4786 matches found
CVE-2019-20218
CVE-2019-20218 affects SQLite: in selectExpander (select.c) the WITH stack unwinding continues after a parsing error, potentially causing an application crash. The issue is confirmed across multiple advisories (Debian LTS/DLA entries, Gentoo GLSA, AlmaLinux advisory, Cloud Foundry USN) and is lis...
CVE-2019-20218
selectExpander in select.c in SQLite 3.30.1 proceeds with WITH stack unwinding even after a parsing error...
EulerOS 2.0 SP8 : sqlite (EulerOS-SA-2020-1033)
According to the version of the sqlite packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - pragma.c in SQLite through 3.30.1 mishandles NOT NULL in an integritycheck PRAGMA command in certain cases of generated columns.CVE-2019-19646 Note...
SQLite WITH Stack Expansion Vulnerability
SQLite is a self-contained, serverless, zero-configuration, transactional SQL database engine. SQLite 3.30.1 suffers from a WITH stack unfolding vulnerability that stems from the fact that selectExpander in select.c in SQLite continues to handle WITH stack unfolding even after a parsing error. No...
SQLite report about CVE-2020-13871
Malicious SQL statement causes a read-only use-after-free memory error. details...
SQLite report about CVE-2020-13434
Malicious SQL statement involving the printf SQL function results in an integer overflow which can overwrite the stack with over 2 billion bytes of 0x30 or 0x20 ASCII '0' or ' '. Even though this is a stack overwrite, there is no known way to redirect control or otherwise escalate the level of...
SQLite report about CVE-2020-11656
Malicious SQL statement causes read-only use-after-free of memory allocation if SQLite is compile with -DSQLITEDEBUG. Does not affect release builds. details...
SQLite report about CVE-2020-6405
Malicious SQL statement causes a NULL pointer dereference and denial-of-service details...
SQLite report about CVE-2020-15358
Malicious SQL statement causes a read past the end of a heap buffer. details...
SQLite report about CVE-2020-13631
Malicious SQL statement an ALTER TABLE that tries to rename a virtual table into one of its own shadow tables causes an infinite loop and denial of service. details...
SQLite report about CVE-2020-13630
Malicious SQL statement causes a read-only use-after-free, possibly resulting in an incorrect output from the snippet SQL function of the FTS3 extension. There is no known way to exfiltrate data or crash the application using this bug. details...
SQLite report about CVE-2020-13435
Malicious SQL statement causes a read access to a NULL pointer and denial of service. details...
SQLite report about CVE-2020-13632
Malicious SQL statement causes a read of a NULL pointer in the matchinfo SQL function of the FTS3 extension, resulting in denial of service. details...
SQLite report about CVE-2020-9327
Malicious SQL statement causes a read using an uninitialized pointer and denial-of-service details...
CVE-2019-19880
exprListAppendList in window.c in SQLite 3.30.1 allows attackers to trigger an invalid pointer dereference because constant integer values in ORDER BY clauses of window definitions are mishandled...
CVE-2019-19646
pragma.c in SQLite through 3.30.1 mishandles NOT NULL in an integritycheck PRAGMA command in certain cases of generated columns...
Google Chrome Affected By Magellan 2.0 Flaws
Researchers have disclosed five recently-patched vulnerabilities in the Google Chrome browser that could be exploited by an attacker to remotely execute code. The vulnerabilities, dubbed Magellan 2.0 by the Tencent Blade team of researchers who discovered them, exist in the SQLite database...
KLA11718 Multiple vulnerabilities in Opera
Multiple vulnerabilities were found in Opera. Malicious users can exploit these vulnerabilities to execute arbitrary code, bypass security restrictions, cause denial of service, obtain sensitive information, spoof user interface. Below is a complete list of vulnerabilities: 1. Use after free...
SQLite Code Issue Vulnerability
SQLite is the United States D. Richard Hipp software developers of a set of C-based open source embedded relational database management system. The system is characterized by independence, isolation, cross-platform and so on. SQLite 3.30.1 version of the select.c file of the flattenSubquery there...
SQLite Code Issue Vulnerability (CNVD-2020-22686)
SQLite is the United States D. Richard Hipp software developers of a set of C-based open source embedded relational database management system. The system is characterized by independence, isolation, cross-platform and so on. A security vulnerability exists in zipfileUpdate in the...