Download
| Alert*
oval:org.secpod.oval:def:50303
The host is missing a security update according to Apple advisory, APPLE-SA-2019-1-22-2. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle unspecified vectors. Successful exploitation could allow attackers to cause memory ... oval:org.secpod.oval:def:50316 The host is missing a security update according to Apple advisory, APPLE-SA-2019-1-22-6. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle crafted web content. Successful exploitation could allow attackers to perform arbi ... oval:org.secpod.oval:def:89003115 This update for sqlite3 fixes the following issues: Security issues fixed: - CVE-2018-20346: Fixed a remote code execution vulnerability in FTS3 . - CVE-2018-20506: Fixed an integer overflow when FTS3 extension is enabled . oval:org.secpod.oval:def:89003370 This update for sqlite3 fixes the following issue: Security issue fixed: - CVE-2018-20346: Fixed a remote code execution vulnerability in FTS3 . oval:org.secpod.oval:def:1801271 SQLite before 3.25.3, when the FTS3 extension is enabled, encounters an integer overflow for FTS3 queries that occur after crafted changes to FTS3 shadow tables, allowing remote attackers to execute arbitrary code by leveraging the ability to run arbitrary SQL statements , aka Magellan. oval:org.secpod.oval:def:1801272 SQLite before 3.25.3, when the FTS3 extension is enabled, encounters an integer overflow for FTS3 queries that occur after crafted changes to FTS3 shadow tables, allowing remote attackers to execute arbitrary code by leveraging the ability to run arbitrary SQL statements , aka Magellan. oval:org.secpod.oval:def:1801273 SQLite before 3.25.3, when the FTS3 extension is enabled, encounters an integer overflow for FTS3 queries that occur after crafted changes to FTS3 shadow tables, allowing remote attackers to execute arbitrary code by leveraging the ability to run arbitrary SQL statements , aka Magellan. oval:org.secpod.oval:def:603586 Several vulnerabilities have been discovered in the chromium web browser. CVE-2018-17480 Guang Gong discovered an out-of-bounds write issue in the v8 javascript library. CVE-2018-17481 Several use-after-free issues were discovered in the pdfium library. CVE-2018-18335 A buffer overflow issue was dis ... oval:org.secpod.oval:def:1902122 SQLite before 3.25.3, when the FTS3 extension is enabled, encounters an integer overflow for FTS3 queries that occur after crafted changes to FTS3 shadow tables, allowing remote attackers to execute arbitrary code by leveraging the ability to run arbitrary SQL statements , aka Magellan. oval:org.secpod.oval:def:50304 The host is installed with Apple iCloud before 7.10 or Apple itunes before 12.9.3 and is prone to multiple memory corruption vulnerabilities. The flaws are present in the application, which fails to properly handle maliciously crafted SQL query. Successful exploitation could allow attackers to perfo ... oval:org.secpod.oval:def:2001514 SQLite before 3.25.3, when the FTS3 extension is enabled, encounters an integer overflow for FTS3 queries that occur after crafted changes to FTS3 shadow tables, allowing remote attackers to execute arbitrary code by leveraging the ability to run arbitrary SQL statements , aka Magellan. oval:org.secpod.oval:def:50332 The host is missing a security update according to Apple advisory, APPLE-SA-2019-1-22-6. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fail to properly handle validation or memory corruption issues. Successful exploitation could allow attacke ... oval:org.secpod.oval:def:50299 The host is installed with Apple Mac OS X 10.14.2 and is prone to multiple memory corruption vulnerabilities. The flaws are present in the application, which fails to properly handle an input validation issue. Successful exploitation allows an attacker to execute arbitrary code through a maliciously ... oval:org.secpod.oval:def:55642 sqlite3: C library that implements an SQL database engine Several security issues were fixed in SQLite. oval:org.secpod.oval:def:55538 sqlite3: C library that implements an SQL database engine Several security issues were fixed in SQLite. oval:org.secpod.oval:def:55539 sqlite3: C library that implements an SQL database engine Several security issues were fixed in SQLite. oval:org.secpod.oval:def:89045682 This update for sqlite3 fixes the following issues: sqlite3 is sync version 3.36.0 from Factory . The following CVEs have been fixed in upstream releases up to this point, but were not mentioned in the change log so far: * bsc#1173641, CVE-2020-15358: heap-based buffer overflow in multiSelectOrderBy ... oval:org.secpod.oval:def:116955 SQLite is a C library that implements an SQL database engine. A large subset of SQL92 is supported. A complete database is stored in a single disk file. The API is designed for convenience and ease of use. Applications that link against SQLite can enjoy the power and flexibility of an SQL database w ... oval:org.secpod.oval:def:55643 sqlite3: C library that implements an SQL database engine Several security issues were fixed in SQLite. |