4769 matches found
Astra Linux - ΡΡΠ·Π²ΠΈΠΌΠΎΡΡΡ Π² sqlite3
A flaw was found in SQLite's SELECT query functionality src/select.c. This flaw allows an attacker who is capable of running SQL queries locally on the SQLite database to cause a denial of service or possible code execution by triggering a use-after-free. The highest threat from this vulnerabilit...
websec-sql-injection
WebSec SQL Injection Π£ΡΠ΅Π±Π½ΡΠΉ backend-ΠΏΡΠΎΠ΅ΠΊΡ ΠΏΠΎ Π±Π΅Π·ΠΎΠΏΠ°ΡΠ½ΠΎΡΡΠΈ Π²...
Exploit for CVE-2026-42167
ProFTPD Vulnerability POCs Proof-of-concept demonstrations fo...
sqlite-mcp has an Injection issue
A security flaw has been discovered in dubydu sqlite-mcp up to 0.1.0. The affected element is the function extracttojson of the file src/entry.py. Performing a manipulation of the argument outputfilename results in sql injection. Remote exploitation of the attack is possible. The exploit has been...
GHSA-4J28-22QP-RJCF sqlite-mcp has an Injection issue
A security flaw has been discovered in dubydu sqlite-mcp up to 0.1.0. The affected element is the function extracttojson of the file src/entry.py. Performing a manipulation of the argument outputfilename results in sql injection. Remote exploitation of the attack is possible. The exploit has been...
SQL Injection
Overview sqlite-mcp is an A lightweight Model Context Protocol server for allowing LLMs to autonomously interact with SQLite database. Affected versions of this package are vulnerable to SQL Injection via the extracttojson function. An attacker can execute arbitrary SQL commands by manipulating t...
CVE-2026-7206
A security flaw has been discovered in dubydu sqlite-mcp up to 0.1.0. The affected element is the function extracttojson of the file src/entry.py. Performing a manipulation of the argument outputfilename results in sql injection. Remote exploitation of the attack is possible. The exploit has been...
EUVD-2026-25963
A security flaw has been discovered in dubydu sqlite-mcp up to 0.1.0. The affected element is the function extracttojson of the file src/entry.py. Performing a manipulation of the argument outputfilename results in sql injection. Remote exploitation of the attack is possible. The exploit has been...
CVE-2026-7206
A security flaw has been discovered in dubydu sqlite-mcp up to 0.1.0. The affected element is the function extracttojson of the file src/entry.py. Performing a manipulation of the argument outputfilename results in sql injection. Remote exploitation of the attack is possible. The exploit has been...
CVE-2026-7206 dubydu sqlite-mcp entry.py extract_to_json sql injection
A security flaw has been discovered in dubydu sqlite-mcp up to 0.1.0. The affected element is the function extracttojson of the file src/entry.py. Performing a manipulation of the argument outputfilename results in sql injection. Remote exploitation of the attack is possible. The exploit has been...
CVE-2026-7206 dubydu sqlite-mcp entry.py extract_to_json sql injection
A security flaw has been discovered in dubydu sqlite-mcp up to 0.1.0. The affected element is the function extracttojson of the file src/entry.py. Performing a manipulation of the argument outputfilename results in sql injection. Remote exploitation of the attack is possible. The exploit has been...
PT-2026-35575
A security flaw has been discovered in dubydu sqlite-mcp up to 0.1.0. The affected element is the function extract to json of the file src/entry.py. Performing a manipulation of the argument output filename results in sql injection. Remote exploitation of the attack is possible. The exploit has...
SQLite MCP Server 注ε ₯ζΌζ΄
SQLite MCP Server is a lightweight tool developed by Doo Bui, an individual developer, that allows large models to operate SQLite databases autonomously. Versions of SQLite MCP Server 0.1.0 and earlier contained a vulnerability due to incorrect handling of the outputfilename parameter in the...
SQLi-Scanner-Lab
πΈοΈ Automated SQLi Vulnerability Scanner & Lab π Project Ov...
K000160994: SQLite vulnerability CVE-2025-70873
Security Advisory Description An information disclosure issue in the zipfileInflate function in the zipfile extension in SQLite v3.51.1 and earlier allows attackers to obtain heap memory via supplying a crafted ZIP file. CVE-2025-70873 Impact There is no impact; F5 products are not affected by th...
π SQLite 3.50.1 winsqlite3.dll Heap Overflow
This Metasploit local exploit module targets a heap overflow vulnerability in winsqlite3.dll in SQLite versions prior to 3.50.2 on Windows systems. It first attempts to detect the installed SQLite version, then generates a specially crafted database and SQL workload containing an excessive number...
secureflow
AI-Powered Smart Contract Security Scanner An automated block...
CLSA-2026-1777106754 sqlite: Fix of CVE-2018-8740
CVE-2018-8740: avoid a NULL pointer dereference when the sqlitemaster schema contains a corrupt CREATE TABLE AS entry...
sqlite: Fix of CVE-2018-8740
CVE-2018-8740: avoid a NULL pointer dereference when the sqlitemaster schema contains a corrupt CREATE TABLE AS entry...
[SECURITY] Fedora 44 Update: roundcubemail-1.7~rc6-1.fc44
RoundCube Webmail is a browser-based multilingual IMAP client with an application-like user interface. It provides full functionality you expect from an e-mail client, including MIME support, address book, folder manipulation, message searching and spell checking. RoundCube Webmail is written in...