SUSE CVE-2020-35525

In SQlite 3.31.1, a potential null pointer derreference was found in the INTERSEC query processing...

SUSE CVE-2020-35527

In SQLite 3.31.1, there is an out of bounds access problem through ALTER TABLE for views that have a nested FROM clause...

SUSE CVE-2021-20227

A flaw was found in SQLite's SELECT query functionality src/select.c. This flaw allows an attacker who is capable of running SQL queries locally on the SQLite database to cause a denial of service or possible code execution by triggering a use-after-free. The highest threat from this vulnerabilit...

SUSE CVE-2021-29625

Adminer is open-source database management software. A cross-site scripting vulnerability in Adminer versions 4.6.1 to 4.8.0 affects users of MySQL, MariaDB, PgSQL and SQLite. XSS is in most cases prevented by strict CSP in all modern browsers. The only exception is when Adminer is using a pdo...

SUSE CVE-2021-30569

Use after free in sqlite in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

SUSE CVE-2021-36690

A segmentation fault can occur in the sqlite3.exe command-line component of SQLite 3.36.0 via the idxGetTableInfo function when there is a crafted SQL query. NOTE: the vendor disputes the relevance of this report because a sqlite3.exe user already has full privileges e.g., is intentionally allowe...

SUSE CVE-2021-42523

There are two Information Disclosure vulnerabilities in colord, and they lie in colord/src/cd-device-db.c and colord/src/cd-profile-db.c separately. They exist because the 'errmsg' of 'sqlite3exec' is not releasing after use, while libxml2 emphasizes that the caller needs to release it...

SUSE CVE-2021-45346

A Memory Leak vulnerability exists in SQLite Project SQLite3 3.35.1 and 3.37.0 via maliciously crafted SQL Queries made via editing the Database File, it is possible to query a record, and leak subsequent bytes of memory that extend beyond the record, which could let a malicious user obtain...

SUSE CVE-2022-31631

In PHP versions 8.0. before 8.0.27, 8.1. before 8.1.15, 8.2. before 8.2.2 when using PDO::quote function to quote user-supplied data for SQLite, supplying an overly long string may cause the driver to incorrectly quote the data, which may further lead to SQL injection vulnerabilities...

SUSE CVE-2022-35737

SQLite 1.0.12 through 3.39.x before 3.39.2 sometimes allows an array-bounds overflow if billions of bytes are used in a string argument to a C API...

SUSE CVE-2022-46908

SQLite through 3.40.0, when relying on --safe for execution of an untrusted CLI script, does not properly implement the azProhibitedFunctions protection mechanism, and instead allows UDF functions such as WRITEFILE...

K000132492: SQLite vulnerability CVE-2022-46908

Security Advisory Description SQLite through 3.40.0, when relying on --safe for execution of an untrusted CLI script, does not properly implement the azProhibitedFunctions protection mechanism, and instead allows UDF functions such as WRITEFILE. CVE-2022-46908 Impact There is no impact; F5 produc...

Leaktopus - Keep Your Source Code Under Control

Keep your source code under control. Key Features Plug &Play - one line installation with Docker. Scan various sources containing a set of keywords, e.g. ORGANIZATION-NAME.com. Currently supports: GitHub Repositories Gists coming soon Paste sites e.g., PasteBin coming soon Filter results with a...

SQLite Detection (Windows)

Binary data sqlitewininstalled.nbin...

Security Bulletin: Multiple Vulnerabilities in CloudPak for Watson AIOPs

Summary Multiple vulnerabilities were fixed in IBM Cloud Pak for Watson AIOps version 3.6.1 Vulnerability Details CVEID:CVE-2022-40674 DESCRIPTION: libexpat could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free in the doContent function in xmlparse.c. A...

Amazon Linux 2022 : lemon, sqlite, sqlite-analyzer (ALAS2022-2023-266)

It is, therefore, affected by a vulnerability as referenced in the ALAS2022-2023-266 advisory. SQLite 1.0.12 through 3.39.x before 3.39.2 sometimes allows an array-bounds overflow if billions of bytes are used in a string argument to a C API. CVE-2022-35737 Tenable has extracted the preceding...

AlmaLinux 9 : sqlite (ALSA-2023:0339)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2023:0339 advisory. - SQLite 1.0.12 through 3.39.x before 3.39.2 sometimes allows an array-bounds overflow if billions of bytes are used in a string argument to a C API. CVE-2022-3573...

Updated php packages fix security vulnerability

Update to php version 8.0.27 fixes PDO/SQLite, where PDO::quote may return unquoted string See referenced changelog for other changes...

MGASA-2023-0013 Updated php packages fix security vulnerability

Update to php version 8.0.27 fixes PDO/SQLite, where PDO::quote may return unquoted string See referenced changelog for other changes...

sqlite security update

3.34.1-6 - Fixes CVE-2022-35737...