60 matches found
AZL-39034 CVE-2020-11655 affecting package ceph for versions less than 18.2.1-1
SQLite through 3.31.1 allows attackers to cause a denial of service segmentation fault via a malformed window-function query because the AggInfo object's initialization is mishandled...
DEBIAN-CVE-2020-11655
SQLite through 3.31.1 allows attackers to cause a denial of service segmentation fault via a malformed window-function query because the AggInfo object's initialization is mishandled...
ALPINE-CVE-2020-11655
SQLite through 3.31.1 allows attackers to cause a denial of service segmentation fault via a malformed window-function query because the AggInfo object's initialization is mishandled...
CVE-2020-11655
SQLite through 3.31.1 allows attackers to cause a denial of service segmentation fault via a malformed window-function query because the AggInfo object's initialization is mishandled...
UBUNTU-CVE-2020-11655
SQLite through 3.31.1 allows attackers to cause a denial of service segmentation fault via a malformed window-function query because the AggInfo object's initialization is mishandled...
CVE-2020-11655
SQLite through 3.31.1 allows attackers to cause a denial of service segmentation fault via a malformed window-function query because the AggInfo object's initialization is mishandled...
CVE-2020-11655
SQLite through 3.31.1 allows attackers to cause a denial of service segmentation fault via a malformed window-function query because the AggInfo object's initialization is mishandled...
PT-2020-5472 · Sqlite +5 · Sqlite +5
Name of the Vulnerable Software and Affected Versions: SQLite versions through 3.31.1 Description: The issue allows attackers to cause a denial of service, resulting in a segmentation fault, via a malformed window-function query. This is due to the mishandling of the AggInfo object's...
DEBIAN-CVE-2019-19880
exprListAppendList in window.c in SQLite 3.30.1 allows attackers to trigger an invalid pointer dereference because constant integer values in ORDER BY clauses of window definitions are mishandled...
CVE-2019-19244
sqlite3Select in select.c in SQLite 3.30.1 allows a crash if a sub-select uses both DISTINCT and window functions, and also has certain ORDER BY usage...
UBUNTU-CVE-2019-13219
A NULL pointer dereference in the getwindow function in stbvorbis through 2019-03-04 allows an attacker to cause a denial of service by opening a crafted Ogg Vorbis file...
Sean Barrett stb_vorbis code issue vulnerability
Sean Barrett stbvorbis is an open source audio codec for decoding ogg vorbis files. Sean Barrett stbvorbis A code issue vulnerability exists in the 'getwindow' function in versions 2019-03-04 and earlier. The vulnerability stems from an improperly designed or implemented code development process...
ALPINE-CVE-2019-5018
An exploitable use after free vulnerability exists in the window function functionality of Sqlite3 3.26.0. A specially crafted SQL command can cause a use after free vulnerability, potentially resulting in remote code execution. An attacker can send a malicious SQL command to trigger this...
CVE-2019-5018
An exploitable use after free vulnerability exists in the window function functionality of Sqlite3 3.26.0. A specially crafted SQL command can cause a use after free vulnerability, potentially resulting in remote code execution. An attacker can send a malicious SQL command to trigger this...
Vulnerability Spotlight: Remote code execution bug in SQLite
Cory Duplantis of Cisco Talos discovered this vulnerability. Executive summary SQLite contains an exploitable use-after-free vulnerability that could allow an attacker to gain the ability to remotely execute code on the victim machine. SQLite is a client-sidedatabase management system contained i...
Sqlite3 Window Function Remote Code Execution Vulnerability
Summary An exploitable use after free vulnerability exists in the window function functionality of Sqlite3 3.26.0. A specially crafted SQL command can cause a use after free vulnerability, potentially resulting in remote code execution. An attacker can send a malicious SQL command to trigger this...
sqlite3 -- use after free
MITRE reports: An exploitable use after free vulnerability exists in the window function functionality of Sqlite3 3.26.0. A specially crafted SQL command can cause a use after free vulnerability, potentially resulting in remote code execution. An attacker can send a malicious SQL command to trigg...
Internet Explorer onload window vulnerability
Added: 12/01/2005 CVE: CVE-2005-1790 BID: 13799 OSVDB: 17094 Background Internet Explorer is an HTML web browser which comes by default on Microsoft operating systems. Problem Internet Explorer fails to properly initialize the window function when called from an onLoad event in a body tag. This...
CVE-2005-3896
Mozilla allows remote attackers to cause a denial of service CPU consumption via a Javascript BODY onload event that calls the window function...
Microsoft Internet Explorer code execution
Uninitilized memory call on Window function within OnLoad handler of BODY tag allows code execution...