Search CVE reports


Toggle filters

41 – 50 of 74 results


CVE-2019-19603

Low priority

Some fixes available 1 of 5

SQLite 3.30.1 mishandles certain SELECT statements with a nonexistent VIEW, leading to an application crash.

2 affected packages

sqlite, sqlite3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
sqlite Not affected Not affected Not affected
sqlite3 Not affected Ignored Ignored
Show less packages

CVE-2019-19645

Low priority

Some fixes available 1 of 5

alter.c in SQLite through 3.30.1 allows attackers to trigger infinite recursion via certain types of self-referential views in conjunction with ALTER TABLE statements.

2 affected packages

sqlite, sqlite3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
sqlite Not affected Not affected Not affected
sqlite3 Not affected Ignored Ignored
Show less packages

CVE-2019-19317

Medium priority
Not affected

lookupName in resolve.c in SQLite 3.30.1 omits bits from the colUsed bitmask in the case of a generated column, which allows attackers to cause a denial of service or possibly have unspecified other impact.

1 affected package

sqlite3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
sqlite3 Not affected Not affected
Show less packages

CVE-2019-19242

Low priority
Fixed

SQLite 3.30.1 mishandles pExpr->y.pTab, as demonstrated by the TK_COLUMN case in sqlite3ExprCodeTarget in expr.c.

1 affected package

sqlite3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
sqlite3 Not affected Not affected
Show less packages

CVE-2019-19244

Medium priority
Fixed

sqlite3Select in select.c in SQLite 3.30.1 allows a crash if a sub-select uses both DISTINCT and window functions, and also has certain ORDER BY usage.

2 affected packages

sqlite, sqlite3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
sqlite Not affected Not affected
sqlite3 Not affected Not affected
Show less packages

CVE-2019-16168

Low priority
Fixed

In SQLite through 3.29.0, whereLoopAddBtreeIndex in sqlite3.c can crash a browser or other application because of missing validation of a sqlite_stat1 sz field, aka a "severe division by zero in the query planner."

1 affected package

sqlite3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
sqlite3 Fixed Fixed
Show less packages

CVE-2019-5827

Low priority

Some fixes available 6 of 20

Integer overflow in SQLite via WebSQL in Google Chrome prior to 74.0.3729.131 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

3 affected packages

chromium-browser, sqlite, sqlite3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
chromium-browser Not affected Not affected Not affected Fixed Fixed
sqlite Not in release Needs evaluation Needs evaluation Needs evaluation Needs evaluation
sqlite3 Not affected Not affected Not affected Fixed Fixed
Show less packages

CVE-2019-8457

Medium priority

Some fixes available 32 of 61

SQLite3 from 3.6.0 to and including 3.27.2 is vulnerable to heap out-of-bound read in the rtreenode() function when handling invalid rtree tables.

5 affected packages

chromium, db5.3, qtwebengine-opensource-src, sqlcipher, sqlite3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
chromium Not in release Not in release Not in release Not in release Not in release
db5.3 Fixed Fixed Fixed Fixed Fixed
qtwebengine-opensource-src Needs evaluation Needs evaluation Needs evaluation Needs evaluation Not in release
sqlcipher Vulnerable Vulnerable Vulnerable Vulnerable Vulnerable
sqlite3 Fixed Fixed Fixed Fixed Fixed
Show less packages

CVE-2019-5018

Low priority
Fixed

An exploitable use after free vulnerability exists in the window function functionality of Sqlite3 3.26.0. A specially crafted SQL command can cause a use after free vulnerability, potentially resulting in remote code execution....

1 affected package

sqlite3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
sqlite3 Not affected Not affected
Show less packages

CVE-2018-20506

Medium priority
Fixed

SQLite before 3.25.3, when the FTS3 extension is enabled, encounters an integer overflow (and resultant buffer overflow) for FTS3 queries in a "merge" operation that occurs after crafted changes to FTS3 shadow tables, allowing...

1 affected package

sqlite3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
sqlite3 Fixed Fixed
Show less packages