Security Bulletin: Security vulnerabilities due to SQLite3 (CVE-2025-6965), pam_namespace (CVE-2025-6020), systemd-coredump (CVE-2025-4598) and Perl (CVE-2025-40909) packages shipped with IBM CICS TX Advanced.

Summary Security vulnerabilities due to SQLite3 CVE-2025-6965, pamnamespace CVE-2025-6020, systemd-coredump CVE-2025-4598 and Perl CVE-2025-40909 packages shipped with IBM CICS TX Advanced. The package versions have been updated. Vulnerability Details CVEID:CVE-2025-4598 DESCRIPTION: A...

Metabase 0.41.x < 0.41.7 / 0.42.x < 0.42.4 / 1.41.x < 1.41.7 / 1.42.x < 1.42.4

The version of Metabase installed on the remote host is prior to Unknown. It is, therefore, affected by a Metabase is an open source business intelligence and analytics application. SQLite has an FDW-like feature called ATTACH DATABASE, which allows connecting multiple SQLite databases via the...

DEBIAN-CVE-2025-7709

An integer overflow exists in the FTS5 https://sqlite.org/fts5.html extension. It occurs when the size of an array of tombstone pointers is calculated and truncated into a 32-bit integer. A pointer to partially controlled data can then be written out of bounds...

CVE-2025-57141

rsbi-os 4.7 is vulnerable to Remote Code Execution RCE in sqlite-jdbc...

CVE-2025-57141

rsbi-os 4.7 is vulnerable to Remote Code Execution RCE in sqlite-jdbc...

UBUNTU-CVE-2025-7709

An integer overflow exists in the FTS5 https://sqlite.org/fts5.html extension. It occurs when the size of an array of tombstone pointers is calculated and truncated into a 32-bit integer. A pointer to partially controlled data can then be written out of bounds...

CVE-2025-7709 Out Of Bounds write in FTS5 Extension in SQLite

An integer overflow exists in the FTS5 https://sqlite.org/fts5.html extension. It occurs when the size of an array of tombstone pointers is calculated and truncated into a 32-bit integer. A pointer to partially controlled data can then be written out of bounds...

CVE-2025-7709 Out Of Bounds write in FTS5 Extension in SQLite

An integer overflow exists in the FTS5 https://sqlite.org/fts5.html extension. It occurs when the size of an array of tombstone pointers is calculated and truncated into a 32-bit integer. A pointer to partially controlled data can then be written out of bounds...

CVE-2025-7709

CVE-2025-7709 affects the SQLite FTS5 extension. The issue is an integer overflow when sizing an array of tombstone pointers, truncating a 64-bit size to 32-bit and enabling a write beyond allocated bounds to partially controlled data. Public records reference SQLite

RLSA-2025:14101 Important: mingw-sqlite security update

SQLite is a C library that implements an SQL database engine. A large subset of SQL92 is supported. A complete database is stored in a single disk file. The API is designed for convenience and ease of use. Applications that link against SQLite can enjoy the power and flexibility of an SQL databas...

mingw-sqlite security update

An update is available for mingw-sqlite. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list SQLite is a C library that implements an SQL database engine. A large...

Medium: rust

Issue Overview: There exists a vulnerability in SQLite versions before 3.50.2 where the number of aggregate terms could exceed the number of columns available. This could lead to a memory corruption issue. We recommend upgrading to version 3.50.2 or above. CVE-2025-6965 Affected Packages: rust...

rsbi-os 安全漏洞

rsbi-os is a Business Intelligence software system from Rays BI Personal Developer. A security vulnerability exists in rsbi-os version 4.7, which stems from a remote code execution in sqlite-jdbc...

CVE-2025-57141

rsbi-os 4.7 is vulnerable to Remote Code Execution RCE in sqlite-jdbc...

Amazon Linux 2023 : cargo, clippy, rust (ALAS2023-2025-1162)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-1162 advisory. There exists a vulnerability in SQLite versions before 3.50.2 where the number of aggregate terms could exceed the number of columns available. This could lead to a memory corruption issue. We recommen...

CVE-2025-57141

rsbi-os 4.7 is vulnerable to Remote Code Execution RCE in sqlite-jdbc...

PT-2025-36471

Name of the Vulnerable Software and Affected Versions: rsbi-os version 4.7 Description: rsbi-os version 4.7 is vulnerable to Remote Code Execution RCE in sqlite-jdbc. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability...

CVE-2025-57141

CVE-2025-57141 affects rsbi-os 4.7 with a vulnerability in sqlite-jdbc that allows Remote Code Execution (RCE). The CVSS 3.1 base score is 9.8 (CRITICAL) with network access, no user interaction, and no privileges required. The available connected documents do not provide concrete exploit details...

RockyLinux 8 : mingw-sqlite (RLSA-2025:14101)

The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2025:14101 advisory. sqlite: Integer Truncation in SQLite CVE-2025-6965 Tenable has extracted the preceding description block directly from the RockyLinux security advisory. Note tha...

SQLite FTS5 安全漏洞

SQLite FTS5 is a full-text search virtual table module for SQLite open source. A security vulnerability exists in SQLite FTS5 that stems from an integer overflow when calculating the size of an array of tombstone pointers, which could result in an out-of-bounds write...