4775 matches found
CVE-2015-3414
SQLite before 3.8.9 does not properly implement the dequoting of collation-sequence names, which allows context-dependent attackers to cause a denial of service uninitialized memory access and application crash or possibly have unspecified other impact via a crafted COLLATE clause, as demonstrate...
CVE-2015-3416
The sqlite3VXPrintf function in printf.c in SQLite before 3.8.9 does not properly handle precision and width values during floating-point conversions, which allows context-dependent attackers to cause a denial of service integer overflow and stack-based buffer overflow or possibly have unspecifie...
CVE-2015-3416
The CVE affects SQLite’s sqlite3VXPrintf in printf.c, vulnerable before 3.8.9. A crafted SELECT with large integers can trigger DoS via integer overflow or stack overflow. Mitigation: upgrade SQLite to a fixed version (3.8.9+); the vulnerability is confirmed in multiple advisories (e.g., F5/K1695...
CVE-2015-3415
The sqlite3VdbeExec function in vdbe.c in SQLite before 3.8.9 does not properly implement comparison operators, which allows context-dependent attackers to cause a denial of service invalid free operation or possibly have unspecified other impact via a crafted CHECK clause, as demonstrated by...
CVE-2015-3415
The sqlite3VdbeExec function in vdbe.c in SQLite before 3.8.9 does not properly implement comparison operators, which allows context-dependent attackers to cause a denial of service invalid free operation or possibly have unspecified other impact via a crafted CHECK clause, as demonstrated by...
CVE-2015-3414
CVE-2015-3414 affects SQLite before 3.8.9, where incorrect dequoting of collation-sequence names enables a crafted COLLATE clause to crash the process or cause memory access issues (DoS). Related issues CVE-2015-3415 and CVE-2015-3416 describe similar DoS vectors via crafted CHECK and floating-po...
UBUNTU-CVE-2015-3416
The sqlite3VXPrintf function in printf.c in SQLite before 3.8.9 does not properly handle precision and width values during floating-point conversions, which allows context-dependent attackers to cause a denial of service integer overflow and stack-based buffer overflow or possibly have unspecifie...
KLA10565 Denial of service vulnerabilities in SQLite
Multiple integer and buffer overflows were found in SQLite. By exploiting these vulnerabilities malicious users can cause denial of service or conduct other unknown impact. These vulnerabilities can be exploited remotely via a specially designed input. Original advisories - Related products SQLit...
Fedora 22 : spatialite-tools-4.2.0-10.fc22 / sqlite-3.8.9-1.fc22 (2015-6157)
Update of sqlite to latest upstream version, with spatialite-tools rebuild. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introduci...
CVE-2015-3415
The sqlite3VdbeExec function in vdbe.c in SQLite before 3.8.9 does not properly implement comparison operators, which allows context-dependent attackers to cause a denial of service invalid free operation or possibly have unspecified other impact via a crafted CHECK clause, as demonstrated by...
UBUNTU-CVE-2015-3414
SQLite before 3.8.9 does not properly implement the dequoting of collation-sequence names, which allows context-dependent attackers to cause a denial of service uninitialized memory access and application crash or possibly have unspecified other impact via a crafted COLLATE clause, as demonstrate...
CVE-2015-3416
The sqlite3VXPrintf function in printf.c in SQLite before 3.8.9 does not properly handle precision and width values during floating-point conversions, which allows context-dependent attackers to cause a denial of service integer overflow and stack-based buffer overflow or possibly have unspecifie...
CVE-2015-3414
SQLite before 3.8.9 does not properly implement the dequoting of collation-sequence names, which allows context-dependent attackers to cause a denial of service uninitialized memory access and application crash or possibly have unspecified other impact via a crafted COLLATE clause, as demonstrate...
Whisper: Insecure Local Data Storage : Application stores data using a binary sqlite database
Android provides several options for developers to save persistent application data. The local DB should store data depending on whether the data should be private to your application or accessible to other applications and users. In any case, sensible data always have to be encrypted to avoid...
Fedora Update for sqlite FEDORA-2015-6324
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 21 : spatialite-tools-4.2.0-10.fc21 / sqlite-3.8.9-1.fc21 (2015-6324)
Update of sqlite to latest upstream version, with spatialite-tools rebuild. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introduci...
[SECURITY] Fedora 21 Update: sqlite-3.8.9-1.fc21
SQLite is a C library that implements an SQL database engine. A large subset of SQL92 is supported. A complete database is stored in a single disk file. The API is designed for convenience and ease of use. Applications that link against SQLite can enjoy the power and flexibility of an SQL databas...
FreeBSD : sqlite -- multiple vulnerabilities (dec3164f-3121-45ef-af18-bb113ac5082f)
NVD reports : SQLite before 3.8.9 does not properly implement the dequoting of collation-sequence names, which allows context-dependent attackers to cause a denial of service uninitialized memory access and application crash or possibly have unspecified other impact via a crafted COLLATE clause, ...
sqlite -- multiple vulnerabilities
NVD reports: SQLite before 3.8.9 does not properly implement the dequoting of collation-sequence names, which allows context-dependent attackers to cause a denial of service uninitialized memory access and application crash or possibly have unspecified other impact via a crafted COLLATE clause, a...
A text control on your phone! The Android platform SQL injection vulnerability analysis-vulnerability warning-the black bar safety net
0x0 Foreword 1 4 years 1 1 months of the author in the Baidu xteam blog to see the disclosure of the earlier report to Google the CVE-2 0 1 4-8 5 0 7 vulnerability details-the system code in the processing via the SMS carrying the WAP push content is generated when the classicSQL...