Package Hub Security Vulnerabilities and Issues — Package Hub CVE List

Lucene search

SusePackage Hub

7 matches found

CVE•added 2019/12/10 10:15 p.m.•593 views

CVE-2019-13734

Out of bounds write in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8CVSS8.6AI score0.05711EPSS

CVE•added 2019/12/23 1:15 a.m.•272 views

CVE-2019-19926

multiSelect in select.c in SQLite 3.30.1 mishandles certain errors during parsing, as demonstrated by errors from sqlite3WindowRewrite() calls. NOTE: this vulnerability exists because of an incomplete fix for CVE-2019-19880.

7.5CVSS8.2AI score0.1124EPSS

CVE•added 2019/12/18 6:15 a.m.•269 views

CVE-2019-19880

exprListAppendList in window.c in SQLite 3.30.1 allows attackers to trigger an invalid pointer dereference because constant integer values in ORDER BY clauses of window definitions are mishandled.

7.5CVSS7.8AI score0.1124EPSS

CVE•added 2019/12/10 10:15 p.m.•255 views

CVE-2019-13764

Type confusion in JavaScript in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8CVSS8.4AI score0.40709EPSS

CVE•added 2019/12/10 10:15 p.m.•249 views

CVE-2019-13745

Insufficient policy enforcement in audio in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

6.5CVSS6.2AI score0.0241EPSS

CVE•added 2019/12/24 4:15 p.m.•233 views

CVE-2019-19923

flattenSubquery in select.c in SQLite 3.30.1 mishandles certain uses of SELECT DISTINCT involving a LEFT JOIN in which the right-hand side is a view. This can cause a NULL pointer dereference (or incorrect results).

7.5CVSS7.8AI score0.13878EPSS

CVE•added 2019/12/24 5:15 p.m.•223 views

CVE-2019-19925

zipfileUpdate in ext/misc/zipfile.c in SQLite 3.30.1 mishandles a NULL pathname during an update of a ZIP archive.

7.5CVSS7.8AI score0.12247EPSS