Search CVE reports
41 – 50 of 81 results
Some fixes available 1 of 2
exprListAppendList in window.c in SQLite 3.30.1 allows attackers to trigger an invalid pointer dereference because constant integer values in ORDER BY clauses of window definitions are mishandled.
1 affected package
sqlite3
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| sqlite3 | — | — | — | Not affected |
Some fixes available 19 of 31
Out of bounds read in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
3 affected packages
sqlite, sqlite3, chromium-browser
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| sqlite | Not in release | Needs evaluation | Needs evaluation | Needs evaluation |
| sqlite3 | Not affected | Not affected | Not affected | Fixed |
| chromium-browser | Fixed | Fixed | Fixed | Fixed |
Some fixes available 19 of 31
Out of bounds read in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
3 affected packages
sqlite, chromium-browser, sqlite3
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| sqlite | Not in release | Needs evaluation | Needs evaluation | Needs evaluation |
| chromium-browser | Fixed | Fixed | Fixed | Fixed |
| sqlite3 | Not affected | Not affected | Not affected | Fixed |
Some fixes available 19 of 31
Uninitialized data in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
3 affected packages
chromium-browser, sqlite, sqlite3
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| chromium-browser | Fixed | Fixed | Fixed | Fixed |
| sqlite | Not in release | Needs evaluation | Needs evaluation | Needs evaluation |
| sqlite3 | Not affected | Not affected | Not affected | Fixed |
Some fixes available 19 of 31
Insufficient data validation in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to bypass defense-in-depth measures via a crafted HTML page.
3 affected packages
chromium-browser, sqlite3, sqlite
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| chromium-browser | Fixed | Fixed | Fixed | Fixed |
| sqlite3 | Not affected | Not affected | Not affected | Fixed |
| sqlite | Not in release | Needs evaluation | Needs evaluation | Needs evaluation |
Some fixes available 19 of 31
Out of bounds write in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
3 affected packages
chromium-browser, sqlite, sqlite3
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| chromium-browser | Fixed | Fixed | Fixed | Fixed |
| sqlite | Not in release | Needs evaluation | Needs evaluation | Needs evaluation |
| sqlite3 | Not affected | Not affected | Not affected | Fixed |
pragma.c in SQLite through 3.30.1 mishandles NOT NULL in an integrity_check PRAGMA command in certain cases of generated columns.
2 affected packages
sqlite, sqlite3
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| sqlite | — | — | — | Not affected |
| sqlite3 | — | — | — | Not affected |
Some fixes available 1 of 5
SQLite 3.30.1 mishandles certain SELECT statements with a nonexistent VIEW, leading to an application crash.
2 affected packages
sqlite, sqlite3
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| sqlite | — | — | Not affected | Not affected |
| sqlite3 | — | — | Not affected | Ignored |
Some fixes available 1 of 5
alter.c in SQLite through 3.30.1 allows attackers to trigger infinite recursion via certain types of self-referential views in conjunction with ALTER TABLE statements.
2 affected packages
sqlite3, sqlite
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| sqlite3 | — | — | Not affected | Ignored |
| sqlite | — | — | Not affected | Not affected |
lookupName in resolve.c in SQLite 3.30.1 omits bits from the colUsed bitmask in the case of a generated column, which allows attackers to cause a denial of service or possibly have unspecified other impact.
1 affected package
sqlite3
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| sqlite3 | — | — | — | Not affected |