Product:

Mysql_workbench

(Oracle)
Repositories

Unknown:

This might be proprietary software.

#Vulnerabilities 42
Date Id Summary Products Score Patch Annotated
2019-12-05 CVE-2019-19317 lookupName in resolve.c in SQLite 3.30.1 omits bits from the colUsed bitmask in the case of a generated column, which allows attackers to cause a denial of service or possibly have unspecified other impact. Cloud_backup, Ontap_select_deploy_administration_utility, Mysql_workbench, Sinec_infrastructure_network_services, Sqlite 9.8
2019-12-09 CVE-2019-19645 alter.c in SQLite through 3.30.1 allows attackers to trigger infinite recursion via certain types of self-referential views in conjunction with ALTER TABLE statements. Cloud_backup, Ontap_select_deploy_administration_utility, Mysql_workbench, Sinec_infrastructure_network_services, Sqlite, Tenable\.sc 5.5
2019-12-09 CVE-2019-19646 pragma.c in SQLite through 3.30.1 mishandles NOT NULL in an integrity_check PRAGMA command in certain cases of generated columns. Cloud_backup, Ontap_select_deploy_administration_utility, Mysql_workbench, Sinec_infrastructure_network_services, Sqlite, Tenable\.sc 9.8
2019-12-18 CVE-2019-19880 exprListAppendList in window.c in SQLite 3.30.1 allows attackers to trigger an invalid pointer dereference because constant integer values in ORDER BY clauses of window definitions are mishandled. Debian_linux, Cloud_backup, Backports_sle, Leap, Mysql_workbench, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation, Sinec_infrastructure_network_services, Sqlite, Package_hub 7.5
2019-12-23 CVE-2019-19926 multiSelect in select.c in SQLite 3.30.1 mishandles certain errors during parsing, as demonstrated by errors from sqlite3WindowRewrite() calls. NOTE: this vulnerability exists because of an incomplete fix for CVE-2019-19880. Debian_linux, Cloud_backup, Backports_sle, Leap, Mysql_workbench, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation, Sinec_infrastructure_network_services, Sqlite, Package_hub 7.5
2019-12-24 CVE-2019-19923 flattenSubquery in select.c in SQLite 3.30.1 mishandles certain uses of SELECT DISTINCT involving a LEFT JOIN in which the right-hand side is a view. This can cause a NULL pointer dereference (or incorrect results). Debian_linux, Cloud_backup, Backports_sle, Leap, Mysql_workbench, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation, Sinec_infrastructure_network_services, Sqlite, Package_hub 7.5
2019-12-24 CVE-2019-19925 zipfileUpdate in ext/misc/zipfile.c in SQLite 3.30.1 mishandles a NULL pathname during an update of a ZIP archive. Debian_linux, Cloud_backup, Backports_sle, Leap, Mysql_workbench, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation, Sinec_infrastructure_network_services, Sqlite, Package_hub 7.5
2020-04-09 CVE-2020-11655 SQLite through 3.31.1 allows attackers to cause a denial of service (segmentation fault) via a malformed window-function query because the AggInfo object's initialization is mishandled. Ubuntu_linux, Debian_linux, Ontap_select_deploy_administration_utility, Communications_element_manager, Communications_messaging_server, Communications_network_charging_and_control, Communications_session_report_manager, Communications_session_route_manager, Enterprise_manager_ops_center, Hyperion_infrastructure_technology, Instantis_enterprisetrack, Mysql, Mysql_workbench, Outside_in_technology, Zfs_storage_appliance_kit, Sinec_infrastructure_network_services, Sqlite, Tenable\.sc 7.5
2020-04-09 CVE-2020-11656 In SQLite through 3.31.1, the ALTER TABLE implementation has a use-after-free, as demonstrated by an ORDER BY clause that belongs to a compound SELECT statement. Ontap_select_deploy_administration_utility, Communications_messaging_server, Communications_network_charging_and_control, Enterprise_manager_ops_center, Hyperion_infrastructure_technology, Mysql, Mysql_workbench, Outside_in_technology, Zfs_storage_appliance_kit, Sinec_infrastructure_network_services, Sqlite, Tenable\.sc 9.8
2018-10-17 CVE-2018-10933 A vulnerability was found in libssh's server-side state machine before versions 0.7.6 and 0.8.4. A malicious client could create channels without first performing authentication, resulting in unauthorized access. Ubuntu_linux, Debian_linux, Libssh, Oncommand_unified_manager, Oncommand_workflow_automation, Snapcenter, Storage_automation_store, Mysql_workbench, Enterprise_linux 9.1