Arbitrary Code Execution

SQLite is vulnerable to arbitrary code execution. A stack-based buffer overflow and integer overflow in the sqlite3VXPrintf function in printf.c allows an attacker to execute arbitrary code on the host OS due to improperly handling of precision and width values during floating-point conversions...

Integer Overflow

sqlite3 is vlnerable to Integer overflow in SQLite via WebSQL in Google Chrome. It allows a remote attacker to potentially exploit heap corruption via a crafted HTML page...

Out Of Bound Reads

Google chrome is vulnerable to out of bound reads. Out of bounds read in SQLite in Google Chrome allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page...

Authorization Bypass

chrome is vulnerable to authorization bypass. Insufficient data validation in the SQLite allows a remote attacker to bypass authorization measures via a malicious HTML page...

openSUSE Security Update : fossil (openSUSE-2020-1478)

This update for fossil fixes the following issues : - fossil 2.12.1 : - CVE-2020-24614: Remote authenticated users with check-in or administrative privileges could have executed arbitrary code boo1175760 - Security fix in the 'fossil git export' command. New 'safety-net' features were added to...

Security update for fossil (important)

openSUSE Security Update: Security update for fossil Announcement ID: openSUSE-SU-2020:1478-1 Rating: important References: 1047218 1175760 Cross-References: CVE-2020-24614 Affected Products: openSUSE Leap 15.2 openSUSE Leap 15.1 openSUSE Backports SLE-15-SP2 openSUSE Backports SLE-15-SP1 An upda...

The vulnerability of the ext/fts3/fts3_snippet.c component of the SQLite database management system, which allows a hacker to cause a service failure.

The vulnerability of the ext/fts3/fts3snippet.c component of the SQLite database management system is related to the assignment of a null pointer. Exploiting this vulnerability could allow an attacker to cause a service failure...

The vulnerabilities of the alter.c and build.c components of the SQLite database management system allow a hacker to rename any columns in the table.

The vulnerability of the alter.c and build.c components of the SQLite database management system exists due to insufficient validation of input data. Exploiting this vulnerability could allow an attacker to rename any columns in the table at will...

About the security content of iTunes 12.10.9 for Windows

About the security content of iTunes 12.10.9 for Windows This document describes the security content of iTunes 12.10.9 for Windows. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and...

KLA12007 Multiple vulnerabilities in Apple iTunes

Multiple vulnerabilities were found in Apple iTunes. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, obtain sensitive information. Below is a complete list of vulnerabilities: 1. An out-of-bounds write vulnerability in ImageIO can be exploited...

Huawei EulerOS: Security Advisory for sqlite (EulerOS-SA-2020-1987)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization for ARM 64 3.0.2.0 : sqlite (EulerOS-SA-2020-1987)

According to the versions of the sqlite package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - A NULL pointer dereference flaw was found in SQLite when rewriting select statements for window functions. This flaw...

SQLMap v1.4.9 - Automatic SQL Injection And Database Takeover Tool

SQLMap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a powerful detection engine, many niche features for the ultimate penetration tester and a broad range of switches lastin...

Huawei EulerOS: Security Advisory for sqlite (EulerOS-SA-2020-1930)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

GHSA-FW4P-36J9-RRJ3 Denial of Service in sequelize

Versions of sequelize prior to 4.44.4 are vulnerable to Denial of Service DoS. The SQLite dialect fails to catch a TypeError exception for the results variable. The results value may be undefined and trigger the error on a .map call. This may allow attackers to submit malicious input that forces...

Denial of Service in sequelize

Versions of sequelize prior to 4.44.4 are vulnerable to Denial of Service DoS. The SQLite dialect fails to catch a TypeError exception for the results variable. The results value may be undefined and trigger the error on a .map call. This may allow attackers to submit malicious input that forces...

EulerOS 2.0 SP5 : sqlite (EulerOS-SA-2020-1930)

According to the versions of the sqlite packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - SQLite through 3.32.0 has a segmentation fault in sqlite3ExprCodeTarget in expr.c.CVE-2020-13435 - SQLite through 3.32.0 has an integer overflow...

The vulnerability of SQLite database software, related to errors in number processing, allows a hacker to trigger a service failure.

The vulnerability of SQLite database software is related to errors in number processing. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...

Huawei EulerOS: Security Advisory for sqlite (EulerOS-SA-2020-1908)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for sqlite (EulerOS-SA-2020-1883)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...