80 matches found
EUVD-2005-1093
Malware in sbrugna...
EUVD-2019-7778
Malware in sbrugna...
Important: sqlite
Issue Overview: SQLite through 3.40.0, when relying on --safe for execution of an untrusted CLI script, does not properly implement the azProhibitedFunctions protection mechanism, and instead allows UDF functions such as WRITEFILE. CVE-2022-46908 Affected Packages: sqlite Issue Correction: Run dn...
CVE-2024-53636
An arbitrary file upload vulnerability via writefile.php of Serosoft Academia Student Information System SIS EagleR-1.0.118 allows attackers to execute arbitrary code via ../ in the filePath parameter...
BIT-SQLITE-2022-46908
SQLite through 3.40.0, when relying on --safe for execution of an untrusted CLI script, does not properly implement the azProhibitedFunctions protection mechanism, and instead allows UDF functions such as WRITEFILE...
Path traversal
Rapid7 Insight Agent token handler versions 3.2.6 and below, suffer from a Directory Traversal vulnerability whereby unsanitized input from a CLI argument flows into io.ioutil.WriteFile, where it is used as a path. This can result in a Path Traversal vulnerability and allow an attacker to write...
CVE-2023-2273 Rapid7 Insight Agent Directory Traversal
Rapid7 Insight Agent token handler versions 3.2.6 and below, suffer from a Directory Traversal vulnerability whereby unsanitized input from a CLI argument flows into io.ioutil.WriteFile, where it is used as a path. This can result in a Path Traversal vulnerability and allow an attacker to write...
Huawei EulerOS: Security Advisory for sqlite (EulerOS-SA-2023-1588)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP11 : sqlite (EulerOS-SA-2023-1588)
According to the versions of the sqlite package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - SQLite through 3.40.0, when relying on --safe for execution of an untrusted CLI script, does not properly implement the azProhibitedFunctions...
EulerOS 2.0 SP11 : sqlite (EulerOS-SA-2023-1578)
According to the versions of the sqlite package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - SQLite through 3.40.0, when relying on --safe for execution of an untrusted CLI script, does not properly implement the azProhibitedFunctions...
Updated sqlite3 packages fix security vulnerability
SQLite through 3.40.0, when relying on --safe for execution of an untrusted CLI script, does not properly implement the azProhibitedFunctions protection mechanism, and instead allows UDF functions such as WRITEFILE. CVE-2022-46908...
SUSE CVE-2007-2438
The sandbox for vim allows dangerous functions such as 1 writefile, 2 feedkeys, and 3 system, which might allow user-assisted attackers to execute shell commands and write files via modelines...
SUSE CVE-2019-17371
gif2png 2.5.13 has a memory leak in the writefile function...
SUSE CVE-2022-46908
SQLite through 3.40.0, when relying on --safe for execution of an untrusted CLI script, does not properly implement the azProhibitedFunctions protection mechanism, and instead allows UDF functions such as WRITEFILE...
Security Restrictions Bypass
sqlite is vulnerable to security restrictions bypass. When relying on --safe for execution of an untrusted CLI script, it does not properly implement the azProhibitedFunctions protection mechanism, and instead allows UDF functions such as WRITEFILE...
OESA-2023-1219 sqlite security update
SQLite is a C-language library that implements a small, fast, self-contained, high-reliability, full-featured, SQL database engine. SQLite is the most used database engine in the world. SQLite is built into all mobile phones and most computers and comes bundled inside countless other applications...
SQLite through 3.40.0 when relying on --safe for execution of an untrusted CLI script does not properly implement the azProhibitedFunctions protection mechanism and instead allows UDF functions such as WRITEFILE.
...
DEBIAN-CVE-2022-46908
SQLite through 3.40.0, when relying on --safe for execution of an untrusted CLI script, does not properly implement the azProhibitedFunctions protection mechanism, and instead allows UDF functions such as WRITEFILE...
AZL-11586 CVE-2022-46908 affecting package sqlite for versions less than 3.39.2-2
SQLite through 3.40.0, when relying on --safe for execution of an untrusted CLI script, does not properly implement the azProhibitedFunctions protection mechanism, and instead allows UDF functions such as WRITEFILE...
UBUNTU-CVE-2022-46908
SQLite through 3.40.0, when relying on --safe for execution of an untrusted CLI script, does not properly implement the azProhibitedFunctions protection mechanism, and instead allows UDF functions such as WRITEFILE...