Search CVE reports


Toggle filters

21 – 30 of 81 results


CVE-2020-9794

Medium priority
Vulnerable

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud...

2 affected packages

sqlite, sqlite3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
sqlite Not in release Not affected Not affected Not affected
sqlite3 Not affected Not affected Not affected Not affected
Show less packages

CVE-2020-9327

Medium priority
Fixed

In SQLite 3.31.1, isAuxiliaryVtabOperator allows attackers to trigger a NULL pointer dereference and segmentation fault because of generated column optimizations.

1 affected package

sqlite3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
sqlite3 Fixed
Show less packages

CVE-2020-35527

Medium priority

Some fixes available 1 of 4

In SQLite 3.31.1, there is an out of bounds access problem through ALTER TABLE for views that have a nested FROM clause.

2 affected packages

sqlite, sqlite3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
sqlite Not affected Not affected Not affected
sqlite3 Not affected Fixed Ignored
Show less packages

CVE-2020-35525

Medium priority

Some fixes available 4 of 5

In SQlite 3.31.1, a potential null pointer derreference was found in the INTERSEC query processing.

2 affected packages

sqlite, sqlite3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
sqlite Not in release Not affected Not affected Not affected
sqlite3 Not affected Not affected Fixed Fixed
Show less packages

CVE-2020-24736

Medium priority
Needs evaluation

Buffer Overflow vulnerability found in SQLite3 v.3.27.1 and before allows a local attacker to cause a denial of service via a crafted script.

2 affected packages

sqlite, sqlite3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
sqlite Not in release Needs evaluation Needs evaluation Needs evaluation
sqlite3 Not affected Not affected Not affected Not affected
Show less packages

CVE-2020-15358

Medium priority

Some fixes available 1 of 2

In SQLite before 3.32.3, select.c mishandles query-flattener optimization, leading to a multiSelectOrderBy heap overflow because of misuse of transitive properties for constant propagation.

2 affected packages

sqlite, sqlite3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
sqlite Not affected Not affected
sqlite3 Fixed Not affected
Show less packages

CVE-2020-13871

Medium priority
Not affected

SQLite 3.32.2 has a use-after-free in resetAccumulator in select.c because the parse tree rewrite for window functions is too late.

2 affected packages

sqlite, sqlite3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
sqlite Not affected Not affected
sqlite3 Not affected Not affected
Show less packages

CVE-2020-13632

Medium priority
Fixed

ext/fts3/fts3_snippet.c in SQLite before 3.32.0 has a NULL pointer dereference via a crafted matchinfo() query.

2 affected packages

sqlite3, sqlite

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
sqlite3 Fixed Fixed
sqlite Not affected Not affected
Show less packages

CVE-2020-13631

Low priority

Some fixes available 2 of 10

SQLite before 3.32.0 allows a virtual table to be renamed to the name of one of its shadow tables, related to alter.c and build.c.

2 affected packages

sqlite, sqlite3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
sqlite Ignored Ignored
sqlite3 Fixed Ignored
Show less packages

CVE-2020-13630

Medium priority
Fixed

ext/fts3/fts3.c in SQLite before 3.32.0 has a use-after-free in fts3EvalNextRow, related to the snippet feature.

2 affected packages

sqlite3, sqlite

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
sqlite3 Fixed Fixed
sqlite Not affected Not affected
Show less packages