Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2024-01-16	CVE-2024-0232	Use After Free vulnerability in multiple products A heap use-after-free issue has been identified in SQLite in the jsonParseAddNodeArray() function in sqlite3.c. local low complexity sqlite redhat fedoraproject CWE-416	5.5
2022-02-14	CVE-2021-45346	Memory Leak vulnerability in multiple products A Memory Leak vulnerability exists in SQLite Project SQLite3 3.35.1 and 3.37.0 via maliciously crafted SQL Queries (made via editing the Database File), it is possible to query a record, and leak subsequent bytes of memory that extend beyond the record, which could let a malicious user obtain sensitive information. network low complexity sqlite netapp CWE-401	4.3
2021-03-23	CVE-2021-20227	Use After Free vulnerability in multiple products A flaw was found in SQLite's SELECT query functionality (src/select.c). local low complexity sqlite oracle CWE-416	5.5
2020-05-27	CVE-2020-13632	NULL Pointer Dereference vulnerability in multiple products ext/fts3/fts3_snippet.c in SQLite before 3.32.0 has a NULL pointer dereference via a crafted matchinfo() query. local low complexity sqlite fedoraproject canonical netapp brocade debian siemens oracle CWE-476	5.5
2020-05-27	CVE-2020-13631	SQLite before 3.32.0 allows a virtual table to be renamed to the name of one of its shadow tables, related to alter.c and build.c. local low complexity sqlite fedoraproject canonical netapp brocade siemens apple oracle	5.5
2020-05-24	CVE-2020-13435	NULL Pointer Dereference vulnerability in multiple products SQLite through 3.32.0 has a segmentation fault in sqlite3ExprCodeTarget in expr.c. local low complexity sqlite fedoraproject CWE-476	5.5
2020-05-24	CVE-2020-13434	Integer Overflow or Wraparound vulnerability in multiple products SQLite through 3.32.0 has an integer overflow in sqlite3_str_vappendf in printf.c. local low complexity sqlite debian fedoraproject canonical freebsd oracle apple CWE-190	5.5
2020-04-09	CVE-2020-11655	Improper Initialization vulnerability in multiple products SQLite through 3.31.1 allows attackers to cause a denial of service (segmentation fault) via a malformed window-function query because the AggInfo object's initialization is mishandled. network low complexity sqlite netapp debian canonical oracle siemens tenable CWE-665	5.0
2020-02-21	CVE-2020-9327	NULL Pointer Dereference vulnerability in multiple products In SQLite 3.31.1, isAuxiliaryVtabOperator allows attackers to trigger a NULL pointer dereference and segmentation fault because of generated column optimizations. network low complexity sqlite netapp canonical siemens oracle CWE-476	5.0
2020-01-03	CVE-2019-19959	ext/misc/zipfile.c in SQLite 3.30.1 mishandles certain uses of INSERT INTO in situations involving embedded '\0' characters in filenames, leading to a memory-management error that can be detected by (for example) valgrind. network low complexity sqlite canonical	5.0