23 matches found
EUVD-2020-19726
Malware in sbrugna...
EUVD-2001-0588
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2020-27207
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Zetetic SQLCipher 4.x before 4.4.1 has a use-after-free, related to sqlciphercodecpragma and sqlite3Strlen30 in sqlite3.c. A remote denial of service attack can...
CVE-2021-3119
Zetetic SQLCipher 4.x before 4.4.3 has a NULL pointer dereferencing issue related to sqlcipherexport in crypto.c and sqlite3StrICmp in sqlite3.c. This may allow an attacker to perform a remote denial of service attack. For example, an SQL injection can be used to execute the crafted SQL command...
CVE-2021-3119
Zetetic SQLCipher 4.x before 4.4.3 has a NULL pointer dereferencing issue related to sqlcipherexport in crypto.c and sqlite3StrICmp in sqlite3.c. This may allow an attacker to perform a remote denial of service attack. For example, an SQL injection can be used to execute the crafted SQL command...
Null pointer dereference
Zetetic SQLCipher 4.x before 4.4.3 has a NULL pointer dereferencing issue related to sqlcipherexport in crypto.c and sqlite3StrICmp in sqlite3.c. This may allow an attacker to perform a remote denial of service attack. For example, an SQL injection can be used to execute the crafted SQL command...
CVE-2021-3119
Zetetic SQLCipher 4.x before 4.4.3 has a NULL pointer dereferencing issue related to sqlcipherexport in crypto.c and sqlite3StrICmp in sqlite3.c. This may allow an attacker to perform a remote denial of service attack. For example, an SQL injection can be used to execute the crafted SQL command...
CVE-2021-3119
Zetetic SQLCipher 4.x before 4.4.3 has a NULL pointer dereferencing issue related to sqlcipherexport in crypto.c and sqlite3StrICmp in sqlite3.c. This may allow an attacker to perform a remote denial of service attack. For example, an SQL injection can be used to execute the crafted SQL command...
CVE-2021-3119
Zetetic SQLCipher 4.x before 4.4.3 has a NULL pointer dereferencing issue related to sqlcipherexport in crypto.c and sqlite3StrICmp in sqlite3.c. This may allow an attacker to perform a remote denial of service attack. For example, an SQL injection can be used to execute the crafted SQL command...
Zetetic Sqlcipher 代码问题漏洞
Zetetic Sqlcipher is a SqlLite-based database from Zetetic USA. The database provides a SqlLite-like access API with numerous added security elements. A code issue vulnerability exists in Zetetic SQLCipher version 4.x prior to version 4.4.3, which stems from a null pointer dereference. An attacke...
PT-2021-19200 · Zetetic +1 · Sqlcipher +1
Name of the Vulnerable Software and Affected Versions: Zetetic SQLCipher versions 4.x before 4.4.3 Description: The issue is related to a NULL pointer dereferencing problem in the sqlcipher export function in crypto.c and the sqlite3StrICmp function in sqlite3.c. This may allow an attacker to...
Zetetic Sqlcipher Resource Management Error Vulnerability
Zetetic Sqlcipher is a SqlLite-based database from Zetetic USA. The database provides a SqlLite-like access API while adding numerous security elements. A resource management error vulnerability exists in Zetetic SQLCipher versions 4.x through 4.4.1, which stems from sqlciphercodecpragma and...
CVE-2020-27207
Zetetic SQLCipher 4.x before 4.4.1 has a use-after-free, related to sqlciphercodecpragma and sqlite3Strlen30 in sqlite3.c. A remote denial of service attack can be performed. For example, a SQL injection can be used to execute the crafted SQL command sequence. After that, some unexpected RAM data...
CVE-2020-27207
Zetetic SQLCipher 4.x before 4.4.1 has a use-after-free, related to sqlciphercodecpragma and sqlite3Strlen30 in sqlite3.c. A remote denial of service attack can be performed. For example, a SQL injection can be used to execute the crafted SQL command sequence. After that, some unexpected RAM data...
Sql injection
Zetetic SQLCipher 4.x before 4.4.1 has a use-after-free, related to sqlciphercodecpragma and sqlite3Strlen30 in sqlite3.c. A remote denial of service attack can be performed. For example, a SQL injection can be used to execute the crafted SQL command sequence. After that, some unexpected RAM data...
UBUNTU-CVE-2020-27207
Zetetic SQLCipher 4.x before 4.4.1 has a use-after-free, related to sqlciphercodecpragma and sqlite3Strlen30 in sqlite3.c. A remote denial of service attack can be performed. For example, a SQL injection can be used to execute the crafted SQL command sequence. After that, some unexpected RAM data...
CVE-2020-27207
Zetetic SQLCipher 4.x before 4.4.1 has a use-after-free, related to sqlciphercodecpragma and sqlite3Strlen30 in sqlite3.c. A remote denial of service attack can be performed. For example, a SQL injection can be used to execute the crafted SQL command sequence. After that, some unexpected RAM data...
CVE-2020-27207
CVE-2020-27207 affects Zetetic SQLCipher 4.x prior to 4.4.1. The issue is a use-after-free in conjunction with sqlcipher_codec_pragma and sqlite3Strlen30 in sqlite3.c, enabling a remote denial-of-service via a crafted SQL command sequence. Affected component is the SQLCipher/SQLite codepath; impa...
Zetetic Sqlcipher 资源管理错误漏洞
Zetetic Sqlcipher is a SqlLite-based database from Zetetic USA. The database provides a SqlLite-like access API while adding numerous security elements. A resource management error vulnerability exists in Zetetic SQLCipher versions 4.x through 4.4.1, which stems from sqlciphercodecpragma and...
PT-2020-16662 · Zetetic +1 · Sqlcipher +1
Name of the Vulnerable Software and Affected Versions: Zetetic SQLCipher versions 4.x before 4.4.1 Description: The issue is related to a use-after-free error, specifically involving sqlcipher codec pragma and sqlite3Strlen30 in sqlite3.c. This can lead to a remote denial of service attack. An...