CVE-2025-70873

An information disclosure issue in the zipfileInflate function in the zipfile extension in SQLite v3.51.1 and earlier allows attackers to obtain heap memory via supplying a crafted ZIP file...

Advisory ROSA-SA-2026-3200

Software: sqlite 3.26.0 OS: ROSA Virtualization 2.1 unaffected versions = sqlite-3.26.0-20.rv3 affected versions sqlite-3.26.0-20.rv3 CVE-ID: CVE-2020-24736 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: A buffer overflow vulnerability in SQLite3 allows a local attacker to cause a denial of service DoS...

Advisory ROSA-SA-2026-3182

Software: sqlite 3.26.0 OS: ROSA Virtualization 3.0 unaffected versions = sqlite-3.26.0-20.rv30 affected versions sqlite-3.26.0-20.rv30 CVE-ID: CVE-2025-6965 BDU-ID: 2025-08786 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the Aggregate Term Handler component of the SQLite database management syst...

Advisory ROSA-SA-2026-3162

Software: sqlite 3.26.0 OS: ROSA Virtualization 3.1 unaffected versions = sqlite-3.26.0-20.rv31 affected versions sqlite-3.26.0-20.rv31 CVE-ID: CVE-2025-6965 BDU-ID: 2025-08786 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the Aggregate Term Handler component of the SQLite database management syst...

Security Bulletin: Vulnerabilities in SQLite affects IBM watsonx Orchestrate with watsonx Assistant Cartridge

Summary Potential vulnerability in SQLite has been identified that affects IBM watsonx Orchestrate with watsonx Assistant Cartridge - UAB Component. The vulnerability has been addressed. Refer to details for additional information. Vulnerability Details CVEID:CVE-2025-3277 DESCRIPTION: An integer...

MiracleLinux 8 : sqlite-3.26.0-13.el8 (AXSA:2021-1806:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-1806:01 advisory. sqlite: integer overflow in sqlite3strvappendf function in printf.c CVE-2020-13434 sqlite: heap-based buffer overflow in multiSelectOrderBy due to...

MiracleLinux 8 : sqlite-3.26.0-19.el8_9 (AXSA:2024-7420:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-7420:01 advisory. sqlite: heap-buffer-overflow at sessionfuzz CVE-2023-7104 Tenable has extracted the preceding description block directly from the MiracleLinux security...

MiracleLinux 7 : sqlite-3.7.17-8.el7.1 (AXSA:2020-047:01)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2020-047:01 advisory. Fixes for CVE-2019-13734 CVE-2019-13734 Out of bounds write in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit...

MiracleLinux 7 : sqlite-3.7.17-8.1.0.1.el7.AXS7 (AXSA:2025-10767:03)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-10767:03 advisory. CVE-2025-6965: fix memory corruption issue caused by a query where the number of aggregate terms could exceed the number of columns available. CVEs:...

MiracleLinux 8 : sqlite-3.26.0-20.el8_10 (AXSA:2025-10668:02)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-10668:02 advisory. sqlite: Integer Truncation in SQLite CVE-2025-6965 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory...

MiracleLinux 9 : sqlite-3.34.1-9.el9_7 (AXSA:2025-11450:04)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-11450:04 advisory. sqlite: Integer Truncation in SQLite CVE-2025-6965 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory...

CVE-2019-2195

In tokenize of sqlite3android.cpp, there is a possible attacker controlled INSERT statement due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

EulerOS 2.0 SP9 : sqlite (EulerOS-SA-2026-1017)

According to the versions of the sqlite package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : There exists a vulnerability in SQLite versions before 3.50.2 where the number of aggregate terms could exceed the number of columns available. Thi...

Important: Red Hat Security Advisory: spice-client-win security update

An update for spice-client-win is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support and Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On. Red Hat Product Security has rated this update as having a security impact of Important. A Common...

RHEL 8 : spice-client-win (RHSA-2026:0078)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:0078 advisory. Spice client MSI installers for Windows clients Security Fixes: sqlite: Integer Truncation in SQLite CVE-2025-6965 libtiff: LibTIFF...

Huawei EulerOS: Security Advisory for sqlite (EulerOS-SA-2026-1003)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization 2.10.0 : sqlite (EulerOS-SA-2026-1003)

According to the versions of the sqlite package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : In SQLite 3.49.0 before 3.49.1, certain argument values to sqlite3dbconfig in the C-language API can cause a denial of service...

K000158857: SQLite vulnerability CVE-2025-52099

Security Advisory Description Rejected Reason: DO NOT USE THIS CVE RECORD. ConsultIDs: CVE-2025-29088. Reason: This record is a duplicate of CVE-2025-29088. Notes: All CVE users should reference CVE-2025-29088 instead of this record. All references and descriptions in this record have been remove...

Huawei EulerOS: Security Advisory for sqlite (EulerOS-SA-2025-2599)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization 2.13.1 : sqlite (EulerOS-SA-2025-2564)

According to the versions of the sqlite package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : There exists a vulnerability in SQLite versions before 3.50.2 where the number of aggregate terms could exceed the number of columns...