WhoDB < 0.45.0 - Path Traversal

WhoDB contains a path traversal caused by lack of validation when opening database files, letting unauthenticated attackers access arbitrary Sqlite3 databases on the host system, exploit requires attacker to manipulate database filename input. id: CVE-2025-24786 info: name: WhoDB 0.45.0 - Path...

Astra Linux – Vulnerability in SQLite3

The file ext/fts3/fts3snippet.c in SQLite before version 3.32.0 contains a NULL pointer dereferencing issue due to a malicious matchinfo query...

ROOT-OS-DEBIAN-12-CVE-2025-7458 CVE-2025-7458 in rootio-sqlite3 - Patched by Root

Root has patched CVE-2025-7458 in the rootio-sqlite3 package for Root:Debian:12. Multiple fixed versions available...

ROOT-OS-DEBIAN-12-CVE-2025-29088 CVE-2025-29088 in rootio-sqlite3 - Patched by Root

Root has patched CVE-2025-29088 in the rootio-sqlite3 package for Root:Debian:12. Multiple fixed versions available...

ROOT-OS-DEBIAN-12-CVE-2025-7709 CVE-2025-7709 in rootio-sqlite3 - Patched by Root

Root has patched CVE-2025-7709 in the rootio-sqlite3 package for Root:Debian:12. Multiple fixed versions available...

Updated sqlite3 packages fix bug & security vulnerability

sqlite3 shipped in Mageia 9 lacks ICU support. This update brings sqlite3-icu to allow ICU support be loaded as an optional extension. This update fixes CVE-2025-70873, an information disclosure issue. The zipfileInflate function in the zipfile extension in SQLite v3.51.1 and earlier allows...

MGASA-2026-0195 Updated sqlite3 packages fix bug & security vulnerability

sqlite3 shipped in Mageia 9 lacks ICU support. This update brings sqlite3-icu to allow ICU support be loaded as an optional extension. This update fixes CVE-2025-70873, an information disclosure issue. The zipfileInflate function in the zipfile extension in SQLite v3.51.1 and earlier allows...

Astra Linux – Vulnerability in SQLite3

SQLite 3.32.2 has a use-after-free issue in the resetAccumulator function in select.c, as the re-write of the parse tree for window functions occurs too late...

Astra Linux - уязвимость в sqlite3

In SQLite 3.30.1, the exprListAppendList function in the window.c file allows attackers to trigger a invalid pointer dereferencing issue, as constant integer values in ORDER BY clauses of window definitions are handled incorrectly...

Astra Linux - уязвимость в db5.3

SQLite3 versions from 3.6.0 through 3.27.2 are vulnerable to heap out-of-bound reads in the rtreenode function when handling invalid rtree tables...

Astra Linux - уязвимость в sqlite3

A vulnerability was discovered in SQLite SQLite3 version 3.43.0 and is classified as critical. This issue affects the sessionReadRecord function in the file ext/session/sqlite3session.c of the make alltest component. The vulnerability results in a heap-based buffer overflow. It is recommended to...

[R2] Tenable Network Monitor 6.5.4 Fixes Multiple Vulnerabilities

R2 Tenable Network Monitor 6.5.4 Fixes Multiple Vulnerabilities Jason Schavel Thu, 05/14/2026 - 13:00 Tenable Network Monitor leverages third-party software to help provide underlying functionality. Several of the third-party components OpenSSL, curl, sqlite3, handlebars, expat, and dpdk were fou...

Astra Linux – Vulnerability in SQLite3

In SQlite 3.31.1, a potential null pointer derefrence was detected during the INTERSEC query processing...

Astra Linux – Vulnerability in SQLite3

SQLite version 3.31.1 allows attackers to cause a denial of service segmentation fault through a malformed window-function query, due to improper handling of the initialization of the AggInfo object...

Astra Linux – Vulnerability in SQLite3

In SQLite 3.30.1, the sqlite3Select function in select.c can cause a crash if a sub-select uses both DISTINCT and window functions, and also has certain ORDER BY usages...

Possible unaligned data access for implementations of `SqliteAggregate`

Diesel allows to register custom aggregate SQL functions for SQLite via the SqliteAggregate interface. To store an instance of the custom aggregate processor Diesel relied on the sqlite3aggregatecontext function provided by sqlite. This function doesn't provide any guarantees about alignment of t...

OPENSUSE-SU-2026:20513-1 Security update for sqlite3

This update for sqlite3 fixes the following issues: Update sqlite3 to version 3.51.3: Security issues: - CVE-2025-7709: Integer Overflow in FTS5 Extension bsc1254670. - CVE-2025-70873: SQLite zipfile extension may disclose uninitialized heap memory during inflation bsc1259619. Non security issue:...

SUSE-SU-2026:21095-1 Security update for sqlite3

This update for sqlite3 fixes the following issues: Update sqlite3 to version 3.51.3: Security issues: - CVE-2025-7709: Integer Overflow in FTS5 Extension bsc1254670. - CVE-2025-70873: SQLite zipfile extension may disclose uninitialized heap memory during inflation bsc1259619. Non security issue:...

SUSE-SU-2026:21173-1 Security update for sqlite3

This update for sqlite3 fixes the following issues: Update sqlite3 to version 3.51.3: Security issues: - CVE-2025-7709: Integer Overflow in FTS5 Extension bsc1254670. - CVE-2025-70873: SQLite zipfile extension may disclose uninitialized heap memory during inflation bsc1259619. Non security issue:...

openSUSE Security Advisory (SUSE-SU-2026:1065-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...