33 a.m.•12 views

[SECURITY] Fedora 22 Update: roundcubemail-1.1.4-2.fc22

RoundCube Webmail is a browser-based multilingual IMAP client with an application-like user interface. It provides full functionality you expect from an e-mail client, including MIME support, address book, folder manipulation, message searching and spell checking. RoundCube Webmail is written in...

0.2AI score

CNVD•added 2016/01/02 12:0 a.m.•2 views

SQLiteManager 'main.php' Cross-Site Scripting Vulnerability

SQLiteManager is a set of web-based SQLite database management tools that support multiple languages. SQLiteManager suffers from a cross-site scripting vulnerability that can be exploited by remote attackers to construct malicious URIs and trick users into parsing them, which can be used to obtai...

6.3AI score

Kitploit•added 2015/12/21 10:16 p.m.•22 views

YaVol - GUI for Volatility Framework and Yara

This is just another GUI for volatility and yara which could make someone's life easier. It is inteded for Incident responders for quick examination of a memory image. Results are stored in sqlite db for reuse. 1. Installation Clone repo git clone https://[email protected]/Ft44k/yavol.git...

7AI score

Metasploit•added 2015/12/21 6:16 p.m.•65 views

AD Computer, Group and Recursive User Membership to Local SQLite DB

This module will gather a list of AD groups, identify the users taking into account recursion and write this to a SQLite database for offline analysis and query using normal SQL syntax. This module requires Metasploit: https://metasploit.com/download Current source:...

7.9AI score

Kitploit•added 2015/12/18 9:28 p.m.•20 views

Ares - Python Botnet and Backdoor

Ares is made of two main programs: A Command aNd Control server, which is a Web interface to administer the agents An agent program, which is run on the compromised host, and ensures communication with the CNC The Web interface can be run on any server running Python. You need to install the...

7.6AI score

Kitploit•added 2015/12/03 9:35 p.m.•24 views

SpiderFoot v2.6.1 - Open Source Intelligence Automation

SpiderFoot is an open source intelligence automation tool. Its goal is to automate the process of gathering intelligence about a given target. Purpose There are three main areas where SpiderFoot can be useful: 1. If you are a pen-tester, SpiderFoot will automate the reconnaisance stage of the tes...

6.7AI score

seebug.org•added 2015/11/25 12:0 a.m.•12 views

SQLite fts3_tokenizer远程代码执行漏洞

No description provided by source...

7.1AI score

NVD•added 2015/11/22 3:59 a.m.•17 views

CVE-2015-7036

The fts3tokenizer function in SQLite, as used in Apple iOS before 8.4 and OS X before 10.10.4, allows remote attackers to execute arbitrary code or cause a denial of service application crash via a SQL command that triggers an API call with a crafted pointer value in the second argument...

7.5CVSS9.4AI score0.03516EPSS

Exploits0References4

UbuntuCve•added 2015/11/22 3:59 a.m.•20 views

CVE-2015-7036

7.5CVSS7.2AI score0.03516EPSS

Exploits0References4

Prion•added 2015/11/22 3:59 a.m.•23 views

Sql injection

7.5CVSS8.5AI score0.03516EPSS

Exploits0References4Affected Software2

Cvelist•added 2015/11/22 2:0 a.m.•16 views

CVE-2015-7036

6.8AI score0.03516EPSS

Exploits0References4

CVE•added 2015/11/22 2:0 a.m.•96 views

CVE-2015-7036

CVE-2015-7036: In SQLite, the fts3_tokenizer function is the root cause, with a crafted SQL command triggering an API call using a crafted pointer value, enabling remote code execution or a crash. Affected: Apple iOS before 8.4 and macOS/OS X before 10.10.4. The connected documents provide a conc...

7.5CVSS6.6AI score0.03516EPSS

Exploits0References4Affected Software1

CNVD•added 2015/11/22 12:0 a.m.•2 views

SQLite fts3_tokenizer remote code execution vulnerability

SQLite is an embedded database. SQLite suffers from a security vulnerability in the handling of the fts3tokenizer function, which can be exploited by a remote attacker to construct special structured pointers that can be used to execute arbitrary code in the context of the current process...

7.5CVSS9.6AI score0.03516EPSS

Zero Day Initiative•added 2015/11/18 12:0 a.m.•95 views

SQLite fts3_tokenizer Untrusted Pointer Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of SQLite. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the...

7.5CVSS6.7AI score0.03516EPSS

CNVD•added 2015/11/01 12:0 a.m.•2 views

Multiple SQL Injection Vulnerabilities in Zend Framework MsSql and SQLite

Zend Framework is a set of open source PHP5 development framework , it is mainly used to develop Web programs and services . Multiple SQL injection vulnerabilities exist in Zend Framework MsSql and SQLite, allowing remote attackers to exploit the vulnerabilities to submit specially crafted SQL...

8.1AI score

RedhatCVE•added 2015/10/30 10:8 a.m.•21 views

CVE-2007-1887

Buffer overflow in the sqlitedecodebinary function in the bundled sqlite library in PHP 4 before 4.4.5 and PHP 5 before 5.2.1 allows context-dependent attackers to execute arbitrary code via an empty value of the in parameter, as demonstrated by calling the sqliteudfdecodebinary function with a...

7.5CVSS8.1AI score0.0441EPSS