Siemens SIMATIC S7-1500 Heap-based Buffer Overflow (CVE-2025-3277)

An integer overflow can be triggered in SQLite's 'concatws' function. The resulting, truncated integer is then used to allocate a buffer. When SQLite then writes the resulting string to the buffer, it uses the original, untruncated size and thus a wild Heap Buffer overflow of size 4GB can be...

Linux Distros Unpatched Vulnerability : CVE-2025-3277

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An integer overflow can be triggered in SQLite's concatws function. The resulting, truncated integer is then used to allocate a buffer. When SQLite then writes...

In SQLite 3.44.0 through 3.49.0 before 3.49.1, the concat_ws() SQL function can cause memory to be written beyond the end of a malloc-allocated buffer. If the separator argument is attacker-controlled and has a large string (e.g., 2MB or more), an integer overflow occurs in calculating the size of the result buffer, and thus malloc may not allocate enough memory.

...

UBUNTU-CVE-2025-3277

An integer overflow can be triggered in SQLite’s concatws function. The resulting, truncated integer is then used to allocate a buffer. When SQLite then writes the resulting string to the buffer, it uses the original, untruncated size and thus a wild Heap Buffer overflow of size 4GB can be...