Sqlite

Sqlite

64 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.5

CVE-2017-13685

  • EPSS 0.4%
  • Veröffentlicht 29.08.2017 06:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

The dump_callback function in SQLite 3.20.0 allows remote attackers to cause a denial of service (EXC_BAD_ACCESS and application crash) via a crafted file.

9.8

CVE-2017-10989

  • EPSS 12.48%
  • Veröffentlicht 07.07.2017 12:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

The getNodeSize function in ext/rtree/rtree.c in SQLite through 3.19.3, as used in GDAL and other products, mishandles undersized RTree blobs in a crafted database, leading to a heap-based buffer over-read or possibly unspecified other impact.

5.9

CVE-2016-6153

  • EPSS 0.03%
  • Veröffentlicht 26.09.2016 16:59:03
  • Zuletzt bearbeitet 12.04.2025 10:46:40

os_unix.c in SQLite before 3.13.0 improperly implements the temporary directory search algorithm, which might allow local users to obtain sensitive information, cause a denial of service (application crash), or have unspecified other impact by levera...

6.8

CVE-2015-6607

  • EPSS 0.4%
  • Veröffentlicht 06.10.2015 17:59:25
  • Zuletzt bearbeitet 12.04.2025 10:46:40

SQLite before 3.8.9, as used in Android before 5.1.1 LMY48T, allows attackers to gain privileges via a crafted application, aka internal bug 20099586.

10

CVE-2015-5895

  • EPSS 19.37%
  • Veröffentlicht 18.09.2015 12:00:24
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Multiple unspecified vulnerabilities in SQLite before 3.8.10.2, as used in Apple iOS before 9, have unknown impact and attack vectors.

5

CVE-2013-7443

Exploit
  • EPSS 1.27%
  • Veröffentlicht 12.08.2015 14:59:00
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Buffer overflow in the skip-scan optimization in SQLite 3.8.2 allows remote attackers to cause a denial of service (crash) via crafted SQL statements.

7.5

CVE-2015-3717

  • EPSS 1.86%
  • Veröffentlicht 03.07.2015 02:00:08
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Multiple buffer overflows in the printf functionality in SQLite, as used in Apple iOS before 8.4 and OS X before 10.10.4, allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors.

7.5

CVE-2015-3416

  • EPSS 7.53%
  • Veröffentlicht 24.04.2015 17:59:02
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The sqlite3VXPrintf function in printf.c in SQLite before 3.8.9 does not properly handle precision and width values during floating-point conversions, which allows context-dependent attackers to cause a denial of service (integer overflow and stack-b...

7.5

CVE-2015-3415

  • EPSS 5.65%
  • Veröffentlicht 24.04.2015 17:59:01
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The sqlite3VdbeExec function in vdbe.c in SQLite before 3.8.9 does not properly implement comparison operators, which allows context-dependent attackers to cause a denial of service (invalid free operation) or possibly have unspecified other impact v...

7.5

CVE-2015-3414

  • EPSS 5.65%
  • Veröffentlicht 24.04.2015 17:59:00
  • Zuletzt bearbeitet 12.04.2025 10:46:40

SQLite before 3.8.9 does not properly implement the dequoting of collation-sequence names, which allows context-dependent attackers to cause a denial of service (uninitialized memory access and application crash) or possibly have unspecified other im...