544 matches found
DEBIAN-CVE-2024-7009
Unsanitized user-input in Calibre = 7.15.0 allow users with permissions to perform full-text searches to achieve SQL injection on the SQLite database...
CVE-2024-7009
CVE-2024-7009 affects Calibre
SQLite3 from 3.6.0 to and including 3.27.2 is vulnerable to heap out-of-bound read in the rtreenode() function when handling invalid rtree tables.
...
CVE-2024-22077
An issue was discovered in Elspec G5 digital fault recorder versions 1.1.4.15 and before. The SQLite database file has weak permissions...
Elspec G5 digital fault recorder security vulnerability
Elspec G5 digital fault recorder is a digital fault recorder from Elspec, Israel, used to monitor and record fault events and waveform data in power systems. A security vulnerability exists in Elspec G5 digital fault recorder version 1.1.4.15 and earlier, which stems from weak file permissions in...
PT-2024-19187 · Elspec · Elspec G5 Digital Fault Recorder
Name of the Vulnerable Software and Affected Versions: Elspec G5 digital fault recorder versions 1.1.4.15 and before Description: The issue concerns weak permissions of the SQLite database file. Recommendations: For Elspec G5 digital fault recorder versions 1.1.4.15 and before, consider restricti...
Moderate: Red Hat Security Advisory: sqlite security update
An update for sqlite is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
sqlite: heap-buffer-overflow at sessionfuzz
A vulnerability has been identified in SQLite3. This issue affects the sessionReadRecord function of the ext/session/sqlite3session.c function in the make alltest Handler component. Manipulation may cause a heap-based buffer overflow to occur...
sqlite: heap-buffer-overflow at sessionfuzz
A vulnerability has been identified in SQLite3. This issue affects the sessionReadRecord function of the ext/session/sqlite3session.c function in the make alltest Handler component. Manipulation may cause a heap-based buffer overflow to occur...
ALSA-2024:0465 Moderate: sqlite security update
SQLite is a C library that implements an SQL database engine. A large subset of SQL92 is supported. A complete database is stored in a single disk file. The API is designed for convenience and ease of use. Applications that link against SQLite can enjoy the power and flexibility of an SQL databas...
Use After Free
Overview Affected versions of this package are vulnerable to Use After Free via the jsonParseAddNodeArray function in sqlite3.c file. An attacker can potentially lead to a denial of service by passing specially crafted malicious input to the application. Remediation Upgrade sqlite3 to version...
sqlite: heap-buffer-overflow at sessionfuzz
A vulnerability has been identified in SQLite3. This issue affects the sessionReadRecord function of the ext/session/sqlite3session.c function in the make alltest Handler component. Manipulation may cause a heap-based buffer overflow to occur...
DEBIAN-CVE-2023-7104
A vulnerability was found in SQLite SQLite3 up to 3.43.0 and classified as critical. This issue affects the function sessionReadRecord of the file ext/session/sqlite3session.c of the component make alltest Handler. The manipulation leads to heap-based buffer overflow. It is recommended to apply a...
CVE-2023-7104 SQLite SQLite3 make alltest sqlite3session.c sessionReadRecord heap-based overflow
A vulnerability was found in SQLite SQLite3 up to 3.43.0 and classified as critical. This issue affects the function sessionReadRecord of the file ext/session/sqlite3session.c of the component make alltest Handler. The manipulation leads to heap-based buffer overflow. It is recommended to apply a...
CLSA-2023-1698946014 sqlite: Fix of CVE-2022-35737
CVE-2022-35737: increase the size of loop variables in the printf implementation...
The vulnerability of the command-line interface of the SQLite database management system allows a hacker to gain unauthorized access to prohibited user functions.
The vulnerability of the command-line interface of the SQLite database management system is related to errors in the implementation of the azAllowedFunctions protection mechanism. Exploiting this vulnerability can allow an attacker to gain unauthorized access to prohibited user functions...
Improper Input Validation
apache-superset is vulnerable to Improper Input Validation. The vulnerability allows an attacker to trick a user into potentially registering a SQLite database connection incorrectly if an attacker employs alternative driver names such as sqlite+pysqlite or utilizes database imports. This...
GHSA-FM4Q-J8G4-C9J4 Apache Superset Improper Input Validation vulnerability
Apache Superset would allow for SQLite database connections to be incorrectly registered when an attacker uses alternative driver names like sqlite+pysqlite or by using database imports. This could allow for unexpected file creation on Superset webservers. Additionally, if Apache Superset is usin...
CVE-2023-39265 Apache Superset: Possible Unauthorized Registration of SQLite Database Connections
Apache Superset would allow for SQLite database connections to be incorrectly registered when an attacker uses alternative driver names like sqlite+pysqlite or by using database imports. This could allow for unexpected file creation on Superset webservers. Additionally, if Apache Superset is usin...
Apache Superset 输入验证错误漏洞
Apache Superset is a data visualization and data exploration platform from the Apache USA Foundation. A security bypass vulnerability exists in Apache Superset version 2.1.0 and earlier, which can be exploited by an attacker to register a SQLite database connection...