from 0
CRITICAL9.8CVE-2025-3277An integer overflow can be triggered in SQLite’s `concat_ws()` function. from 0
CRITICAL9.8CVE-2020-35527In SQLite 3.31.1, there is an out of bounds access problem through ALTER TABLE for views that have a nested FROM clause. >= 3.31.1, < 3.31.2
CRITICAL9.8In SQLite through 3.31.1, the ALTER TABLE implementation has a use-after-free, as demonstrated by an ORDER BY clause that belongs to a comp…
from 0, < 3.31.2
CRITICAL9.1SQLite integer overflow in key info allocation may lead to information disclosure.
>= 3.39.2, < 3.41.2
HIGH7.8SQLite before 3.53.2 Heap Buffer Overflow via FTS5 fts5ChunkIterate
from 0, < 3.53.2
HIGH7.8SQLite before 3.53.2 Memory Corruption in FTS5 Extension
from 0, < 3.53.2
HIGH7.5An information disclosure issue in the zipfileInflate function in the zipfile extension in SQLite v3.51.1 and earlier allows attackers to o…
from 0, < 3.51.1
HIGH7.5In SQLite 3.44.0 through 3.49.0 before 3.49.1, the concat_ws() SQL function can cause memory to be written beyond the end of a malloc-alloc…
from 0
HIGH7.5An issue found in SQLite SQLite3 v.3.35.4 that allows a remote attacker to cause a denial of service via the appendvfs.c function.
>= 3.35.4, < 3.35.5
HIGH7.5sqlite3 - security update
>= 3.31.1, < 3.31.2
HIGH7.5`libsqlite3-sys` via C SQLite CVE-2022-35737
>= 1.0.12, < 3.39.2
HIGH7.5sqlite3 - security update
>= 3.36.0, < 3.36.1
HIGH7.5SQLite 3.32.2 has a use-after-free in resetAccumulator in select.c because the parse tree rewrite for window functions is too late.
>= 3.32.2, < 3.32.3
HIGH7.5sqlite3 - security update
from 0, < 3.31.2
HIGH7.5In SQLite 3.31.1, isAuxiliaryVtabOperator allows attackers to trigger a NULL pointer dereference and segmentation fault because of generate…
>= 3.31.1, < 3.31.2
HIGH7.3SQLite SQLite3 make alltest sqlite3session.c sessionReadRecord heap-based overflow
from 0, < 3.43.1
HIGH7.3SQLite through 3.40.0, when relying on --safe for execution of an untrusted CLI script, does not properly implement the azProhibitedFunctio…
>= 3.37.0, < 3.40.1
HIGH7.0ext/fts3/fts3.c in SQLite before 3.32.0 has a use-after-free in fts3EvalNextRow, related to the snippet feature.
from 0, < 3.32.0
MEDIUM5.5In SQLite 3.49.0 before 3.49.1, certain argument values to sqlite3_db_config (in the C-language API) can cause a denial of service (applica…
>= 3.49.0
MEDIUM5.5Sqlite: use-after-free bug in jsonparseaddnodearray
>= 3.43.0
MEDIUM5.5A flaw was found in SQLite's SELECT query functionality (src/select.c).
>= 3.33.0, < 3.34.1
MEDIUM5.5In SQLite before 3.32.3, select.c mishandles query-flattener optimization, leading to a multiSelectOrderBy heap overflow because of misuse…
from 0, < 3.32.3
MEDIUM5.5ext/fts3/fts3_snippet.c in SQLite before 3.32.0 has a NULL pointer dereference via a crafted matchinfo() query.
from 0, < 3.32.0
MEDIUM5.5SQLite before 3.32.0 allows a virtual table to be renamed to the name of one of its shadow tables, related to alter.c and build.c.
from 0, < 3.32.0
MEDIUM5.5SQLite through 3.32.0 has a segmentation fault in sqlite3ExprCodeTarget in expr.c.
from 0, < 3.32.1
MEDIUM5.5sqlite3 - security update
from 0, < 3.32.1
MEDIUM4.3A Memory Leak vulnerability exists in SQLite Project SQLite3 3.35.1 and 3.37.0 via maliciously crafted SQL Queries (made via editing the Da…
>= 3.35.1, < 3.35.2, >= 3.37.0, < 3.37.1