Search CVE reports

Toggle filters

41 – 50 of 84 results

CVE-2019-19924

Medium priority

Some fixes available 1 of 2

SQLite 3.30.1 mishandles certain parser-tree rewriting, related to expr.c, vdbeaux.c, and window.c. This is caused by incorrect sqlite3WindowRewrite() error handling.

1 affected package

sqlite3

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
sqlite3 Not affected
Show less packages

CVE-2019-19923

Medium priority

Some fixes available 2 of 3

flattenSubquery in select.c in SQLite 3.30.1 mishandles certain uses of SELECT DISTINCT involving a LEFT JOIN in which the right-hand side is a view. This can cause a NULL pointer dereference (or incorrect results).

1 affected package

sqlite3

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
sqlite3 Fixed
Show less packages

CVE-2019-19926

Medium priority

Some fixes available 4 of 5

multiSelect in select.c in SQLite 3.30.1 mishandles certain errors during parsing, as demonstrated by errors from sqlite3WindowRewrite() calls. NOTE: this vulnerability exists because of an incomplete fix for CVE-2019-19880.

1 affected package

sqlite3

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
sqlite3 Not affected Fixed
Show less packages

CVE-2019-19880

Medium priority

Some fixes available 1 of 2

exprListAppendList in window.c in SQLite 3.30.1 allows attackers to trigger an invalid pointer dereference because constant integer values in ORDER BY clauses of window definitions are mishandled.

1 affected package

sqlite3

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
sqlite3 Not affected
Show less packages

CVE-2019-13753

Medium priority

Some fixes available 21 of 29

Out of bounds read in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.

3 affected packages

sqlite, sqlite3, chromium-browser

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
sqlite Not in release Not in release Needs evaluation Ignored Ignored
sqlite3 Not affected Not affected Not affected Not affected Fixed
chromium-browser Fixed Fixed Fixed Fixed Fixed
Show less packages

CVE-2019-13752

Medium priority

Some fixes available 21 of 29

Out of bounds read in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.

3 affected packages

sqlite, chromium-browser, sqlite3

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
sqlite Not in release Not in release Needs evaluation Ignored Ignored
chromium-browser Fixed Fixed Fixed Fixed Fixed
sqlite3 Not affected Not affected Not affected Not affected Fixed
Show less packages

CVE-2019-13751

Medium priority

Some fixes available 21 of 29

Uninitialized data in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.

3 affected packages

chromium-browser, sqlite, sqlite3

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
chromium-browser Fixed Fixed Fixed Fixed Fixed
sqlite Not in release Not in release Needs evaluation Ignored Ignored
sqlite3 Not affected Not affected Not affected Not affected Fixed
Show less packages

CVE-2019-13750

Medium priority

Some fixes available 21 of 29

Insufficient data validation in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to bypass defense-in-depth measures via a crafted HTML page.

3 affected packages

chromium-browser, sqlite3, sqlite

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
chromium-browser Fixed Fixed Fixed Fixed Fixed
sqlite3 Not affected Not affected Not affected Not affected Fixed
sqlite Not in release Not in release Needs evaluation Ignored Ignored
Show less packages

CVE-2019-13734

Medium priority

Some fixes available 21 of 29

Out of bounds write in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

3 affected packages

chromium-browser, sqlite, sqlite3

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
chromium-browser Fixed Fixed Fixed Fixed Fixed
sqlite Not in release Not in release Needs evaluation Ignored Ignored
sqlite3 Not affected Not affected Not affected Not affected Fixed
Show less packages

CVE-2019-19646

Medium priority
Ignored

pragma.c in SQLite through 3.30.1 mishandles NOT NULL in an integrity_check PRAGMA command in certain cases of generated columns.

2 affected packages

sqlite, sqlite3

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
sqlite Not affected
sqlite3 Not affected
Show less packages
  1. Previous page
  2. 3
  3. 4
  4. 5
  5. 6
  6. 7
  7. Next page
Export to JSON