Search CVE reports


Toggle filters

31 – 40 of 74 results


CVE-2019-19924

Medium priority

Some fixes available 1 of 2

SQLite 3.30.1 mishandles certain parser-tree rewriting, related to expr.c, vdbeaux.c, and window.c. This is caused by incorrect sqlite3WindowRewrite() error handling.

1 affected package

sqlite3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
sqlite3 Not affected Not affected
Show less packages

CVE-2019-19923

Medium priority

Some fixes available 2 of 3

flattenSubquery in select.c in SQLite 3.30.1 mishandles certain uses of SELECT DISTINCT involving a LEFT JOIN in which the right-hand side is a view. This can cause a NULL pointer dereference (or incorrect results).

1 affected package

sqlite3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
sqlite3 Fixed Not affected
Show less packages

CVE-2019-19926

Medium priority

Some fixes available 4 of 5

multiSelect in select.c in SQLite 3.30.1 mishandles certain errors during parsing, as demonstrated by errors from sqlite3WindowRewrite() calls. NOTE: this vulnerability exists because of an incomplete fix for CVE-2019-19880.

1 affected package

sqlite3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
sqlite3 Not affected Fixed Fixed
Show less packages

CVE-2019-19880

Medium priority

Some fixes available 1 of 2

exprListAppendList in window.c in SQLite 3.30.1 allows attackers to trigger an invalid pointer dereference because constant integer values in ORDER BY clauses of window definitions are mishandled.

1 affected package

sqlite3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
sqlite3 Not affected Not affected
Show less packages

CVE-2019-13753

Medium priority

Some fixes available 18 of 30

Out of bounds read in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.

3 affected packages

chromium-browser, sqlite, sqlite3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
chromium-browser Fixed Fixed Fixed Fixed Fixed
sqlite Not in release Needs evaluation Needs evaluation Needs evaluation Needs evaluation
sqlite3 Not affected Not affected Not affected Fixed Fixed
Show less packages

CVE-2019-13752

Medium priority

Some fixes available 18 of 30

Out of bounds read in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.

3 affected packages

chromium-browser, sqlite, sqlite3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
chromium-browser Fixed Fixed Fixed Fixed Fixed
sqlite Not in release Needs evaluation Needs evaluation Needs evaluation Needs evaluation
sqlite3 Not affected Not affected Not affected Fixed Fixed
Show less packages

CVE-2019-13751

Medium priority

Some fixes available 18 of 30

Uninitialized data in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.

3 affected packages

chromium-browser, sqlite, sqlite3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
chromium-browser Fixed Fixed Fixed Fixed Fixed
sqlite Not in release Needs evaluation Needs evaluation Needs evaluation Needs evaluation
sqlite3 Not affected Not affected Not affected Fixed Fixed
Show less packages

CVE-2019-13750

Medium priority

Some fixes available 18 of 30

Insufficient data validation in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to bypass defense-in-depth measures via a crafted HTML page.

3 affected packages

chromium-browser, sqlite, sqlite3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
chromium-browser Fixed Fixed Fixed Fixed Fixed
sqlite Not in release Needs evaluation Needs evaluation Needs evaluation Needs evaluation
sqlite3 Not affected Not affected Not affected Fixed Fixed
Show less packages

CVE-2019-13734

Medium priority

Some fixes available 18 of 30

Out of bounds write in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

3 affected packages

chromium-browser, sqlite, sqlite3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
chromium-browser Fixed Fixed Fixed Fixed Fixed
sqlite Not in release Needs evaluation Needs evaluation Needs evaluation Needs evaluation
sqlite3 Not affected Not affected Not affected Fixed Fixed
Show less packages

CVE-2019-19646

Medium priority
Ignored

pragma.c in SQLite through 3.30.1 mishandles NOT NULL in an integrity_check PRAGMA command in certain cases of generated columns.

2 affected packages

sqlite, sqlite3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
sqlite Not affected Not affected
sqlite3 Not affected Not affected
Show less packages