SUSE CVE-2022-35737

SQLite 1.0.12 through 3.39.x before 3.39.2 sometimes allows an array-bounds overflow if billions of bytes are used in a string argument to a C API...

AlmaLinux 8 : sqlite (ALSA-2023:0110)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2023:0110 advisory. - SQLite 1.0.12 through 3.39.x before 3.39.2 sometimes allows an array-bounds overflow if billions of bytes are used in a string argument to a C API. CVE-2022-3573...

OESA-2022-2146 sqlite security update

Security Fixes: SQLite through 3.40.0, when relying on --safe for execution of an untrusted CLI script, does not properly implement the azProhibitedFunctions protection mechanism, and instead allows UDF functions such as WRITEFILE.CVE-2022-46908...

SQLite through 3.40.0 when relying on --safe for execution of an untrusted CLI script does not properly implement the azProhibitedFunctions protection mechanism and instead allows UDF functions such as WRITEFILE.

...

SQL Injection

Overview Affected versions of this package are vulnerable to SQL Injection. When relying on --safe for execution of an untrusted CLI script, does not properly implement the azProhibitedFunctions protection mechanism, and instead allows UDF functions such as WRITEFILE. Remediation Upgrade sqlite3 ...

CVE-2022-46908

SQLite through 3.40.0, when relying on --safe for execution of an untrusted CLI script, does not properly implement the azProhibitedFunctions protection mechanism, and instead allows UDF functions such as WRITEFILE...

PT-2022-6939 · Sqlite +3 · Sqlite +3

Name of the Vulnerable Software and Affected Versions: SQLite versions prior to 3.40.0 Description: The issue is related to errors in the implementation of the azAllowedFunctions protection mechanism in the SQLite database management system's command-line interface. This could allow an attacker t...

SQLite 安全漏洞

SQLite is a lightweight database that is an ACID compliant relational database management system. A security vulnerability exists in SQLite 3.40.0 and prior versions that stems from not properly implementing the azProhibitedFunctions protection mechanism when relying on --safe to execute untruste...

CVE-2022-46908

SQLite through 3.40.0, when relying on --safe for execution of an untrusted CLI script, does not properly implement the azProhibitedFunctions protection mechanism, and instead allows UDF functions such as WRITEFILE...

USN-5716-1: SQLite vulnerability

It was discovered that SQLite incorrectly handled certain long string arguments. An attacker could use this issue to cause SQLite to crash, resulting in a denial of service, or possibly execute arbitrary code...

Ubuntu 16.04 ESM : SQLite vulnerability (USN-5712-1)

The remote Ubuntu 16.04 ESM host has packages installed that are affected by a vulnerability as referenced in the USN-5712-1 advisory. It was discovered that SQLite did not properly handle large string inputs in certain circumstances. An attacker could possibly use this issue to cause a denial of...

Denial of Service (DoS)

Overview Affected versions of this package are vulnerable to Denial of Service DoS via the FTS3 extension, due to 32-bit signed integer overflow. In order to exploit this vulnerability, the attacker must have full SQL access and must be able to construct a corrupt database with over 2GB of FTS3...

CLSA-2022-1665073587 Fixed CVEs in sqlite: CVE-2020-35525, CVE-2021-20223

CVE-2021-20223: prevent fts5 tokenizer unicode61 from considering '\0' to be a token characters, even if other characters of class "Cc" are. - CVE-2020-35525: fix a potential null pointer dereference...

USN-5615-2 sqlite3 vulnerability

USN-5615-1 fixed several vulnerabilities in SQLite. This update provides the corresponding fix for CVE-2020-35525 for Ubuntu 16.04 ESM. Original advisory details: It was discovered that SQLite incorrectly handled INTERSEC query processing. An attacker could use this issue to cause SQLite to crash...

Ubuntu 16.04 ESM : SQLite vulnerability (USN-5615-2)

The remote Ubuntu 16.04 ESM host has packages installed that are affected by a vulnerability as referenced in the USN-5615-2 advisory. USN-5615-1 fixed several vulnerabilities in SQLite. This update provides the corresponding fix for CVE-2020-35525 for Ubuntu 16.04 ESM. Tenable has extracted the...

DEBIAN-CVE-2020-35527

In SQLite 3.31.1, there is an out of bounds access problem through ALTER TABLE for views that have a nested FROM clause...

PT-2022-9171 · Sqlite +2 · Sqlite +2

Name of the Vulnerable Software and Affected Versions: Sqlite versions prior to 3.34.0 Description: An issue was found in the fts5UnicodeTokenize function in ext/fts5/fts5 tokenize.c in Sqlite. A unicode61 tokenizer configured to treat unicode "control-characters" class Cc, was treating embedded...

编号撤回

SQLite is a lightweight database that is an ACID-compliant relational database management system. SQLite has a security vulnerability that stems from the fts5UnicodeTokenize function of its ext/fts5/fts5tokenize.c component that handles unicode " control-characters" class Cc of the unicode61...

PT-2022-37207 · Sqlite3 · Sqlite3

Name of the Vulnerable Software and Affected Versions: sqlite3 affected versions not specified Description: The issue is related to a heap-buffer-overflow read. Technical details about the crash include the sqlite3VdbeExec and sqlite3 step functions, as well as the osquery::readRows function...

Security Bulletin: A vulneraqbility in SQLite affects IBM Cloud Application Performance Managment R esponse Time Monitoring RRT Agent (CVE-2021-45346)

Summary A Memory Leak vulnerabilty exists in SQLite Project SQLite3 3.35.1 and 3.37.0 via maliciously crafted SQL Queries made via editing the Database File, it is possible to query a record, and leak subsequent bytes of memory that extend beyond the record, which could let a malicous user obtain...