Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sqlite vulnerabilities and exploits
(subscribe to this query)
605
VMScore
CVE-2018-7769
The vulnerability exists within processing of xmlserver.php in Schneider Electric U.motion Builder software versions prior to v1.3.4. The underlying SQLite database query is subject to SQL injection on the id input parameter.
Schneider-electric U.motion Builder
605
VMScore
CVE-2018-7773
The vulnerability exists within processing of nfcserver.php in Schneider Electric U.motion Builder software versions prior to v1.3.4. The underlying SQLite database query is subject to SQL injection on the sessionid input parameter.
Schneider-electric U.motion Builder
668
VMScore
CVE-2018-1132
A flaw was found in Opendaylight's SDNInterfaceapp (SDNI). Attackers can SQL inject the component's database (SQLite) without authenticating to the controller or SDNInterfaceapp. SDNInterface has been deprecated in OpenDayLight since it was last used in the final Carbon...
Opendaylight Sdninterfaceapp
668
VMScore
CVE-2017-2519
An issue exists in certain Apple products. iOS prior to 10.3.2 is affected. macOS prior to 10.12.5 is affected. tvOS prior to 10.2.1 is affected. watchOS prior to 3.2.2 is affected. The issue involves the "SQLite" component. It allows remote malicious users to execute a...
Apple Iphone Os
Apple Tvos
Apple Watchos
Apple Mac Os X
Debian Debian Linux 8.0
1 Article
668
VMScore
CVE-2017-2520
An issue exists in certain Apple products. iOS prior to 10.3.2 is affected. macOS prior to 10.12.5 is affected. tvOS prior to 10.2.1 is affected. watchOS prior to 3.2.2 is affected. The issue involves the "SQLite" component. It allows remote malicious users to execute a...
Apple Iphone Os
Apple Tvos
Apple Mac Os X
Apple Watchos
Debian Debian Linux 8.0
1 Article
187
VMScore
CVE-2020-27557
Unprotected Storage of Credentials vulnerability in BASETech GE-131 BT-1837836 firmware 20180921 allows local users to gain access to the video streaming username and password via SQLite files containing plain text credentials.
Basetech Ge-131 Bt-1837836 Firmware 20180921
NA
CVE-2023-32422
This issue was addressed by adding additional SQLite logging restrictions. This issue is fixed in iOS 16.5 and iPadOS 16.5, tvOS 16.5, macOS Ventura 13.4. An app may be able to bypass Privacy preferences.
Apple Macos
Apple Tvos
Apple Iphone Os
Apple Ipados
1 Github repository
668
VMScore
CVE-2019-10752
Sequelize, all versions prior to version 4.44.3 and 5.15.1, is vulnerable to SQL Injection due to sequelize.json() helper function not escaping values properly when formatting sub paths for JSON queries for MySQL, MariaDB and SQLite.
Sequelizejs Sequelize
169
VMScore
CVE-2020-25738
CyberArk Endpoint Privilege Manager (EPM) 11.1.0.173 allows malicious users to bypass a Credential Theft protection mechanism by injecting a DLL into a process that normally has credential access, such as a Chrome process that reads credentials from a SQLite database.
Cyberark Endpoint Privilege Manager 11.1.0.173
NA
CVE-2023-39939
SQL injection vulnerability in LuxCal Web Calendar before 5.2.3M (MySQL version) and LuxCal Web Calendar before 5.2.3L (SQLite version) allows a remote unauthenticated malicious user to execute arbitrary queries against the database and obtain or alter the information in it.
Luxsoft Luxcal Web Calendar
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »