| Max CVSS | 6.8 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2018-8740 | 5.0 |
In SQLite through 3.22.0, databases whose schema is corrupted using a CREATE TABLE AS statement could cause a NULL pointer dereference, related to build.c and prepare.c.
|
22-05-2023 - 13:15 | 17-03-2018 - 00:29 | |
| CVE-2019-16168 | 4.3 |
In SQLite through 3.29.0, whereLoopAddBtreeIndex in sqlite3.c can crash a browser or other application because of missing validation of a sqlite_stat1 sz field, aka a "severe division by zero in the query planner."
|
23-03-2023 - 18:11 | 09-09-2019 - 17:15 | |
| CVE-2019-5827 | 6.8 |
Integer overflow in SQLite via WebSQL in Google Chrome prior to 74.0.3729.131 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
|
29-07-2022 - 17:26 | 27-06-2019 - 17:15 | |
| CVE-2019-5018 | 6.8 |
An exploitable use after free vulnerability exists in the window function functionality of Sqlite3 3.26.0. A specially crafted SQL command can cause a use after free vulnerability, potentially resulting in remote code execution. An attacker can send
|
13-06-2022 - 18:42 | 10-05-2019 - 19:29 | |
| CVE-2019-19242 | 4.3 |
SQLite 3.30.1 mishandles pExpr->y.pTab, as demonstrated by the TK_COLUMN case in sqlite3ExprCodeTarget in expr.c.
|
19-04-2022 - 15:36 | 27-11-2019 - 17:15 | |
| CVE-2019-19244 | 5.0 |
sqlite3Select in select.c in SQLite 3.30.1 allows a crash if a sub-select uses both DISTINCT and window functions, and also has certain ORDER BY usage.
|
15-04-2022 - 16:12 | 25-11-2019 - 20:15 |