Sqlite

Sqlite

68 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 0.11%
  • Veröffentlicht 08.07.2026 00:00:00
  • Zuletzt bearbeitet 08.07.2026 20:16:52

An issue in SQLite before Fossil check-in 869a51ae84df allows a local attacker to obtain sensitive information via the Session Extension changeset concat/changegroup merge path

  • EPSS 0.11%
  • Veröffentlicht 08.07.2026 00:00:00
  • Zuletzt bearbeitet 08.07.2026 20:16:51

A NULL pointer dereference in the SQLite Session Extension in SQLite 3.53.1 and SQLite trunk builds before check-in e807d4e3798efd53 allows an attacker who can supply a malformed changeset blob to cause a denial of service. The issue occurs when sqli...

  • EPSS 0.18%
  • Veröffentlicht 09.06.2026 19:21:42
  • Zuletzt bearbeitet 11.06.2026 17:12:11

SQLite before 3.53.2 contains a heap-based buffer overflow vulnerability in the FTS5 full-text search extension that allows attackers to cause a crash or execute arbitrary code by supplying a crafted database with malicious continuation page metadata...

  • EPSS 0.18%
  • Veröffentlicht 09.06.2026 19:08:31
  • Zuletzt bearbeitet 11.06.2026 17:12:47

SQLite before 3.53.2 contains memory corruption vulnerabilities in the FTS5 full-text search extension that allow attackers to cause process crashes, memory exhaustion, or arbitrary code execution by supplying a crafted database with malformed FTS5 p...

Exploit
  • EPSS 0.3%
  • Veröffentlicht 12.03.2026 00:00:00
  • Zuletzt bearbeitet 16.04.2026 21:15:47

An information disclosure issue in the zipfileInflate function in the zipfile extension in SQLite v3.51.1 and earlier allows attackers to obtain heap memory via supplying a crafted ZIP file.

Exploit
  • EPSS 0.71%
  • Veröffentlicht 08.09.2025 00:00:00
  • Zuletzt bearbeitet 12.09.2025 20:57:24

rsbi-os 4.7 is vulnerable to Remote Code Execution (RCE) in sqlite-jdbc.

  • EPSS 0.23%
  • Veröffentlicht 29.07.2025 12:43:19
  • Zuletzt bearbeitet 11.08.2025 19:11:30

An integer overflow in the sqlite3KeyInfoFromExprList function in SQLite versions 3.39.2 through 3.41.1 allows an attacker with the ability to execute arbitrary SQL statements to cause a denial of service or disclose sensitive information from proces...

Medienbericht
  • EPSS 73.5%
  • Veröffentlicht 15.07.2025 13:44:00
  • Zuletzt bearbeitet 26.06.2026 16:36:04

There exists a vulnerability in SQLite versions before 3.50.2 where the number of aggregate terms could exceed the number of columns available. This could lead to a memory corruption issue. We recommend upgrading to version 3.50.2 or above.

  • EPSS 0.72%
  • Veröffentlicht 14.04.2025 16:50:48
  • Zuletzt bearbeitet 18.08.2025 21:28:16

An integer overflow can be triggered in SQLite’s `concat_ws()` function. The resulting, truncated integer is then used to allocate a buffer. When SQLite then writes the resulting string to the buffer, it uses the original, untruncated size and thus a...

  • EPSS 0.18%
  • Veröffentlicht 10.04.2025 14:15:27
  • Zuletzt bearbeitet 30.09.2025 16:59:27

In SQLite 3.49.0 before 3.49.1, certain argument values to sqlite3_db_config (in the C-language API) can cause a denial of service (application crash). An sz*nBig multiplication is not cast to a 64-bit integer, and consequently some memory allocation...