Max CVSS 7.5 Min CVSS 2.1 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2020-15358 2.1
In SQLite before 3.32.3, select.c mishandles query-flattener optimization, leading to a multiSelectOrderBy heap overflow because of misuse of transitive properties for constant propagation.
22-09-2021 - 14:22 27-06-2020 - 12:15
CVE-2020-11656 7.5
In SQLite through 3.31.1, the ALTER TABLE implementation has a use-after-free, as demonstrated by an ORDER BY clause that belongs to a compound SELECT statement.
22-07-2021 - 18:15 09-04-2020 - 03:15
CVE-2020-11655 5.0
SQLite through 3.31.1 allows attackers to cause a denial of service (segmentation fault) via a malformed window-function query because the AggInfo object's initialization is mishandled.
22-07-2021 - 18:15 09-04-2020 - 03:15
CVE-2020-13631 2.1
SQLite before 3.32.0 allows a virtual table to be renamed to the name of one of its shadow tables, related to alter.c and build.c.
18-06-2021 - 15:15 27-05-2020 - 15:15
CVE-2020-13871 5.0
SQLite 3.32.2 has a use-after-free in resetAccumulator in select.c because the parse tree rewrite for window functions is too late.
14-06-2021 - 18:15 06-06-2020 - 16:15
CVE-2020-13434 2.1
SQLite through 3.32.0 has an integer overflow in sqlite3_str_vappendf in printf.c.
14-06-2021 - 18:15 24-05-2020 - 22:15
CVE-2020-13435 2.1
SQLite through 3.32.0 has a segmentation fault in sqlite3ExprCodeTarget in expr.c.
14-06-2021 - 18:15 24-05-2020 - 22:15
CVE-2020-13630 4.4
ext/fts3/fts3.c in SQLite before 3.32.0 has a use-after-free in fts3EvalNextRow, related to the snippet feature.
15-12-2020 - 20:15 27-05-2020 - 15:15
CVE-2019-20218 5.0
selectExpander in select.c in SQLite 3.30.1 proceeds with WITH stack unwinding even after a parsing error.
11-12-2020 - 00:15 02-01-2020 - 14:16
CVE-2020-13632 2.1
ext/fts3/fts3_snippet.c in SQLite before 3.32.0 has a NULL pointer dereference via a crafted matchinfo() query.
20-10-2020 - 22:15 27-05-2020 - 15:15
Back to Top Mark selected
Back to Top