| Max CVSS | 6.8 | Min CVSS | 2.1 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2019-20218 | 5.0 |
selectExpander in select.c in SQLite 3.30.1 proceeds with WITH stack unwinding even after a parsing error.
|
07-10-2022 - 17:56 | 02-01-2020 - 14:16 | |
| CVE-2019-5018 | 6.8 |
An exploitable use after free vulnerability exists in the window function functionality of Sqlite3 3.26.0. A specially crafted SQL command can cause a use after free vulnerability, potentially resulting in remote code execution. An attacker can send
|
13-06-2022 - 18:42 | 10-05-2019 - 19:29 | |
| CVE-2020-13631 | 2.1 |
SQLite before 3.32.0 allows a virtual table to be renamed to the name of one of its shadow tables, related to alter.c and build.c.
|
13-05-2022 - 20:56 | 27-05-2020 - 15:15 | |
| CVE-2020-13632 | 2.1 |
ext/fts3/fts3_snippet.c in SQLite before 3.32.0 has a NULL pointer dereference via a crafted matchinfo() query.
|
13-05-2022 - 20:56 | 27-05-2020 - 15:15 | |
| CVE-2020-13630 | 4.4 |
ext/fts3/fts3.c in SQLite before 3.32.0 has a use-after-free in fts3EvalNextRow, related to the snippet feature.
|
13-05-2022 - 20:56 | 27-05-2020 - 15:15 | |
| CVE-2020-9327 | 5.0 |
In SQLite 3.31.1, isAuxiliaryVtabOperator allows attackers to trigger a NULL pointer dereference and segmentation fault because of generated column optimizations.
|
08-04-2022 - 10:33 | 21-02-2020 - 22:15 | |
| CVE-2019-16168 | 4.3 |
In SQLite through 3.29.0, whereLoopAddBtreeIndex in sqlite3.c can crash a browser or other application because of missing validation of a sqlite_stat1 sz field, aka a "severe division by zero in the query planner."
|
31-07-2021 - 08:15 | 09-09-2019 - 17:15 | |
| CVE-2020-6405 | 4.3 |
Out of bounds read in SQLite in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
|
17-02-2020 - 12:15 | 11-02-2020 - 15:15 |