Oracle Linux 10 : sqlite (ELSA-2025-11933)

The remote Oracle Linux 10 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-11933 advisory. - Fix CVE-2025-6965 - Fix for CVE-2025-3277 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that...

AlmaLinux 8 : sqlite (ALSA-2025:12010)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:12010 advisory. sqlite: Integer Truncation in SQLite CVE-2025-6965 Tenable has extracted the preceding description block directly from the AlmaLinux security advisory. Note that...

Ubuntu 22.04 LTS / 24.04 LTS / 25.04 : SQLite vulnerability (USN-7676-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.04 host has packages installed that are affected by a vulnerability as referenced in the USN-7676-1 advisory. It was discovered that SQLite incorrectly handled certain numbers of aggregate terms. An attacker could use this issue to cause SQLite to cras...

RockyLinux 8 : nodejs:22 (RLSA-2025:4459)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:4459 advisory. c-ares: c-ares has a use-after-free in readanswers CVE-2025-31498 SQLite: integer overflow in SQLite CVE-2025-3277 Tenable has extracted the preceding...

RLSA-2025:11802 Important: nodejs:22 security update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: sqlite: Integer Truncation in SQLite CVE-2025-6965 For more details about the security issues, including the impact, a CVSS score, acknowledgments...

nodejs:22 security update

An update is available for module.nodejs-nodemon, nodejs-packaging, module.nodejs-packaging, nodejs-nodemon. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list...

nodejs:22 security update

An update is available for module.nodejs-nodemon, nodejs, nodejs-nodemon, nodejs-packaging, module.nodejs, module.nodejs-packaging. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

RLSA-2025:11803 Important: nodejs:22 security update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: sqlite: Integer Truncation in SQLite CVE-2025-6965 For more details about the security issues, including the impact, a CVSS score, acknowledgments...

CVE-2025-7458

An integer overflow in the sqlite3KeyInfoFromExprList function in SQLite versions 3.39.2 through 3.41.1 allows an attacker with the ability to execute arbitrary SQL statements to cause a denial of service or disclose sensitive information from process memory via a crafted SELECT statement with a...

CVE-2025-7458

An integer overflow in the sqlite3KeyInfoFromExprList function in SQLite versions 3.39.2 through 3.41.1 allows an attacker with the ability to execute arbitrary SQL statements to cause a denial of service or disclose sensitive information from process memory via a crafted SELECT statement with a...

CVE-2025-7458

CVE-2025-7458 is confirmed in connected documents with concrete details: SQLite versions 3.39.2–3.41.1 contain an integer overflow in sqlite3KeyInfoFromExprList that can enable DoS or memory disclosure via a crafted ORDER BY with many expressions. IBM’s bulletin lists IBM Watson Cartridge impact ...

CVE-2025-7458 SQLite integer overflow in key info allocation may lead to information disclosure.

An integer overflow in the sqlite3KeyInfoFromExprList function in SQLite versions 3.39.2 through 3.41.1 allows an attacker with the ability to execute arbitrary SQL statements to cause a denial of service or disclose sensitive information from process memory via a crafted SELECT statement with a...

CVE-2025-7458 SQLite integer overflow in key info allocation may lead to information disclosure.

An integer overflow in the sqlite3KeyInfoFromExprList function in SQLite versions 3.39.2 through 3.41.1 allows an attacker with the ability to execute arbitrary SQL statements to cause a denial of service or disclose sensitive information from process memory via a crafted SELECT statement with a...

RHEL 9 : sqlite (RHSA-2025:11992)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:11992 advisory. SQLite is a C library that implements an SQL database engine. A large subset of SQL92 is supported. A complete database is stored in a single disk...

Oracle Linux 9 : sqlite (ELSA-2025-11992)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-11992 advisory. 3.34.1-8 - Fixes CVE-2025-6965 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has not...

SQLite -- integer overflow in key info allocation

[email protected] reports: An integer overflow in the sqlite3KeyInfoFromExprList function in SQLite versions 3.39.2 through 3.41.1 allows an attacker with the ability to execute arbitrary SQL statements to cause a denial of service or disclose sensitive information from process memory v...

RHEL 9 : sqlite (RHSA-2025:12036)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:12036 advisory. SQLite is a C library that implements an SQL database engine. A large subset of SQL92 is supported. A complete database is stored in a single disk...

RHEL 8 : sqlite (RHSA-2025:12010)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:12010 advisory. SQLite is a C library that implements an SQL database engine. A large subset of SQL92 is supported. A complete database is stored in a single disk...

PT-2025-31202

Name of the Vulnerable Software and Affected Versions SQLite versions 3.39.2 through 3.41.1 Description An integer overflow in the sqlite3KeyInfoFromExprList function allows an attacker with the ability to execute arbitrary SQL statements to cause a denial of service or disclose sensitive...

USN-7676-1: SQLite vulnerability

It was discovered that SQLite incorrectly handled certain numbers of aggregate terms. An attacker could use this issue to cause SQLite to crash, resulting in a denial of service, or possibly execute arbitrary code...