Search CVE reports

Toggle filters

41 – 50 of 83 results

CVE-2019-19923

Medium priority

Some fixes available 2 of 3

flattenSubquery in select.c in SQLite 3.30.1 mishandles certain uses of SELECT DISTINCT involving a LEFT JOIN in which the right-hand side is a view. This can cause a NULL pointer dereference (or incorrect results).

1 affected package

sqlite3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
sqlite3 Fixed
Show less packages

CVE-2019-19926

Medium priority

Some fixes available 4 of 5

multiSelect in select.c in SQLite 3.30.1 mishandles certain errors during parsing, as demonstrated by errors from sqlite3WindowRewrite() calls. NOTE: this vulnerability exists because of an incomplete fix for CVE-2019-19880.

1 affected package

sqlite3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
sqlite3 Not affected Fixed
Show less packages

CVE-2019-19880

Medium priority

Some fixes available 1 of 2

exprListAppendList in window.c in SQLite 3.30.1 allows attackers to trigger an invalid pointer dereference because constant integer values in ORDER BY clauses of window definitions are mishandled.

1 affected package

sqlite3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
sqlite3 Not affected
Show less packages

CVE-2019-13753

Medium priority

Some fixes available 20 of 32

Out of bounds read in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.

3 affected packages

sqlite, sqlite3, chromium-browser

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
sqlite Not in release Needs evaluation Needs evaluation Needs evaluation
sqlite3 Not affected Not affected Not affected Fixed
chromium-browser Fixed Fixed Fixed Fixed
Show less packages

CVE-2019-13752

Medium priority

Some fixes available 20 of 32

Out of bounds read in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.

3 affected packages

sqlite, chromium-browser, sqlite3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
sqlite Not in release Needs evaluation Needs evaluation Needs evaluation
chromium-browser Fixed Fixed Fixed Fixed
sqlite3 Not affected Not affected Not affected Fixed
Show less packages

CVE-2019-13751

Medium priority

Some fixes available 20 of 32

Uninitialized data in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.

3 affected packages

chromium-browser, sqlite, sqlite3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
chromium-browser Fixed Fixed Fixed Fixed
sqlite Not in release Needs evaluation Needs evaluation Needs evaluation
sqlite3 Not affected Not affected Not affected Fixed
Show less packages

CVE-2019-13750

Medium priority

Some fixes available 20 of 32

Insufficient data validation in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to bypass defense-in-depth measures via a crafted HTML page.

3 affected packages

chromium-browser, sqlite3, sqlite

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
chromium-browser Fixed Fixed Fixed Fixed
sqlite3 Not affected Not affected Not affected Fixed
sqlite Not in release Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2019-13734

Medium priority

Some fixes available 20 of 32

Out of bounds write in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

3 affected packages

chromium-browser, sqlite, sqlite3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
chromium-browser Fixed Fixed Fixed Fixed
sqlite Not in release Needs evaluation Needs evaluation Needs evaluation
sqlite3 Not affected Not affected Not affected Fixed
Show less packages

CVE-2019-19646

Medium priority
Ignored

pragma.c in SQLite through 3.30.1 mishandles NOT NULL in an integrity_check PRAGMA command in certain cases of generated columns.

2 affected packages

sqlite, sqlite3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
sqlite Not affected
sqlite3 Not affected
Show less packages

CVE-2019-19603

Low priority

Some fixes available 1 of 5

SQLite 3.30.1 mishandles certain SELECT statements with a nonexistent VIEW, leading to an application crash.

2 affected packages

sqlite, sqlite3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
sqlite Not affected Not affected
sqlite3 Not affected Ignored
Show less packages
  1. Previous page
  2. 3
  3. 4
  4. 5
  5. 6
  6. 7
  7. Next page
Export to JSON