Apple iOS Webkit SQLite authorizer arbitrary SQL function call vulnerability

Apple iOS is the latest operating system that runs on Apple's iPhone and iPod touch devices. An insufficient comparison vulnerability in the Apple iOS Webkit SQLite authorizer allows remote attackers to construct a malicious WEB page that can be called with arbitrary SQL functions by tricking the...

UBUNTU-CVE-2015-3659

The SQLite authorizer in the Storage functionality in WebKit in Apple Safari before 6.2.7, 7.x before 7.1.7, and 8.x before 8.0.7, as used in Apple iOS before 8.4 and other products, does not properly restrict access to SQL functions, which allows remote attackers to execute arbitrary code or cau...

CVE-2015-3659

The SQLite authorizer in the Storage functionality in WebKit in Apple Safari before 6.2.7, 7.x before 7.1.7, and 8.x before 8.0.7, as used in Apple iOS before 8.4 and other products, does not properly restrict access to SQL functions, which allows remote attackers to execute arbitrary code or cau...

Apple iOS 8.4 and OS X 10.10.4 fix vulnerabilities at a glance-vulnerability warning-the black bar safety net

Yesterday Apple released the latest iOS 8.4 and Mac OS X 10.10.4, the new version of the system contains a large number of security patches, fixing a remote code execution vulnerability, China certificate trust policy and other security issues. iOS 8.4 bug fixes list 1, iOS 8. 4 version of the...

Apple iOS SQLite Buffer Overflow Vulnerability

Apple iOS is the latest operating system that runs on Apple's iPhone and iPod touch devices. Multiple buffer overflows in the printf implementation of Apple iOS SQLite allow attackers to exploit vulnerabilities to conduct denial of service attacks or execute arbitrary code...

WebKit WebSQL ALTER TABLE Authorization Bypass Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of WebKit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of WebSQL. T...

Mac OS X 10.10.x < 10.10.4 Multiple Vulnerabilities (GHOST) (Logjam)

The remote host is running a version of Mac OS X 10.10.x that is prior to 10.10.4. It is, therefore, affected multiple vulnerabilities in the following components : - Admin Framework - afpserver - apache - AppleFSCompression - AppleGraphicsControl - AppleThunderboltEDMService - ATS - Bluetooth -...

SQLite Default Value Authorization Bypass Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of SQLite. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of DEFAULT...

SQLite printf Format String Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of SQLite. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the print...

Mac OS X Multiple Vulnerabilities (Security Update 2015-005) (GHOST) (Logjam)

The remote host is running a version of Mac OS X 10.8.5 or 10.9.5 that is missing Security Update 2015-005. It is, therefore, affected multiple vulnerabilities in the following components : - Admin Framework - afpserver - apache - AppleFSCompression - AppleGraphicsControl -...

Server: Local file inclusion on MS Windows Platform

Due to an improper control of the filename for a requireonce statement in the routing component a limited local file inclusion vulnerability is existent in all below mentioned ownCloud versions when running on the MS Windows Platform. Depending on the ownCloud configuration and the authentication...

PHP 5.6.x < 5.6.10 Multiple Vulnerabilities

According to its banner, the version of PHP 5.6.x running on the remote web server is prior to 5.6.10. It is, therefore, affected by multiple vulnerabilities : - Multiple heap buffer overflow conditions exist in the bundled Perl-Compatible Regular Expression PCRE library due to improper validatio...

DSA-3252-2 sqlite3 - security update

Bulletin has no description...

D-Link DSP-W110 Command Execution / SQL Injection / File Upload

D-Link DSP-W110 - multiple vulnerabilities ---- Discovered by: ---- Peter Adkins ---- Access: ---- Local network; unauthenticated access. ---- Tracking and identifiers: ---- CVE - None allocated. ---- Platforms / Firmware confirmed affected: ---- D-Link DSP-W110 Rev A - v1.05b01 ---- Notes: ----...

SQLite 'src/where.c' Memory Corruption Vulnerability

SQLite is an embedded database. SQLite has a remote memory corruption vulnerability in the 'src/where.c' implementation. An attacker can exploit this vulnerability to execute arbitrary code...

Debian Security Advisory DSA 3252-1 (sqlite3 - security update)

Michal Zalewski discovered multiple vulnerabilities in SQLite, which may result in denial of service or the execution of arbitrary code. OpenVAS Vulnerability Test $Id: deb3252.nasl 6609 2017-07-07 12:05:59Z cfischer $ Auto-generated from advisory DSA 3252-1 using nvtgen 1.0 Script version: 1.0...

SQLite multiple security vulnerabilities

Over 20 errors, including uninitialized memory access...

SQLite denial of service vulnerability-vulnerability warning-the black bar safety net

Affected system: SQLite SQLite 3.8.9 Description: -------------------------------------------------------------------------------- CVECAN ID: CVE-2 0 1 5-3 4 1 4 SQLite is an embedded database. SQLite 3.8.9 the previous version, there is no correct implementation of the collation sequence name is...

Fedora 20 : php-5.5.24-1.fc20 (2015-6399)

16 Apr 2015, PHP 5.5.24 Apache2handler : - Fixed bug 69218 potential remote code execution with apache 2.4 apache2handler. Gerrit Venema Core : - Fixed bug 66609 php crashes with get and ++ operator in some cases. Dmitry, Laruence - Fixed bug 67626 User exceptions not properly handled in streams...

SQLite Denial of Service Vulnerability (CNVD-2015-02750)

SQLite is an open source C-based embedded relational database management system developed by American software developer D. Richard Hipp. The system is characterized by independence, isolation, cross-platform and so on. A security vulnerability exists in SQLite versions prior to 3.8.9, which stem...