Sinec Infrastructure Network Services

DATE	CVE	VULNERABILITY TITLE	RISK
2020-06-06	CVE-2020-13871	Use After Free vulnerability in multiple products SQLite 3.32.2 has a use-after-free in resetAccumulator in select.c because the parse tree rewrite for window functions is too late. network low complexity sqlite fedoraproject debian oracle siemens netapp CWE-416	7.5
2020-05-27	CVE-2020-13632	NULL Pointer Dereference vulnerability in multiple products ext/fts3/fts3_snippet.c in SQLite before 3.32.0 has a NULL pointer dereference via a crafted matchinfo() query. local low complexity sqlite fedoraproject canonical netapp brocade debian siemens oracle CWE-476	5.5
2020-05-27	CVE-2020-13631	SQLite before 3.32.0 allows a virtual table to be renamed to the name of one of its shadow tables, related to alter.c and build.c. local low complexity sqlite fedoraproject canonical netapp brocade siemens apple oracle	5.5
2020-05-27	CVE-2020-13630	Use After Free vulnerability in multiple products ext/fts3/fts3.c in SQLite before 3.32.0 has a use-after-free in fts3EvalNextRow, related to the snippet feature. local high complexity sqlite fedoraproject canonical netapp brocade debian siemens apple oracle CWE-416	7.0
2020-04-09	CVE-2020-11656	Use After Free vulnerability in multiple products In SQLite through 3.31.1, the ALTER TABLE implementation has a use-after-free, as demonstrated by an ORDER BY clause that belongs to a compound SELECT statement. network low complexity sqlite netapp oracle siemens tenable CWE-416 critical	9.8
2020-04-09	CVE-2020-11655	Improper Initialization vulnerability in multiple products SQLite through 3.31.1 allows attackers to cause a denial of service (segmentation fault) via a malformed window-function query because the AggInfo object's initialization is mishandled. network low complexity sqlite netapp debian canonical oracle siemens tenable CWE-665	7.5
2020-02-21	CVE-2020-9327	NULL Pointer Dereference vulnerability in multiple products In SQLite 3.31.1, isAuxiliaryVtabOperator allows attackers to trigger a NULL pointer dereference and segmentation fault because of generated column optimizations. network low complexity sqlite netapp canonical siemens oracle CWE-476	7.5
2019-12-24	CVE-2019-19925	Unrestricted Upload of File with Dangerous Type vulnerability in multiple products zipfileUpdate in ext/misc/zipfile.c in SQLite 3.30.1 mishandles a NULL pathname during an update of a ZIP archive. network low complexity sqlite siemens oracle debian redhat suse opensuse netapp CWE-434	7.5
2019-12-24	CVE-2019-19924	Improper Handling of Exceptional Conditions vulnerability in multiple products SQLite 3.30.1 mishandles certain parser-tree rewriting, related to expr.c, vdbeaux.c, and window.c. network low complexity sqlite siemens apache oracle netapp CWE-755	5.3
2019-12-24	CVE-2019-19923	NULL Pointer Dereference vulnerability in multiple products flattenSubquery in select.c in SQLite 3.30.1 mishandles certain uses of SELECT DISTINCT involving a LEFT JOIN in which the right-hand side is a view. network low complexity sqlite siemens oracle debian redhat suse opensuse netapp CWE-476	7.5