SUSE-SU-2022:3653-1 Security update for tcl

This update for tcl fixes the following issues: - Fixed a race condition in test socket-13.1. - Removed the SQLite extension and use the packaged sqlite3 instead bsc1195773...

Denial of Service (DoS)

Overview Affected versions of this package are vulnerable to Denial of Service DoS via the FTS3 extension, due to 32-bit signed integer overflow. In order to exploit this vulnerability, the attacker must have full SQL access and must be able to construct a corrupt database with over 2GB of FTS3...

PT-2022-37524 · Tcl · Tcl

Name of the Vulnerable Software and Affected Versions: tcl affected versions not specified Description: The issue involves a race condition in test socket-13.1. Additionally, the SQLite extension has been removed and replaced with the packaged sqlite3. Recommendations: At the moment, there is no...

Security update for roundcubemail (important)

openSUSE Security Update: Security update for roundcubemail Announcement ID: openSUSE-SU-2022:10148-1 Rating: important References: 1180132 1180399 Cross-References: CVE-2019-10740 CVE-2020-12641 CVE-2020-16145 CVE-2020-35730 CVSS scores: CVE-2019-10740 NVD : 4.3...

CLSA-2022-1665428577 Fixed CVE-2020-13435 in sqlite

CVE-2020-13435: try to prevent a recurrence of problems additionally...

CLSA-2022-1665428481 Fixed CVE-2020-13435 in sqlite

CVE-2020-13435: try to prevent a recurrence of problems additionally...

CLSA-2022-1665428326 Fixed CVEs in sqlite: CVE-2020-35525, CVE-2020-13435

CVE-2020-13435: add a code that tries to prevent a recurrence of problems - CVE-2020-35525: a potential null pointer dereference was fixed...

CLSA-2022-1665428177 Fixed CVEs in sqlite: CVE-2020-35525, CVE-2020-13435

CVE-2020-13435: add a code that tries to prevent a recurrence of problems - CVE-2020-35525: a potential null pointer dereference was fixed...

Fixed CVEs in sqlite: CVE-2020-35525, CVE-2020-13435

CVE-2020-13435: add a code that tries to prevent a recurrence of problems - CVE-2020-35525: a potential null pointer dereference was fixed...

CLSA-2022-1665073587 Fixed CVEs in sqlite: CVE-2020-35525, CVE-2021-20223

CVE-2021-20223: prevent fts5 tokenizer unicode61 from considering '\0' to be a token characters, even if other characters of class "Cc" are. - CVE-2020-35525: fix a potential null pointer dereference...

CLSA-2022-1665073456 Fixed CVEs in sqlite: CVE-2020-35525, CVE-2021-20223

CVE-2021-20223: prevent fts5 tokenizer unicode61 from considering '\0' to be a token characters, even if other characters of class "Cc" are. - CVE-2020-35525: fix a potential null pointer dereference...

Denial of Service (DoS)

Overview Affected versions of this package are vulnerable to Denial of Service DoS in the size computation for a memory allocation in FTS3. Details Denial of Service DoS describes a family of attacks, all aimed at making a system inaccessible to its intended and legitimate users. Unlike other...

CVE-2022-40278

An issue was discovered in Samsung TizenRT through 3.0GBM and 3.1PRE. createDB in security/provisioning/src/provisioningdatabasemanager.c has a missing sqlite3free after sqlite3exec, leading to a denial of service...

USN-5615-1: SQLite vulnerabilities | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 18.04 Description It was discovered that SQLite incorrectly handled INTERSEC query processing. An attacker could use this issue to cause SQLite to crash, resulting in a denial of service, or possibly execute arbitrary code...

USN-5615-2 sqlite3 vulnerability

USN-5615-1 fixed several vulnerabilities in SQLite. This update provides the corresponding fix for CVE-2020-35525 for Ubuntu 16.04 ESM. Original advisory details: It was discovered that SQLite incorrectly handled INTERSEC query processing. An attacker could use this issue to cause SQLite to crash...

USN-5615-2: SQLite vulnerability

USN-5615-1 fixed several vulnerabilities in SQLite. This update provides the corresponding fix for CVE-2020-35525 for Ubuntu 16.04 ESM. Original advisory details: It was discovered that SQLite incorrectly handled INTERSEC query processing. An attacker could use this issue to cause SQLite to crash...

Ubuntu 16.04 ESM : SQLite vulnerability (USN-5615-2)

The remote Ubuntu 16.04 ESM host has packages installed that are affected by a vulnerability as referenced in the USN-5615-2 advisory. USN-5615-1 fixed several vulnerabilities in SQLite. This update provides the corresponding fix for CVE-2020-35525 for Ubuntu 16.04 ESM. Tenable has extracted the...

SUSE: Security Advisory (SUSE-SU-2022:3401-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLES12 Security Update : sqlite3 (SUSE-SU-2022:3401-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:3401-1 advisory. - DISPUTED A segmentation fault can occur in the sqlite3.exe command-line component of SQLite 3.36.0 via the idxGetTableInfo functi...

SUSE-SU-2022:3401-1 Security update for sqlite3

This update for sqlite3 fixes the following issues: Security issues fixed: - CVE-2022-35737: Fixed an array-bounds overflow if billions of bytes are used in a string argument to a C API bnc1201783. - CVE-2021-36690: Fixed an issue with the SQLite Expert extension when a column has no collating...