Published: 27/06/2020 Updated: 12/05/2022

CVSS v2 Base Score: 2.1 | Impact Score: 2.9 | Exploitability Score: 3.9

CVSS v3 Base Score: 5.5 | Impact Score: 3.6 | Exploitability Score: 1.8

VMScore: 187

Vector: AV:L/AC:L/Au:N/C:N/I:N/A:P

In SQLite prior to 3.32.3, select.c mishandles query-flattener optimization, leading to a multiSelectOrderBy heap overflow because of misuse of transitive properties for constant propagation.

Vulnerable Product	Search on Vulmon	Subscribe to Product
sqlite sqlite
canonical ubuntu linux 20.04
apple iphone os
apple watchos
apple icloud
apple tvos
apple ipados
apple macos
oracle outside in technology 8.5.4
oracle outside in technology 8.5.5
oracle hyperion infrastructure technology 11.1.2.4
oracle enterprise manager ops center 12.4.0.0
oracle communications network charging and control 12.0.2
oracle mysql
oracle communications network charging and control 6.0.1
oracle communications messaging server 8.1
oracle communications cloud native core policy 1.14.0
siemens sinec infrastructure network services

Synopsis Moderate: OpenShift Container Platform 4103 security update Type/Severity Security Advisory: Moderate Topic Red Hat OpenShift Container Platform release 4103 is now available withupdates to packages and images that fix several bugs and add enhancementsRed Hat Product Security has rated this update as having a security impact of ...

Synopsis Important: Service Telemetry Framework 14 security update Type/Severity Security Advisory: Important Topic An update is now available for Service Telemetry Framework 14 for RHEL 8Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base score, which g ...

Hi, everyone! We've just released Chrome 86 (860424099) for Android: it'll become available on Google Play over the next few weeksThis release includes Security, stability and performance improvements You can see a full list of the changes in the Git log If you find a new issue, please let us know by filing a bugSecurity ...

Critical Infrastructure Sectors: Critical Manufacturing

Critical Infrastructure Sectors: Energy

Full Disclosure mailing list archives   By Date By Thread </form>    APPLE-SA-2020-12-14-4 Additional information for APPLE-SA-2020-11-13-1 macOS Big Sur 1101 <!--X-Subject-Header-End-- ...

Full Disclosure mailing list archives   By Date By Thread </form>    APPLE-SA-2020-11-13-6 Additional information for APPLE-SA-2020-09-16-4 watchOS 70  <!--X-H ...

Full Disclosure mailing list archives   By Date By Thread </form>    APPLE-SA-2020-11-13-3 Additional information for APPLE-SA-2020-09-16-1 iOS 140 and iPadOS 140 <!--X-Subject-Header-E ...

CWE-787 https://www.sqlite.org/src/info/10fa79d00f8091e5 https://www.sqlite.org/src/timeline?p=version-3.32.3&bt=version-3.32.2 https://www.sqlite.org/src/tktview?name=8f157e8010 https://security.netapp.com/advisory/ntap-20200709-0001/https://security.gentoo.org/glsa/202007-26 https://usn.ubuntu.com/4438-1/https://www.oracle.com/security-alerts/cpuoct2020.html https://support.apple.com/kb/HT211931 https://support.apple.com/kb/HT211844 https://support.apple.com/kb/HT211850 https://support.apple.com/kb/HT211843 https://support.apple.com/kb/HT211847 http://seclists.org/fulldisclosure/2020/Nov/19 http://seclists.org/fulldisclosure/2020/Nov/22 http://seclists.org/fulldisclosure/2020/Nov/20 http://seclists.org/fulldisclosure/2020/Dec/32 https://www.oracle.com/security-alerts/cpujan2021.html https://support.apple.com/kb/HT212147 http://seclists.org/fulldisclosure/2021/Feb/14 https://www.oracle.com/security-alerts/cpuApr2021.html https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf https://www.oracle.com/security-alerts/cpuapr2022.html https://nvd.nist.gov https://access.redhat.com/errata/RHSA-2022:0056 https://www.cisa.gov/uscert/ics/advisories/icsa-22-069-09 https://www.cisa.gov/news-events/ics-advisories/icsa-23-348-10

CVE-2020-15358

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

ICS Advisories

Mailing Lists

References

Vulmon Search

About

Products

Connect