Search CVE reports


Toggle filters

11 – 20 of 74 results


CVE-2021-45346

Low priority
Ignored

** DISPUTED ** A Memory Leak vulnerability exists in SQLite Project SQLite3 3.35.1 and 3.37.0 via maliciously crafted SQL Queries (made via editing the Database File), it is possible to query a record, and leak subsequent bytes of...

2 affected packages

sqlite, sqlite3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
sqlite Ignored Ignored Ignored Ignored
sqlite3 Ignored Ignored Ignored Ignored
Show less packages

CVE-2021-36690

Negligible priority

Some fixes available 3 of 5

** DISPUTED ** A segmentation fault can occur in the sqlite3.exe command-line component of SQLite 3.36.0 via the idxGetTableInfo function when there is a crafted SQL query. NOTE: the vendor disputes the relevance of this report...

2 affected packages

sqlite, sqlite3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
sqlite Not affected Not affected Not affected Not affected
sqlite3 Not affected Fixed Fixed Not affected
Show less packages

CVE-2021-0646

Medium priority
Not affected

In sqlite3_str_vappendf of sqlite3.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege if the user can also inject a printf into a privileged process's SQL...

2 affected packages

sqlite, sqlite3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
sqlite Not affected Not affected Not affected Not affected
sqlite3 Not affected Not affected Not affected Not affected
Show less packages

CVE-2021-20227

Medium priority
Fixed

A flaw was found in SQLite's SELECT query functionality (src/select.c). This flaw allows an attacker who is capable of running SQL queries locally on the SQLite database to cause a denial of service or possible code execution by...

2 affected packages

sqlite, sqlite3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
sqlite Not affected Not affected Not affected
sqlite3 Not affected Not affected Not affected
Show less packages

CVE-2020-9991

Low priority
Vulnerable

This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.0, iOS 14.0 and iPadOS 14.0, iCloud for Windows 7.21, tvOS 14.0. A remote attacker may be able to cause a denial of service.

2 affected packages

sqlite, sqlite3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
sqlite Not in release Not affected Not affected Not affected Vulnerable
sqlite3 Not affected Not affected Not affected Not affected Not affected
Show less packages

CVE-2020-9849

Low priority
Vulnerable

An information disclosure issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.0, iOS 14.0 and iPadOS 14.0, iTunes for Windows 12.10.9, iCloud for Windows 11.5, tvOS 14.0. A...

2 affected packages

sqlite, sqlite3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
sqlite Not in release Not affected Not affected Not affected Vulnerable
sqlite3 Not affected Not affected Not affected Not affected Not affected
Show less packages

CVE-2020-15358

Medium priority

Some fixes available 1 of 2

In SQLite before 3.32.3, select.c mishandles query-flattener optimization, leading to a multiSelectOrderBy heap overflow because of misuse of transitive properties for constant propagation.

2 affected packages

sqlite, sqlite3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
sqlite Not affected Not affected Not affected
sqlite3 Fixed Not affected Not affected
Show less packages

CVE-2020-9794

Medium priority
Vulnerable

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud...

2 affected packages

sqlite, sqlite3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
sqlite Not in release Not affected Not affected Not affected Vulnerable
sqlite3 Not affected Not affected Not affected Not affected Not affected
Show less packages

CVE-2020-13871

Medium priority
Not affected

SQLite 3.32.2 has a use-after-free in resetAccumulator in select.c because the parse tree rewrite for window functions is too late.

2 affected packages

sqlite, sqlite3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
sqlite Not affected Not affected Not affected
sqlite3 Not affected Not affected Not affected
Show less packages

CVE-2020-13632

Medium priority
Fixed

ext/fts3/fts3_snippet.c in SQLite before 3.32.0 has a NULL pointer dereference via a crafted matchinfo() query.

2 affected packages

sqlite, sqlite3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
sqlite Not affected Not affected Not affected
sqlite3 Fixed Fixed Fixed
Show less packages