Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sqlite sqlite vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2008-6593
SQL injection vulnerability in LightNEasy/lightneasy.php in LightNEasy SQLite 1.2.2 and previous versions allows remote malicious users to inject arbitrary PHP code into comments.dat via the dlid parameter to index.php.
Lightneasy Lightneasy 1.2.2
Sqlite Sqlite 1.2.2
1 EDB exploit
5
CVSSv2
CVE-2018-8740
In SQLite up to and including 3.22.0, databases whose schema is corrupted using a CREATE TABLE AS statement could cause a NULL pointer dereference, related to build.c and prepare.c.
Sqlite Sqlite
Debian Debian Linux 8.0
5 Github repositories
NA
CVE-2023-7104
A vulnerability was found in SQLite SQLite3 up to 3.43.0 and classified as critical. This issue affects the function sessionReadRecord of the file ext/session/sqlite3session.c of the component make alltest Handler. The manipulation leads to heap-based buffer overflow. It is recom...
Sqlite Sqlite
Fedoraproject Fedora 38
Fedoraproject Fedora 39
7.5
CVSSv2
CVE-2015-3717
Multiple buffer overflows in the printf functionality in SQLite, as used in Apple iOS prior to 8.4 and OS X prior to 10.10.4, allow remote malicious users to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors.
Sqlite Sqlite
Apple Mac Os X
Apple Iphone Os
NA
CVE-2020-35527
In SQLite 3.31.1, there is an out of bounds access problem through ALTER TABLE for views that have a nested FROM clause.
Sqlite Sqlite 3.31.1
Netapp Ontap Select Deploy Administration Utility -
5
CVSSv2
CVE-2013-7443
Buffer overflow in the skip-scan optimization in SQLite 3.8.2 allows remote malicious users to cause a denial of service (crash) via crafted SQL statements.
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 15.04
Canonical Ubuntu Linux 12.04
Sqlite Sqlite 3.8.2
5
CVSSv2
CVE-2019-19959
ext/misc/zipfile.c in SQLite 3.30.1 mishandles certain uses of INSERT INTO in situations involving embedded '\0' characters in filenames, leading to a memory-management error that can be detected by (for example) valgrind.
Sqlite Sqlite 3.30.1
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.10
NA
CVE-2022-35737
SQLite 1.0.12 up to and including 3.39.x prior to 3.39.2 sometimes allows an array-bounds overflow if billions of bytes are used in a string argument to a C API.
Sqlite Sqlite
Netapp Ontap Select Deploy Administration Utility -
Splunk Universal Forwarder 9.1.0
Splunk Universal Forwarder
1 Github repository
1 Article
5
CVSSv2
CVE-2018-20505
SQLite 3.25.2, when queries are run on a table with a malformed PRIMARY KEY, allows remote malicious users to cause a denial of service (application crash) by leveraging the ability to run arbitrary SQL statements (such as in certain WebSQL use cases).
Sqlite Sqlite
Apple Mac Os X
Apple Iphone Os
Apple Watchos
Apple Icloud
Apple Itunes
1 Github repository
5
CVSSv2
CVE-2019-19924
SQLite 3.30.1 mishandles certain parser-tree rewriting, related to expr.c, vdbeaux.c, and window.c. This is caused by incorrect sqlite3WindowRewrite() error handling.
Sqlite Sqlite 3.30.1
Siemens Sinec Infrastructure Network Services
Apache Bookkeeper 4.12.1
Oracle Mysql Workbench
Netapp Cloud Backup -
1 Github repository
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-22120
CVE-2024-35921
CVE-2024-35874
brute force
CVE-2024-36080
unprivileged
CVE-2024-35917
IDOR
CVE-2024-4947
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »