4908 matches found
CVE-2025-3277
SQLite CVE-2025-3277: An integer overflow in concat_ws() can cause a heap buffer overflow of ~4GB by using an untruncated original size to allocate and then write, potentially enabling arbitrary code execution. This is documented across multiple advisories (Debian, AlmaLinux, Fedora, AIX RPM advi...
CVE-2025-3277
An integer overflow can be triggered in SQLite’s concatws function. The resulting, truncated integer is then used to allocate a buffer. When SQLite then writes the resulting string to the buffer, it uses the original, untruncated size and thus a wild Heap Buffer overflow of size 4GB can be...
CVE-2025-3277
An integer overflow can be triggered in SQLite’s concatws function. The resulting, truncated integer is then used to allocate a buffer. When SQLite then writes the resulting string to the buffer, it uses the original, untruncated size and thus a wild Heap Buffer overflow of size 4GB can be...
CVE-2025-3277
An integer overflow can be triggered in SQLite’s concatws function. The resulting, truncated integer is then used to allocate a buffer. When SQLite then writes the resulting string to the buffer, it uses the original, untruncated size and thus a wild Heap Buffer overflow of size 4GB can be...
CVE-2025-3277
An integer overflow can be triggered in SQLite’s concatws function. The resulting, truncated integer is then used to allocate a buffer. When SQLite then writes the resulting string to the buffer, it uses the original, untruncated size and thus a wild Heap Buffer overflow of size 4GB can be...
SQLite 输入验证错误漏洞
SQLite is a lightweight database from the SQLite open source, an ACID-compliant relational database management system. A security vulnerability exists in SQLite versions prior to 3.44.4 that stems from an integer overflow in the concatws function, which could lead to a heap buffer overflow and...
sqlite -- integer overflow
[email protected] reports: An integer overflow can be triggered in SQLites concatws function. The resulting, truncated integer is then used to allocate a buffer. When SQLite then writes the resulting string to the buffer, it uses the original, untruncated size and thus a wild Heap Buffe...
SQLite <= 3.49.0 DoS Vulnerability
SQLite is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:sqlite:sqlite";...
BIT-SQLITE-2025-29087
In SQLite 3.44.0 through 3.49.0 before 3.49.1, the concatws SQL function can cause memory to be written beyond the end of a malloc-allocated buffer. If the separator argument is attacker-controlled and has a large string e.g., 2MB or more, an integer overflow occurs in calculating the size of the...
Telegram-Scraper - A Powerful Python Script That Allows You To Scrape Messages And Media From Telegram Channels Using The Telethon Library
A powerful Python script that allows you to scrape messages and media from Telegram channels using the Telethon library. Features include real-time continuous scraping, media downloading, and data export capabilities. \ / / / / | | / \ \ \ | | \ \ / \ || \ / / / / Features 🚀 Scrape messages...
SUSE CVE-2025-29087
In SQLite 3.44.0 through 3.49.0 before 3.49.1, the concatws SQL function can cause memory to be written beyond the end of a malloc-allocated buffer. If the separator argument is attacker-controlled and has a large string e.g., 2MB or more, an integer overflow occurs in calculating the size of the...
Linux Distros Unpatched Vulnerability : CVE-2025-29087
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In SQLite 3.44.0 through 3.49.0 before 3.49.1, the concatws SQL function can cause memory to be written beyond the end of a malloc-allocated buffer. If the...
Integer Overflow or Wraparound
Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound through the SQLITEDBCONFIGLOOKASIDE interface. An attacker can disrupt service by supplying inputs with out-of-bounds arguments to sqlite3dbconfig. Remediation Upgrade sqlite3 to version 3.49.1 or higher...
ALPINE-CVE-2025-29088
In SQLite 3.49.0 before 3.49.1, certain argument values to sqlite3dbconfig in the C-language API can cause a denial of service application crash. An sznBig multiplication is not cast to a 64-bit integer, and consequently some memory allocations may be incorrect...
DEBIAN-CVE-2025-29088
In SQLite 3.49.0 before 3.49.1, certain argument values to sqlite3dbconfig in the C-language API can cause a denial of service application crash. An sznBig multiplication is not cast to a 64-bit integer, and consequently some memory allocations may be incorrect...
CVE-2025-29088
In SQLite 3.49.0 before 3.49.1, certain argument values to sqlite3dbconfig in the C-language API can cause a denial of service application crash. An sznBig multiplication is not cast to a 64-bit integer, and consequently some memory allocations may be incorrect...
CVE-2025-29088
In SQLite 3.49.0 before 3.49.1, certain argument values to sqlite3dbconfig in the C-language API can cause a denial of service application crash. An sznBig multiplication is not cast to a 64-bit integer, and consequently some memory allocations may be incorrect...
UBUNTU-CVE-2025-29088
In SQLite 3.49.0 before 3.49.1, certain argument values to sqlite3dbconfig in the C-language API can cause a denial of service application crash. An sznBig multiplication is not cast to a 64-bit integer, and consequently some memory allocations may be incorrect...
CVE-2025-29088
In SQLite 3.49.0 before 3.49.1, certain argument values to sqlite3dbconfig in the C-language API can cause a denial of service application crash. An sznBig multiplication is not cast to a 64-bit integer, and consequently some memory allocations may be incorrect...
SQLite 输入验证错误漏洞
SQLite is a lightweight database from the SQLite open source, an ACID-compliant relational database management system. A security vulnerability exists in SQLite version 3.49.0 that stems from an issue with the SQLITEDBCONFIGLOOKASIDE component that could lead to a denial of service...