CVE-2026-45722 Nextcloud: Tables app allows limited SQLi in ORDER BY with malicious sort order argument for Table Views

Nextcloud is an open source content collaboration platform. From versions 0.9.0 to before 0.9.7, and 1.0.0 to before 1.0.2, a missing sanitization in the Tables app allowed a user with access to the tables app to perform a limited SQL injection in the ORDER BY statement of a query. Compared to...

Tables app allows limited SQLi in ORDER BY with malicious sort order argument for Table Views

None...

CLSA-2022-1667513366 sqlite: Fix of CVE-2020-35527

CVE-2020-35527: fix a problem with ALTER TABLE for views that have a nested FROM clause...

CLSA-2022-1667513276 sqlite: Fix of CVE-2020-35527

CVE-2020-35527: fix a problem with ALTER TABLE for views that have a nested FROM clause...

sqlite: Out of bounds access during table rename

An out-of-bounds read vulnerability was found in SQLite. This security flaw occurs when the ALTER TABLE for views has a nested FROM clause. This flaw allows an attacker to triage an out-of-bounds read and access confidential data successfully...

USN-5615-1 sqlite3 vulnerabilities

It was discovered that SQLite incorrectly handled INTERSEC query processing. An attacker could use this issue to cause SQLite to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2020-35525 It was discovered that SQLite incorrectly handled ALTER TABLE for views that...

CVE-2017-12625

Apache Hive 2.1.x before 2.1.2, 2.2.x before 2.2.1, and 2.3.x before 2.3.1 expose an interface through which masking policies can be defined on tables or views, e.g., using Apache Ranger. When a view is created over a given table, the policy enforcement does not happen correctly on the table for...