Your submission was sent successfully! Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports

Toggle filters

31 – 40 of 78 results

CVE-2019-19959

Medium priority

Some fixes available 2 of 3

ext/misc/zipfile.c in SQLite 3.30.1 mishandles certain uses of INSERT INTO in situations involving embedded '\0' characters in filenames, leading to a memory-management error that can be detected by (for example) valgrind.

1 affected packages

sqlite3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
sqlite3 Fixed Not affected
Show less packages

CVE-2019-20218

Low priority

Some fixes available 3 of 4

selectExpander in select.c in SQLite 3.30.1 proceeds with WITH stack unwinding even after a parsing error.

1 affected packages

sqlite3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
sqlite3 Not affected Not affected Not affected Fixed Fixed
Show less packages

CVE-2019-19925

Medium priority

Some fixes available 2 of 3

zipfileUpdate in ext/misc/zipfile.c in SQLite 3.30.1 mishandles a NULL pathname during an update of a ZIP archive.

1 affected packages

sqlite3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
sqlite3 Fixed Not affected
Show less packages

CVE-2019-19924

Medium priority

Some fixes available 1 of 2

SQLite 3.30.1 mishandles certain parser-tree rewriting, related to expr.c, vdbeaux.c, and window.c. This is caused by incorrect sqlite3WindowRewrite() error handling.

1 affected packages

sqlite3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
sqlite3 Not affected Not affected
Show less packages

CVE-2019-19923

Medium priority

Some fixes available 2 of 3

flattenSubquery in select.c in SQLite 3.30.1 mishandles certain uses of SELECT DISTINCT involving a LEFT JOIN in which the right-hand side is a view. This can cause a NULL pointer dereference (or incorrect results).

1 affected packages

sqlite3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
sqlite3 Fixed Not affected
Show less packages

CVE-2019-19926

Medium priority

Some fixes available 4 of 5

multiSelect in select.c in SQLite 3.30.1 mishandles certain errors during parsing, as demonstrated by errors from sqlite3WindowRewrite() calls. NOTE: this vulnerability exists because of an incomplete fix for CVE-2019-19880.

1 affected packages

sqlite3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
sqlite3 Not affected Fixed Fixed
Show less packages

CVE-2019-19880

Medium priority

Some fixes available 1 of 2

exprListAppendList in window.c in SQLite 3.30.1 allows attackers to trigger an invalid pointer dereference because constant integer values in ORDER BY clauses of window definitions are mishandled.

1 affected packages

sqlite3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
sqlite3 Not affected Not affected
Show less packages

CVE-2019-13753

Medium priority

Some fixes available 17 of 29

Out of bounds read in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.

3 affected packages

chromium-browser, sqlite, sqlite3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
chromium-browser Fixed Fixed Fixed Fixed Fixed
sqlite Not in release Needs evaluation Needs evaluation Needs evaluation Needs evaluation
sqlite3 Not affected Not affected Not affected Fixed Fixed
Show less packages

CVE-2019-13752

Medium priority

Some fixes available 17 of 29

Out of bounds read in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.

3 affected packages

chromium-browser, sqlite, sqlite3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
chromium-browser Fixed Fixed Fixed Fixed Fixed
sqlite Not in release Needs evaluation Needs evaluation Needs evaluation Needs evaluation
sqlite3 Not affected Not affected Not affected Fixed Fixed
Show less packages

CVE-2019-13751

Medium priority

Some fixes available 17 of 29

Uninitialized data in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.

3 affected packages

chromium-browser, sqlite, sqlite3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
chromium-browser Fixed Fixed Fixed Fixed Fixed
sqlite Not in release Needs evaluation Needs evaluation Needs evaluation Needs evaluation
sqlite3 Not affected Not affected Not affected Fixed Fixed
Show less packages
  1. Previous page
  2. 2
  3. 3
  4. 4
  5. 5
  6. 6
  7. Next page
Export to JSON