DEBIAN-CVE-2019-19242

SQLite 3.30.1 mishandles pExpr-y.pTab, as demonstrated by the TKCOLUMN case in sqlite3ExprCodeTarget in expr.c...

CVE-2019-19242

CVE-2019-19242 affects SQLite 3.30.1, where mishandling of pExpr->y.pTab in sqlite3ExprCodeTarget (TK_COLUMN) causes a NULL pointer dereference in sqlite3ExprCodeTarget, potentially crashing the process. CVSSv3 base score 5.9 (MEDIUM). The Astra Linux bulletin confirms the SQLite 3.30.1 refere...

Security Bulletin: Public disclosed vulnerability from SQLite CVE-2019-8457

Summary IBM Tivoli Composite Application Manager ITCAM for Transactions - Transaction Tracking has addressed the following SQLite vulnerability: SQLite could allow a remote attacker to execute arbitrary code on the system, caused by an integer overflow when the FTS3 extension is enabled. By using...

CVE-2019-5827

Integer overflow in SQLite via WebSQL in Google Chrome prior to 74.0.3729.131 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

Security Bulletin: Guardium StealthBits Integration is affected by an SQLite vulnerability

Summary IBM Security Guardium is aware of the following vulnerability Vulnerability Details CVEID: CVE-2018-20346 DESCRIPTION: SQLite could allow a remote attacker to execute arbitrary code on the system, caused by an integer overflow when the FTS3 extension is enabled. By using specially-crafted...

UBUNTU-CVE-2019-8457

SQLite3 from 3.6.0 to and including 3.27.2 is vulnerable to heap out-of-bound read in the rtreenode function when handling invalid rtree tables...

ALPINE-CVE-2019-5018

An exploitable use after free vulnerability exists in the window function functionality of Sqlite3 3.26.0. A specially crafted SQL command can cause a use after free vulnerability, potentially resulting in remote code execution. An attacker can send a malicious SQL command to trigger this...

Security Bulletin: Public disclosed vulnerability from SQLite CVE-2018-20346

Summary IBM Tivoli Composite Application Manager ITCAM for Transactions - Transaction Tracking has addressed the following SQLite vulnerability: SQLite could allow a remote attacker to execute arbitrary code on the system, caused by an integer overflow when the FTS3 extension is enabled. By using...

CVE-2018-20505

SQLite 3.25.2, when queries are run on a table with a malformed PRIMARY KEY, allows remote attackers to cause a denial of service application crash by leveraging the ability to run arbitrary SQL statements such as in certain WebSQL use cases...

AZL-38170 CVE-2018-20505 affecting package ceph for versions less than 18.2.1-1

SQLite 3.25.2, when queries are run on a table with a malformed PRIMARY KEY, allows remote attackers to cause a denial of service application crash by leveraging the ability to run arbitrary SQL statements such as in certain WebSQL use cases...

EUVD-2018-13059

SQLite 3.25.2, when queries are run on a table with a malformed PRIMARY KEY, allows remote attackers to cause a denial of service application crash by leveraging the ability to run arbitrary SQL statements such as in certain WebSQL use cases...

SQLite Memory Corruption Vulnerability in Multiple Apple Products

Apple iOS and so on are the products of the United States Apple Apple. Apple iOS is a set of operating systems developed for mobile devices; tvOS is a set of smart TV operating system. SQLite is one of the set of C-based open source embedded relational database management components developed by...

@fto-consult/electron (>=1.0.0 <=1.0.43), @fto-consult/electron-gen (>=1.1.0 <=3.0.0) +2 more potentially affected by CVE-2017-16048 via node-sqlite (=0.0.2-security)

node-sqlite NPM version =0.0.2-security is affected by a known vulnerability. The following packages have a transitive dependency on node-sqlite and may be impacted: - @fto-consult/electron =1.0.0, =1.1.0, =7.6.1, =1.0.1, =1.1.6 Source cves: CVE-2017-16048 Source advisory: OSV:GHSA-X52F-H74P-9JH8...

Security Bulletin: IBM Flex System Manager (FSM) is affected by a vulnerability in sqlite (CVE-2016-6153)

Summary A security vulnerability has been discovered in sqlite that is embedded in the IBM FSM. This bulletin addresses this vulnerability. Vulnerability Details CVEID: CVE-2016-6153 DESCRIPTION: SQLite could allow a local attacker to gain elevated privileges on the system, caused by the creation...

EulerOS 2.0 SP1 : memcached (EulerOS-SA-2018-1138)

According to the version of the memcached package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - In SQLite through 3.22.0, databases whose schema is corrupted using a CREATE TABLE AS statement could cause a NULL pointer dereference, related t...

CVE-2017-7002

An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. The issue involves the "SQLite" component. It allows remote attackers to execute arbitrary code or cause a denial of service memory corruption and application crash via a crafted we...

UBUNTU-CVE-2017-7000

An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. The issue involves the "SQLite" component. It allows remote attackers to execute arbitrary code or cause a denial of service memory corruption and application crash via a crafted we...

SQLite Denial of Service Vulnerability (CNVD-2018-06132)

SQLite is an open source C-based embedded relational database management system developed by American software developer D. Richard Hipp. The system is characterized by independence, isolation, cross-platform and so on. A security vulnerability exists in versions prior to SQLite 3.22.0. An attack...

CVE-2018-8740

In SQLite through 3.22.0, databases whose schema is corrupted using a CREATE TABLE AS statement could cause a NULL pointer dereference, related to build.c and prepare.c...

CVE-2018-8740

In SQLite through 3.22.0, databases whose schema is corrupted using a CREATE TABLE AS statement could cause a NULL pointer dereference, related to build.c and prepare.c...