411 matches found
USN-5403-1: SQLite vulnerability
It was discovered that SQLite command-line component incorrectly handled certain queries. An attacker could possibly use this issue to cause a crash or possibly execute arbitrary code...
SQLite 安全漏洞
Sqlite is a lightweight database, a relational database management system that adheres to ACID. SQLite3 versions 3.35.1 and 3.37.0 contain a security vulnerability that can be exploited by attackers to query records and leak subsequent memory bytes beyond the record to obtain sensitive informatio...
Security Bulletin: IBM Security Guardium is affected by an SQLite vulnerability
Summary IBM Security Guardium has fixed this vulnerability Vulnerability Details CVEID: CVE-2019-19317 DESCRIPTION: SQLite is vulnerable to a denial of service, caused by an error in lookupName in resolve.c. By providing specially crafted input, a remote attacker could exploit this vulnerability ...
Security Bulletin: IBM Security Guardium is affected by an SQLite vulnerability
Summary IBM Security Guardium has fixed this vulnerability Vulnerability Details CVEID: CVE-2019-1551 DESCRIPTION: OpenSSL could allow a remote attacker to obtain sensitive information, caused by an overflow in the x6464 Montgomery squaring procedure used in exponentiation with 512-bit moduli. By...
CVE-2021-36690
A segmentation fault can occur in the sqlite3.exe command-line component of SQLite 3.36.0 via the idxGetTableInfo function when there is a crafted SQL query. NOTE: the vendor disputes the relevance of this report because a sqlite3.exe user already has full privileges e.g., is intentionally allowe...
Remote Code Execution (RCE)
chromium is vulnerable to remote code execution. The vulnerability exists due to a Use after free in sqlite...
Security Bulletin: Addressing the Sqlite Vulnerability CVE-2021-20227
Summary IBM Tivoli Composite Application Manager ITCAM for Transactions - Transaction Tracking has addressed the following SQLite vulnerability: Vulnerability Details CVEID: CVE-2021-20227 DESCRIPTION: SQLite is vulnerable to a denial of service, caused by a use-after-free flaw in the SELECT quer...
Microsoft Edge 资源管理错误漏洞
Google Chrome is a web browser from Google, Inc. A security vulnerability exists in sqlite in versions of Google Chrome prior to 92.0.4515.107. A remote attacker could exploit this vulnerability to execute arbitrary code on the system or cause a denial of service condition...
Tenable Nessus Agent <= 8.2.3 Third-Party Vulnerability (TNS-2021-08)
Tenable Nessus Agent is prone to a vulnerability in a third-party component sqlite. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
ALPINE-CVE-2021-20227
A flaw was found in SQLite's SELECT query functionality src/select.c. This flaw allows an attacker who is capable of running SQL queries locally on the SQLite database to cause a denial of service or possible code execution by triggering a use-after-free. The highest threat from this vulnerabilit...
The vulnerability of the SQLite database management system, related to writing data beyond the buffer boundaries in memory, allows an attacker to gain unauthorized access to protected information.
The vulnerability of the SQLite database management system is related to writing data beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...
Ubuntu 20.10 : SQLite vulnerability (USN-4732-1)
The remote Ubuntu 20.10 host has packages installed that are affected by a vulnerability as referenced in the USN-4732-1 advisory. SQLite could be made to crash or run programs if it processed a specially crafted query. Tenable has extracted the preceding description block directly from the Ubunt...
SQLite Resource Management Error Vulnerability
SQLite is a lightweight database that is an ACID compliant relational database management system. SQLite suffers from a resource management error vulnerability that stems from SQLite incorrectly handling certain subqueries. An attacker could use this vulnerability could exploit this issue to caus...
In SQLite before 3.32.3 select.c mishandles query-flattener optimization leading to a multiSelectOrderBy heap overflow because of misuse of transitive properties for constant propagation.
...
NewStart CGSL CORE 5.05 / MAIN 5.05 : sqlite Vulnerability (NS-SA-2020-0096)
The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has sqlite packages installed that are affected by a vulnerability: - Out of bounds write in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...
Integer Overflow
SQLite is vulnerable to integer overflow. An attacker may supply a crafted changes to FTS3 shadow tables, allowing execution arbitrary code by leveraging the ability to run arbitrary SQL statements...
Information Disclosure
SQLite is vulnerable to information disclosure. An attacker could trigger a heap-based buffer over-read in fts5HashEntrySort in sqlite3.c leading to a disclosure of sensitive information...
Security Bulletin: IBM Security Guardium is affected by an SQLite vulnerability
Summary IBM Security Guardium has fixed this vulnerability Vulnerability Details CVEID: CVE-2019-19959 DESCRIPTION: SQLite is vulnerable to a denial of service, caused by the mishandling of certain uses of INSERT INTO in situations involving embedded '\0' characters in filenames. By using a...
Security Bulletin: IBM Security Guardium is affected by an SQLite vulnerability
Summary IBM Security Guardium has fixed this vulnerability Vulnerability Details CVEID: CVE-2019-19242 DESCRIPTION: An unspecified error with the mishandling of pExpr-y.pTab in the sqlite3ExprCodeTarget function in expr.c in SQLite has an unknown impact and attack vector. CVSS Base score: 7.3 CVS...
USN-4438-1 sqlite3 vulnerability
It was discovered that SQLite incorrectly handled query-flattener optimization. An attacker could use this issue to cause SQLite to crash, resulting in a denial of service, or possibly execute arbitrary code...