Sqlite : Security Vulnerabilities, CVEs, Published In 2015
SQLite before 3.8.9, as used in Android before 5.1.1 LMY48T, allows attackers to gain privileges via a crafted application, aka internal bug 20099586.
Max CVSS
6.8
EPSS Score
0.35%
Published
2015-10-06
Updated
2017-03-25
Multiple unspecified vulnerabilities in SQLite before 3.8.10.2, as used in Apple iOS before 9, have unknown impact and attack vectors.
Max CVSS
10.0
EPSS Score
3.33%
Published
2015-09-18
Updated
2016-12-22
Multiple buffer overflows in the printf functionality in SQLite, as used in Apple iOS before 8.4 and OS X before 10.10.4, allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors.
Max CVSS
7.5
EPSS Score
8.03%
Published
2015-07-03
Updated
2020-11-20
The sqlite3VXPrintf function in printf.c in SQLite before 3.8.9 does not properly handle precision and width values during floating-point conversions, which allows context-dependent attackers to cause a denial of service (integer overflow and stack-based buffer overflow) or possibly have unspecified other impact via large integers in a crafted printf function call in a SELECT statement.
Max CVSS
7.5
EPSS Score
0.52%
Published
2015-04-24
Updated
2022-08-16
The sqlite3VdbeExec function in vdbe.c in SQLite before 3.8.9 does not properly implement comparison operators, which allows context-dependent attackers to cause a denial of service (invalid free operation) or possibly have unspecified other impact via a crafted CHECK clause, as demonstrated by CHECK(0&O>O) in a CREATE TABLE statement.
Max CVSS
7.5
EPSS Score
0.83%
Published
2015-04-24
Updated
2022-08-16
SQLite before 3.8.9 does not properly implement the dequoting of collation-sequence names, which allows context-dependent attackers to cause a denial of service (uninitialized memory access and application crash) or possibly have unspecified other impact via a crafted COLLATE clause, as demonstrated by COLLATE"""""""" at the end of a SELECT statement.
Max CVSS
7.5
EPSS Score
0.83%
Published
2015-04-24
Updated
2022-08-16
Buffer overflow in the skip-scan optimization in SQLite 3.8.2 allows remote attackers to cause a denial of service (crash) via crafted SQL statements.
Max CVSS
5.0
EPSS Score
7.90%
Published
2015-08-12
Updated
2016-11-28
7 vulnerabilities found