Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sqlite sqlite vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv3
CVE-2021-45346
A Memory Leak vulnerability exists in SQLite Project SQLite3 3.35.1 and 3.37.0 via maliciously crafted SQL Queries (made via editing the Database File), it is possible to query a record, and leak subsequent bytes of memory that extend beyond the record, which could let a maliciou...
Sqlite Sqlite 3.35.1
Sqlite Sqlite 3.37.0
Netapp Ontap Select Deploy Administration Utility -
1 Github repository
NA
CVE-2015-5895
Multiple unspecified vulnerabilities in SQLite prior to 3.8.10.2, as used in Apple iOS prior to 9, have unknown impact and attack vectors.
Sqlite Sqlite
1 EDB exploit
7.3
CVSSv3
CVE-2022-46908
SQLite up to and including 3.40.0, when relying on --safe for execution of an untrusted CLI script, does not properly implement the azProhibitedFunctions protection mechanism, and instead allows UDF functions such as WRITEFILE.
Sqlite Sqlite
NA
CVE-2015-6607
SQLite prior to 3.8.9, as used in Android prior to 5.1.1 LMY48T, allows malicious users to gain privileges via a crafted application, aka internal bug 20099586.
Sqlite Sqlite
9.8
CVSSv3
CVE-2017-10989
The getNodeSize function in ext/rtree/rtree.c in SQLite up to and including 3.19.3, as used in GDAL and other products, mishandles undersized RTree blobs in a crafted database, leading to a heap-based buffer over-read or possibly unspecified other impact.
Sqlite Sqlite
5.5
CVSSv3
CVE-2017-13685
The dump_callback function in SQLite 3.20.0 allows remote malicious users to cause a denial of service (EXC_BAD_ACCESS and application crash) via a crafted file.
Sqlite Sqlite 3.20.0
7.5
CVSSv3
CVE-2020-35525
In SQlite 3.31.1, a potential null pointer derreference was found in the INTERSEC query processing.
Sqlite Sqlite 3.31.1
7.5
CVSSv3
CVE-2019-9936
In SQLite 3.27.2, running fts5 prefix queries inside a transaction could trigger a heap-based buffer over-read in fts5HashEntrySort in sqlite3.c, which may lead to an information leak. This is related to ext/fts5/fts5_hash.c.
Sqlite Sqlite 3.27.2
7.5
CVSSv3
CVE-2017-15286
SQLite 3.20.1 has a NULL pointer dereference in tableColumnList in shell.c because it fails to consider certain cases where `sqlite3_step(pStmt)==SQLITE_ROW` is false and a data structure is never initialized.
Sqlite Sqlite 3.20.1
7.5
CVSSv3
CVE-2021-31239
An issue found in SQLite SQLite3 v.3.35.4 that allows a remote malicious user to cause a denial of service via the appendvfs.c function.
Sqlite Sqlite 3.35.4
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »