Sqlite

Sqlite

68 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 6.25%
  • Veröffentlicht 22.03.2019 08:29:00
  • Zuletzt bearbeitet 21.11.2024 04:52:37

In SQLite 3.27.2, interleaving reads and writes in a single transaction with an fts5 virtual table will lead to a NULL Pointer Dereference in fts5ChunkIterate in sqlite3.c. This is related to ext/fts5/fts5_hash.c and ext/fts5/fts5_index.c.

Exploit
  • EPSS 9.68%
  • Veröffentlicht 21.12.2018 21:29:00
  • Zuletzt bearbeitet 21.11.2024 04:01:17

SQLite before 3.25.3, when the FTS3 extension is enabled, encounters an integer overflow (and resultant buffer overflow) for FTS3 queries that occur after crafted changes to FTS3 shadow tables, allowing remote attackers to execute arbitrary code by l...

  • EPSS 8.19%
  • Veröffentlicht 17.03.2018 00:29:00
  • Zuletzt bearbeitet 21.11.2024 04:14:14

In SQLite through 3.22.0, databases whose schema is corrupted using a CREATE TABLE AS statement could cause a NULL pointer dereference, related to build.c and prepare.c.

Exploit
  • EPSS 2.9%
  • Veröffentlicht 12.10.2017 08:29:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

SQLite 3.20.1 has a NULL pointer dereference in tableColumnList in shell.c because it fails to consider certain cases where `sqlite3_step(pStmt)==SQLITE_ROW` is false and a data structure is never initialized.

  • EPSS 1.83%
  • Veröffentlicht 29.08.2017 06:29:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

The dump_callback function in SQLite 3.20.0 allows remote attackers to cause a denial of service (EXC_BAD_ACCESS and application crash) via a crafted file.

  • EPSS 8.61%
  • Veröffentlicht 07.07.2017 12:29:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

The getNodeSize function in ext/rtree/rtree.c in SQLite through 3.19.3, as used in GDAL and other products, mishandles undersized RTree blobs in a crafted database, leading to a heap-based buffer over-read or possibly unspecified other impact.

  • EPSS 0.48%
  • Veröffentlicht 26.09.2016 16:59:03
  • Zuletzt bearbeitet 06.05.2026 22:30:45

os_unix.c in SQLite before 3.13.0 improperly implements the temporary directory search algorithm, which might allow local users to obtain sensitive information, cause a denial of service (application crash), or have unspecified other impact by levera...

  • EPSS 1.55%
  • Veröffentlicht 06.10.2015 17:59:25
  • Zuletzt bearbeitet 06.05.2026 22:30:45

SQLite before 3.8.9, as used in Android before 5.1.1 LMY48T, allows attackers to gain privileges via a crafted application, aka internal bug 20099586.

  • EPSS 8.96%
  • Veröffentlicht 18.09.2015 12:00:24
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Multiple unspecified vulnerabilities in SQLite before 3.8.10.2, as used in Apple iOS before 9, have unknown impact and attack vectors.

Exploit
  • EPSS 3.18%
  • Veröffentlicht 12.08.2015 14:59:00
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Buffer overflow in the skip-scan optimization in SQLite 3.8.2 allows remote attackers to cause a denial of service (crash) via crafted SQL statements.