4786 matches found
Integer Truncation on SQLite
...
SQLite integer overflow in key info allocation may lead to information disclosure.
...
EulerOS 2.0 SP11 : sqlite (EulerOS-SA-2025-1943)
According to the versions of the sqlite package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : In SQLite 3.49.0 before 3.49.1, certain argument values to sqlite3dbconfig in the C-language API can cause a denial of service application crash. A...
EulerOS 2.0 SP11 : sqlite (EulerOS-SA-2025-1969)
According to the versions of the sqlite package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : In SQLite 3.49.0 before 3.49.1, certain argument values to sqlite3dbconfig in the C-language API can cause a denial of service application crash. A...
Huawei EulerOS: Security Advisory for sqlite (EulerOS-SA-2025-1943)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
VulnCheck KEV: CVE-2023-39265
Apache Superset would allow for SQLite database connections to be incorrectly registered when an attacker uses alternative driver names like sqlite+pysqlite or by using database imports. This could allow for unexpected file creation on Superset webservers. Additionally, if Apache Superset is usin...
Siemens RUGGEDCOM CROSSBOW Station Access Controller
SUMMARY RUGGEDCOM CROSSBOW Station Access Controller SAC contains multiple vulnerabilities in the integrated SQLite component that could allow an attacker to execute arbitrary code or to create a denial of service condition. Siemens has released a new version for RUGGEDCOM CROSSBOW Station...
Huawei EulerOS: Security Advisory for sqlite (EulerOS-SA-2025-1969)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
BIT-LIBPHP-2022-31631 PDO::quote() may return unquoted string
In PHP versions 8.0. before 8.0.27, 8.1. before 8.1.15, 8.2. before 8.2.2 when using PDO::quote function to quote user-supplied data for SQLite, supplying an overly long string may cause the driver to incorrectly quote the data, which may further lead to SQL injection vulnerabilities...
Linux Distros Unpatched Vulnerability : CVE-2019-13734
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Out of bounds write in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...
SQLite 3.39.2 - 3.41.1 DoS Vulnerability
SQLite is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:sqlite:sqlite";...
SUSE SLES12 Security Update : sqlite3 (SUSE-SU-2025:02744-1)
The remote SUSE Linux SLES12 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2025:02744-1 advisory. - Update to version 3.50.2 - CVE-2025-6965: Fixed an integer truncation to avoid assertion faults. bsc1246597 Tenable has extracted the preceding...
@de-otio/trellis (>=0.4.0 <=0.7.1), @fedify/amqp (>=0.1.0 <=0.2.0-dev.11) +6 more potentially affected by CVE-2025-54888 via @fedify/fedify (>=0.10.2 <=1.10.9)
@fedify/fedify NPM version =0.10.2, =0.4.0, =0.1.0, =0.3.0, =0.3.0, =0.1.0, =0.1.0, =0.0.1, =0.1.0, =1.1.20 Source cves: CVE-2025-54888 Source advisory: OSV:GHSA-6JCC-XGCR-Q3H4...
Security update for sqlite3
This update for sqlite3 fixes the following issues: Update to version 3.50.2 CVE-2025-6965: Fixed an integer truncation to avoid assertion faults. bsc1246597 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
SUSE-SU-2025:02744-1 Security update for sqlite3
This update for sqlite3 fixes the following issues: - Update to version 3.50.2 - CVE-2025-6965: Fixed an integer truncation to avoid assertion faults. bsc1246597...
Linux Distros Unpatched Vulnerability : CVE-2020-11655
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - SQLite through 3.31.1 allows attackers to cause a denial of service segmentation fault via a malformed window-function query because the AggInfo object's...
Linux Distros Unpatched Vulnerability : CVE-2025-29088
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In SQLite 3.49.0 before 3.49.1, certain argument values to sqlite3dbconfig in the C-language API can cause a denial of service application crash. An sznBig...
SUSE CVE-2025-54379
LF Edge eKuiper is a lightweight IoT data analytics and stream processing engine running on resource-constraint edge devices. In versions before 2.2.1, there is a critical SQL Injection vulnerability in the getLast API functionality of the eKuiper project. This flaw allows unauthenticated remote...
Alibaba Cloud Linux 3 : 0127: sqlite (ALINUX3-SA-2025:0127)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2025:0127 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2025-6965: There exists a vulnerability in SQLi...
Oracle Linux 7 : sqlite (ELSA-2025-12349)
The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-12349 advisory. 3.7.17-8.0.1.1 - Fix for CVE-2025-6965 Orabug: 38260859 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory...