CVE-2025-7458

An integer overflow in the sqlite3KeyInfoFromExprList function in SQLite versions 3.39.2 through 3.41.1 allows an attacker with the ability to execute arbitrary SQL statements to cause a denial of service or disclose sensitive information from process memory via a crafted SELECT statement with a...

UBUNTU-CVE-2025-7458

An integer overflow in the sqlite3KeyInfoFromExprList function in SQLite versions 3.39.2 through 3.41.1 allows an attacker with the ability to execute arbitrary SQL statements to cause a denial of service or disclose sensitive information from process memory via a crafted SELECT statement with a...

Integer Overflow or Wraparound

Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound in ORDER BY clauses. An attacker can cause denial of service or access sensitive process memory via crafted SELECT statement with a large number of terms in the ORDER BY clause. Remediation Upgrade sqlite3...

CVE-2025-7458 SQLite integer overflow in key info allocation may lead to information disclosure.

An integer overflow in the sqlite3KeyInfoFromExprList function in SQLite versions 3.39.2 through 3.41.1 allows an attacker with the ability to execute arbitrary SQL statements to cause a denial of service or disclose sensitive information from process memory via a crafted SELECT statement with a...

CVE-2025-7458

CVE-2025-7458 is confirmed in connected documents with concrete details: SQLite versions 3.39.2–3.41.1 contain an integer overflow in sqlite3KeyInfoFromExprList that can enable DoS or memory disclosure via a crafted ORDER BY with many expressions. IBM’s bulletin lists IBM Watson Cartridge impact ...

CVE-2025-7458 SQLite integer overflow in key info allocation may lead to information disclosure.

An integer overflow in the sqlite3KeyInfoFromExprList function in SQLite versions 3.39.2 through 3.41.1 allows an attacker with the ability to execute arbitrary SQL statements to cause a denial of service or disclose sensitive information from process memory via a crafted SELECT statement with a...

RHSA-2025:12010 Red Hat Security Advisory: sqlite security update

Bulletin has no description...

RHSA-2025:11992 Red Hat Security Advisory: sqlite security update

Bulletin has no description...

RHSA-2025:11933 Red Hat Security Advisory: sqlite security update

Bulletin has no description...

sqlite: Integer Truncation in SQLite

A memory corruption flaw was found in SQLite. Under specific conditions a query can be generated where the number of aggregate terms could exceed the number of columns available. This issue could lead to memory corruption and subsequent unintended behavior...

Important: Red Hat Security Advisory: sqlite security update

An update for sqlite is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

PT-2025-31202

Name of the Vulnerable Software and Affected Versions SQLite versions 3.39.2 through 3.41.1 Description An integer overflow in the sqlite3KeyInfoFromExprList function allows an attacker with the ability to execute arbitrary SQL statements to cause a denial of service or disclose sensitive...

SQLite 安全漏洞

SQLite is a lightweight database from the SQLite open source, a relational database management system that adheres to ACID. A security vulnerability exists in SQLite versions 3.39.2 through 3.41.1, which stems from an integer overflow that could result in a denial of service or disclosure of...

Oracle Linux 8 : sqlite (ELSA-2025-12010)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-12010 advisory. 3.26.0-20 - Fixes CVE-2025-6965 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has no...

Oracle Linux 9 : sqlite (ELSA-2025-11992)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-11992 advisory. 3.34.1-8 - Fixes CVE-2025-6965 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has not...

SQLite -- integer overflow in key info allocation

[email protected] reports: An integer overflow in the sqlite3KeyInfoFromExprList function in SQLite versions 3.39.2 through 3.41.1 allows an attacker with the ability to execute arbitrary SQL statements to cause a denial of service or disclose sensitive information from process memory v...

RHEL 8 : sqlite (RHSA-2025:12010)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:12010 advisory. SQLite is a C library that implements an SQL database engine. A large subset of SQL92 is supported. A complete database is stored in a single disk...

RHEL 9 : sqlite (RHSA-2025:12036)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:12036 advisory. SQLite is a C library that implements an SQL database engine. A large subset of SQL92 is supported. A complete database is stored in a single disk...

RHEL 9 : sqlite (RHSA-2025:11992)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:11992 advisory. SQLite is a C library that implements an SQL database engine. A large subset of SQL92 is supported. A complete database is stored in a single disk...

sqlite: Integer Truncation in SQLite

A memory corruption flaw was found in SQLite. Under specific conditions a query can be generated where the number of aggregate terms could exceed the number of columns available. This issue could lead to memory corruption and subsequent unintended behavior...