28 matches found
DEBIAN-CVE-2022-21227
The package sqlite3 before 5.0.3 are vulnerable to Denial of Service DoS which will invoke the toString function of the passed parameter. If passed an invalid Function object it will throw and crash the V8 engine...
7ghost (>=4.11.0 <=4.11.46), 90crew-sqlite-async (=0.0.4) +216 more potentially affected by CVE-2022-21227 via sqlite3 (>=5.0.0 <=5.0.2)
sqlite3 NPM version =5.0.0, =4.11.0, =0.1.0, =1.1.0, =12.1.0-alpha.6, =2.0.11, =0.2.5, =0.1.3-alpha.0, =0.1.19-alpha.0, =0.1.11-alpha.0, =0.1.3-alpha.0, =7.0.0, =7.3.8 and more Source cves: CVE-2022-21227 Source advisory: SNYK:JS-SQLITE3-2388645...
Denial Of Service
sqlite3 is vulnerable to denial of service. The vulnerability exists due to a segmentation fault via the idxGetTableInfo function...
Google Android 输入验证错误漏洞
Android is a Linux-based open source operating system developed by Google Inc. and the Open Handheld Alliance OHA. an elevation of privilege vulnerability exists in Google Android sqlite3.c. An attacker could exploit this vulnerability to escalate privileges...
SUSE-SU-2019:3050-1 Security update for sqlite3
This update for sqlite3 fixes the following issues: - CVE-2017-2518: Fixed a use-after-free vulnerability which could have led to buffer overflow via a crafted SQL statement bsc1155787...
CVE-2019-8457
SQLite3 from 3.6.0 to and including 3.27.2 is vulnerable to heap out-of-bound read in the rtreenode function when handling invalid rtree tables...
EUVD-2019-17847
SQLite3 from 3.6.0 to and including 3.27.2 is vulnerable to heap out-of-bound read in the rtreenode function when handling invalid rtree tables...
Design/Logic Flaw
An exploitable use after free vulnerability exists in the window function functionality of Sqlite3 3.26.0. A specially crafted SQL command can cause a use after free vulnerability, potentially resulting in remote code execution. An attacker can send a malicious SQL command to trigger this...