CVE-2015-3717 affecting package sqlite 3.32.3-2

CVE-2015-3717 affecting package sqlite 3.32.3-2. A patched version of the package is available...

Denial Of Service (DoS)

sqlite is vulnerable to NULL pointer dereference. The vulnerability exists in ext/fts3/fts3snippet.c allowing a malicious attacker to cause a denial of service via a crafted matchinfo query...

Namespace Collision

sqlite is vulnerable to namespace collision vulnerability. The vulnerability is possible because sqlite allows a virtual table to be renamed to the name of one of its shadow tables, related to alter.c and build.c...

Denial Of Service(DoS)

sqlite is vulnerable to denial of service attacks. Generated column optimizations allow null pointer dereference and segmentation faults...

Denial Of Service (DoS)

sqlite is vulnerable to denial of service DoS.Use-after-free in fts3EvalNextRow in ext/fts3/fts3.c extension module in the way it implemented the snippet function.This flaw allows an attacker who can execute SQL statements to crash the application or potentially execute arbitrary code...

Out-of-bounds Read

sqlite is vulnerable to out-of-bounds read. A remote attacker can obtain sensitive information from process memory sending a crafted HTML page...

Huawei EulerOS: Security Advisory for sqlite (EulerOS-SA-2020-2453)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

sqlite: Use-after-free in fts3EvalNextRow in ext/fts3/fts3.c

A use-after-free vulnerability was found in the SQLite FTS3 extension module in the way it implemented the snippet function. This flaw allows an attacker who can execute SQL statements to crash the application or potentially execute arbitrary code...

sqlite: Out-of-bounds read in SELECT with ON/USING clause

An out-of-bounds read vulnerability was found in the SQLite component of the Chromium browser. A remote attacker could abuse this flaw to obtain potentially sensitive information from process memory via a crafted HTML page. The highest threat from this vulnerability is to data confidentiality...

sqlite: selectExpander in select.c proceeds with WITH stack unwinding even after a parsing error

selectExpander in select.c in SQLite 3.30.1 proceeds with WITH stack unwinding even after a parsing error...

sqlite: Division by zero in whereLoopAddBtreeIndex in sqlite3.c

In SQLite through 3.29.0, whereLoopAddBtreeIndex in sqlite3.c can crash a browser or other application because of missing validation of a sqlitestat1 sz field, aka a "severe division by zero in the query planner."...

sqlite: Use-after-free in window function leading to remote code execution

An exploitable use after free vulnerability exists in the window function functionality of Sqlite3 3.26.0. A specially crafted SQL command can cause a use after free vulnerability, potentially resulting in remote code execution. An attacker can send a malicious SQL command to trigger this...

Moderate: Red Hat Security Advisory: sqlite security update

An update for sqlite is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

sqlite: NULL pointer dereference in ext/fts3/fts3_snippet.c via a crafted matchinfo() query

A NULL pointer dereference flaw was found in the matchinfo auxiliary function of the SQLite FTS3 extension module. This flaw allows an attacker who can execute SQL statements to crash the application, resulting in a denial of service...

sqlite: Virtual table can be renamed into the name of one of its shadow tables

A flaw was found in the virtual table implementation of SQLite. This flaw allows an attacker who can execute SQL statements to rename a virtual table to the name of one of its shadow tables, leading to potential data corruption...

sqlite: NULL pointer dereference and segmentation fault because of generated column optimizations

A NULL pointer dereference was found in SQLite in the way it executes select statements with column optimizations. An attacker who is able to execute SQL statements can use this flaw to crash the application...

Huawei EulerOS: Security Advisory for sqlite (EulerOS-SA-2020-2398)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

RHEL 8 : sqlite (RHSA-2020:4442)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:4442 advisory. SQLite is a C library that implements an SQL database engine. A large subset of SQL92 is supported. A complete database is stored in a singl...

new module: perl:5.30

An update is available for perl-Pod-Perldoc, perl-DBI, perl-Pod-Escapes, perl-Devel-PPPort, perl-Pod-Usage, perl-Sub-Exporter, perl-perlfaq, perl-Object-HashBase, perl-CPAN-Meta-YAML, perl-Digest, perl-podlators, perl-bignum, perl-Text-ParseWords, perl-Text-Template, perl-DBD-MySQL, perl-Text-Glo...

Moderate: sqlite security update

SQLite is a C library that implements an SQL database engine. A large subset of SQL92 is supported. A complete database is stored in a single disk file. The API is designed for convenience and ease of use. Applications that link against SQLite can enjoy the power and flexibility of an SQL databas...