Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sqlite vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv3
CVE-2021-45346
A Memory Leak vulnerability exists in SQLite Project SQLite3 3.35.1 and 3.37.0 via maliciously crafted SQL Queries (made via editing the Database File), it is possible to query a record, and leak subsequent bytes of memory that extend beyond the record, which could let a maliciou...
Sqlite Sqlite 3.35.1
Sqlite Sqlite 3.37.0
Netapp Ontap Select Deploy Administration Utility -
1 Github repository
NA
CVE-2015-5895
Multiple unspecified vulnerabilities in SQLite prior to 3.8.10.2, as used in Apple iOS prior to 9, have unknown impact and attack vectors.
Sqlite Sqlite
1 EDB exploit
NA
CVE-2015-6607
SQLite prior to 3.8.9, as used in Android prior to 5.1.1 LMY48T, allows malicious users to gain privileges via a crafted application, aka internal bug 20099586.
Sqlite Sqlite
9.8
CVSSv3
CVE-2017-10989
The getNodeSize function in ext/rtree/rtree.c in SQLite up to and including 3.19.3, as used in GDAL and other products, mishandles undersized RTree blobs in a crafted database, leading to a heap-based buffer over-read or possibly unspecified other impact.
Sqlite Sqlite
7.3
CVSSv3
CVE-2022-46908
SQLite up to and including 3.40.0, when relying on --safe for execution of an untrusted CLI script, does not properly implement the azProhibitedFunctions protection mechanism, and instead allows UDF functions such as WRITEFILE.
Sqlite Sqlite
7.5
CVSSv3
CVE-2020-35525
In SQlite 3.31.1, a potential null pointer derreference was found in the INTERSEC query processing.
Sqlite Sqlite 3.31.1
7.5
CVSSv3
CVE-2017-15286
SQLite 3.20.1 has a NULL pointer dereference in tableColumnList in shell.c because it fails to consider certain cases where `sqlite3_step(pStmt)==SQLITE_ROW` is false and a data structure is never initialized.
Sqlite Sqlite 3.20.1
7.5
CVSSv3
CVE-2021-31239
An issue found in SQLite SQLite3 v.3.35.4 that allows a remote malicious user to cause a denial of service via the appendvfs.c function.
Sqlite Sqlite 3.35.4
7.5
CVSSv3
CVE-2019-9936
In SQLite 3.27.2, running fts5 prefix queries inside a transaction could trigger a heap-based buffer over-read in fts5HashEntrySort in sqlite3.c, which may lead to an information leak. This is related to ext/fts5/fts5_hash.c.
Sqlite Sqlite 3.27.2
7.5
CVSSv3
CVE-2019-9937
In SQLite 3.27.2, interleaving reads and writes in a single transaction with an fts5 virtual table will lead to a NULL Pointer Dereference in fts5ChunkIterate in sqlite3.c. This is related to ext/fts5/fts5_hash.c and ext/fts5/fts5_index.c.
Sqlite Sqlite 3.27.2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »