CVE-2018-16168
published 2019-01-09CVE-2018-16168: LogonTracer 1.2.0 and earlier allows remote attackers to conduct Python code injection attacks via unspecified vectors.
PriorityP349critical9.8CVSS 3.0
AVNACLPRNUINSUCHIHAH
EPSS
2.40%
82.0th percentile
LogonTracer 1.2.0 and earlier allows remote attackers to conduct Python code injection attacks via unspecified vectors.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ghost | sqlite3 | >= 0 < 3.11.0-1ubuntu1.3 | 3.11.0-1ubuntu1.3 |
| ghost | sqlite3 | >= 0 < 3.22.0-1ubuntu0.2 | 3.22.0-1ubuntu0.2 |
| jpcert | logontracer | <= 1.2.0 | — |
| jpcert_coordination_center | logontracer | — | — |
CVSS provenance
nvdv3.09.8CRITICALCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
osv7.5HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-m6hc-3x52-jgf5: LogonTracer 1
ghsa_unreviewed·2022-05-14
CVE-2018-16168 [CRITICAL] CWE-94 GHSA-m6hc-3x52-jgf5: LogonTracer 1
LogonTracer 1.2.0 and earlier allows remote attackers to conduct Python code injection attacks via unspecified vectors.
OSV
sqlite3 vulnerabilities
osv·2019-12-02·CVSS 7.5
CVE-2018-8740 sqlite3 vulnerabilities
sqlite3 vulnerabilities
It was discovered that SQLite incorrectly handled certain schemas.
An attacker could possibly use this issue to cause a denial of service.
This issue only affected Ubuntu 12.04 ESM. (CVE-2018-8740)
It was discovered that SQLite incorrectly handled certain schemas.
An attacker could possibly use this issue to cause a denial of service.
This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 19.04.
(CVE-2019-16168)
It was discovered that SQLite incorrectly handled certain schemas.
An attacker could possibly use this issue to mishandles some expressions.
This issue only affected Ubuntu 19.04 and Ubuntu 19.10. (CVE-2019-19242)
It was discovered that SQLite incorrectly handled certain queries.
An attacker could possibly use this issue to execute arbitr
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2019-01-09
Published