Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sqlite vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2021-20223
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
1 Article
7.5
CVSSv2
CVE-2015-7036
The fts3_tokenizer function in SQLite, as used in Apple iOS prior to 8.4 and OS X prior to 10.10.4, allows remote malicious users to execute arbitrary code or cause a denial of service (application crash) via a SQL command that triggers an API call with a crafted pointer value in...
Apple Mac Os X
Apple Iphone Os
1 Article
7.5
CVSSv2
CVE-2016-10554
sequelize is an Object-relational mapping, or a middleman to convert things from Postgres, MySQL, MariaDB, SQLite and Microsoft SQL Server into usable data for NodeJS. Before version 1.7.0-alpha3, sequelize defaulted SQLite to use MySQL backslash escaping, even though SQLite uses...
Sequelizejs Sequelize 1.7.0
Sequelizejs Sequelize
6.5
CVSSv2
CVE-2022-24854
Metabase is an open source business intelligence and analytics application. SQLite has an FDW-like feature called `ATTACH DATABASE`, which allows connecting multiple SQLite databases via the initial connection. If the attacker has SQL permissions to at least one SQLite database, ...
Metabase Metabase
4.3
CVSSv2
CVE-2019-13753
Out of bounds read in SQLite in Google Chrome before 79.0.3945.79 allowed a remote malicious user to obtain potentially sensitive information from process memory via a crafted HTML page.
Google Chrome
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux For Scientific Computing 6.0
Redhat Enterprise Linux Workstation 6.0
Redhat Enterprise Linux Desktop 6.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 16.04
4.3
CVSSv2
CVE-2019-13752
Out of bounds read in SQLite in Google Chrome before 79.0.3945.79 allowed a remote malicious user to obtain potentially sensitive information from process memory via a crafted HTML page.
Google Chrome
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux For Scientific Computing 6.0
Redhat Enterprise Linux Workstation 6.0
Redhat Enterprise Linux Desktop 6.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 16.04
5
CVSSv2
CVE-2018-6976
The VMware Content Locker for iOS before 4.14 contains a data protection vulnerability in the SQLite database. This vulnerability relates to unencrypted filenames and associated metadata in SQLite database for the Content Locker.
Vmware Workspace One
7.5
CVSSv2
CVE-2021-37832
A SQL injection vulnerability exists in version 3.0.2 of Hotel Druid when SQLite is being used as the application database. A malicious attacker can issue SQL commands to the SQLite database through the vulnerable idappartamenti parameter.
Digitaldruid Hoteldruid 3.0.2
2 Github repositories
6.8
CVSSv2
CVE-2021-30569
Use after free in sqlite in Google Chrome before 92.0.4515.107 allowed a remote malicious user to potentially exploit heap corruption via a crafted HTML page.
Google Chrome
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Fedoraproject Fedora 35
4.3
CVSSv2
CVE-2018-17197
A carefully crafted or corrupt sqlite file can cause an infinite loop in Apache Tika's SQLite3Parser in versions 1.8-1.19.1 of Apache Tika.
Apache Tika
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »