libsql-sqlite3-parser crash due to invalid UTF-8 input

dialect/mod.rs in the libsql-sqlite3-parser crate through 0.13.0 before 14f422a for Rust can crash if the input is not valid UTF-8...

GHSA-8M95-FFFC-H4C5 libsql-sqlite3-parser crash due to invalid UTF-8 input

dialect/mod.rs in the libsql-sqlite3-parser crate through 0.13.0 before 14f422a for Rust can crash if the input is not valid UTF-8...

CVE-2025-47736

dialect/mod.rs in the libsql-sqlite3-parser crate through 0.13.0 before 14f422a for Rust can crash if the input is not valid UTF-8...

CVE-2025-47736

dialect/mod.rs in the libsql-sqlite3-parser crate through 0.13.0 before 14f422a for Rust can crash if the input is not valid UTF-8...

CVE-2025-47736

dialect/mod.rs in the libsql-sqlite3-parser crate through 0.13.0 before 14f422a for Rust can crash if the input is not valid UTF-8...

CVE-2025-47736

The CVE-2025-47736 issue affects the libsql-sqlite3-parser crate (Rust). Specifically, the dialect/mod.rs component can crash when given input that is not valid UTF-8, affecting versions up to 0.13.0 and before the commit 14f422a. The vulnerability arises from handling non-UTF-8 input during pars...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : sqlite3 (SUSE-SU-2025:1456-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:1456-1 advisory. - CVE-2025-29087,CVE-2025-3277: Fixed integer overflow in sqlite concat function bsc1241020 -...

PT-2025-20471 · Unknown · Libsql-Sqlite3-Parser

Name of the Vulnerable Software and Affected Versions: libsql-sqlite3-parser versions 0.13.0 and earlier Description: The issue is related to the dialect/mod.rs file in the libsql-sqlite3-parser crate for Rust, which can crash if the input is not valid UTF-8. Recommendations: For versions 0.13.0...

SUSE SLES12 Security Update : sqlite3 (SUSE-SU-2025:1455-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:1455-1 advisory. - CVE-2025-3277,CVE-2025-29087: Fixed integer overflow in sqlite concat function bsc1241020 - CVE-2025-29088: Fixed integer overflow through th...

SUSE-SU-2025:1455-1 Security update for sqlite3

This update for sqlite3 fixes the following issues: - CVE-2025-3277,CVE-2025-29087: Fixed integer overflow in sqlite concat function bsc1241020 - CVE-2025-29088: Fixed integer overflow through the SQLITEDBCONFIGLOOKASIDE component bsc1241078 Other fixes: - Updated to version 3.49.1 from Factory...

SUSE-SU-2025:1456-1 Security update for sqlite3

This update for sqlite3 fixes the following issues: - CVE-2025-29087,CVE-2025-3277: Fixed integer overflow in sqlite concat function bsc1241020 - CVE-2025-29088: Fixed integer overflow through the SQLITEDBCONFIGLOOKASIDE component bsc1241078 Other fixes: - Updated to version 3.49.1 from Factory...

Security update for sqlite3

This update for sqlite3 fixes the following issues: CVE-2025-29087: Fixed integer overflow in sqlite concat function bsc1241020 CVE-2025-29088: Fixed integer overflow through the SQLITEDBCONFIGLOOKASIDE component bsc1241078 Other fixes: Updated to version 3.49.1 from Factory jscSLE-16032 Patch...

Security update for sqlite3

This update for sqlite3 fixes the following issues: CVE-2025-29087: Fixed integer overflow in sqlite concat function bsc1241020 CVE-2025-29088: Fixed integer overflow through the SQLITEDBCONFIGLOOKASIDE component bsc1241078 Other fixes: Updated to version 3.49.1 from Factory jscSLE-16032 Patch...

Integer Overflow or Wraparound

Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound in the concat function. An attacker can trigger an integer overflow by supplying input with an excessive number of separators and arguments. Note: This vulnerability has also been published as CVE-2025-327...

SUSE CVE-2025-29088

In SQLite 3.49.0 before 3.49.1, certain argument values to sqlite3dbconfig in the C-language API can cause a denial of service application crash. An sznBig multiplication is not cast to a 64-bit integer, and consequently some memory allocations may be incorrect...

Integer Overflow or Wraparound

Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound in the concat function. An attacker can trigger an integer overflow by supplying input with an excessive number of separators and arguments. Note: This vulnerability has also been published as CVE-2025-327...

Linux Distros Unpatched Vulnerability : CVE-2019-8457

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - SQLite3 from 3.6.0 to and including 3.27.2 is vulnerable to heap out-of-bound read in the rtreenode function when handling invalid rtree tables. CVE-2019-8457...

CVE-2025-26794

Exim 4.98 before 4.98.1, when SQLite hints and ETRN serialization are used, allows remote SQL injection. Resolving SQL injection requires an update to 4.99.1 in certain non-default rate-limit configurations...

Path Traversal

github.com/clidey/whodb/core is vulnerable to Path Traversal. The vulnerability is due to improper path validation due to the lack of checks when joining user-controlled database file names with the default directory, allowing an attacker to use path traversal ../../ to access any Sqlite3 databas...

CVE-2025-24786

WhoDB is an open source database management tool. While the application only displays Sqlite3 databases present in the directory /db, there is no path traversal prevention in place. This allows an unauthenticated attacker to open any Sqlite3 database present on the host machine that the applicati...