Oracle Mysql Workbench vulnerabilities

CVE-2020-9327 [HIGH] CWE-476 CVE-2020-9327: In SQLite 3.31.1, isAuxiliaryVtabOperator allows attackers to trigger a NULL pointer dereference and In SQLite 3.31.1, isAuxiliaryVtabOperator allows attackers to trigger a NULL pointer dereference and segmentation fault because of generated column optimizations.

CVE-2019-20388 [HIGH] CWE-401 CVE-2019-20388: xmlSchemaPreRun in xmlschemas.c in libxml2 2.9.10 allows an xmlSchemaValidateStream memory leak. xmlSchemaPreRun in xmlschemas.c in libxml2 2.9.10 allows an xmlSchemaValidateStream memory leak.

CVE-2020-7595 [HIGH] CWE-835 CVE-2020-7595: xmlStringLenDecodeEntities in parser.c in libxml2 2.9.10 has an infinite loop in a certain end-of-fi xmlStringLenDecodeEntities in parser.c in libxml2 2.9.10 has an infinite loop in a certain end-of-file situation.

CVE-2019-20218 [HIGH] CWE-755 CVE-2019-20218: selectExpander in select.c in SQLite 3.30.1 proceeds with WITH stack unwinding even after a parsing selectExpander in select.c in SQLite 3.30.1 proceeds with WITH stack unwinding even after a parsing error.

CVE-2019-19925 [HIGH] CWE-434 CVE-2019-19925: zipfileUpdate in ext/misc/zipfile.c in SQLite 3.30.1 mishandles a NULL pathname during an update of zipfileUpdate in ext/misc/zipfile.c in SQLite 3.30.1 mishandles a NULL pathname during an update of a ZIP archive.

CVE-2019-19923 [HIGH] CWE-476 CVE-2019-19923: flattenSubquery in select.c in SQLite 3.30.1 mishandles certain uses of SELECT DISTINCT involving a flattenSubquery in select.c in SQLite 3.30.1 mishandles certain uses of SELECT DISTINCT involving a LEFT JOIN in which the right-hand side is a view. This can cause a NULL pointer dereference (or incorrect results).

CVE-2019-19924 [MEDIUM] CWE-755 CVE-2019-19924: SQLite 3.30.1 mishandles certain parser-tree rewriting, related to expr.c, vdbeaux.c, and window.c. SQLite 3.30.1 mishandles certain parser-tree rewriting, related to expr.c, vdbeaux.c, and window.c. This is caused by incorrect sqlite3WindowRewrite() error handling.

CVE-2019-19926 [HIGH] CVE-2019-19926: multiSelect in select.c in SQLite 3.30.1 mishandles certain errors during parsing, as demonstrated b multiSelect in select.c in SQLite 3.30.1 mishandles certain errors during parsing, as demonstrated by errors from sqlite3WindowRewrite() calls. NOTE: this vulnerability exists because of an incomplete fix for CVE-2019-19880.

CVE-2019-19880 [HIGH] CWE-476 CVE-2019-19880: exprListAppendList in window.c in SQLite 3.30.1 allows attackers to trigger an invalid pointer deref exprListAppendList in window.c in SQLite 3.30.1 allows attackers to trigger an invalid pointer dereference because constant integer values in ORDER BY clauses of window definitions are mishandled.

CVE-2019-14889 [HIGH] CWE-78 CVE-2019-14889: A flaw was found with the libssh API function ssh_scp_new() in versions before 0.9.3 and before 0.8. A flaw was found with the libssh API function ssh_scp_new() in versions before 0.9.3 and before 0.8.8. When the libssh SCP client connects to a server, the scp command, which includes a user-provided path, is executed on the server-side. In case the library is used in a way where users can influence the third parameter of the function, it would become

CVE-2019-19646 [CRITICAL] CWE-754 CVE-2019-19646: pragma.c in SQLite through 3.30.1 mishandles NOT NULL in an integrity_check PRAGMA command in certai pragma.c in SQLite through 3.30.1 mishandles NOT NULL in an integrity_check PRAGMA command in certain cases of generated columns.

CVE-2019-19603 [HIGH] CVE-2019-19603: SQLite 3.30.1 mishandles certain SELECT statements with a nonexistent VIEW, leading to an applicatio SQLite 3.30.1 mishandles certain SELECT statements with a nonexistent VIEW, leading to an application crash.

CVE-2019-19645 [MEDIUM] CWE-674 CVE-2019-19645: alter.c in SQLite through 3.30.1 allows attackers to trigger infinite recursion via certain types of alter.c in SQLite through 3.30.1 allows attackers to trigger infinite recursion via certain types of self-referential views in conjunction with ALTER TABLE statements.

CVE-2019-19317 [CRITICAL] CWE-681 CVE-2019-19317: lookupName in resolve.c in SQLite 3.30.1 omits bits from the colUsed bitmask in the case of a genera lookupName in resolve.c in SQLite 3.30.1 omits bits from the colUsed bitmask in the case of a generated column, which allows attackers to cause a denial of service or possibly have unspecified other impact.

CVE-2019-19242 [MEDIUM] CWE-476 CVE-2019-19242: SQLite 3.30.1 mishandles pExpr->y.pTab, as demonstrated by the TK_COLUMN case in sqlite3ExprCodeTarg SQLite 3.30.1 mishandles pExpr->y.pTab, as demonstrated by the TK_COLUMN case in sqlite3ExprCodeTarget in expr.c.

CVE-2019-19244 [HIGH] CVE-2019-19244: sqlite3Select in select.c in SQLite 3.30.1 allows a crash if a sub-select uses both DISTINCT and win sqlite3Select in select.c in SQLite 3.30.1 allows a crash if a sub-select uses both DISTINCT and window functions, and also has certain ORDER BY usage.

CVE-2019-10219 [MEDIUM] CWE-79 CVE-2019-10219: A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properl A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code in HTML comments and instructions. This vulnerability can result in an XSS attack.

CVE-2018-14550 [HIGH] CWE-787 CVE-2018-14550: An issue has been found in third-party PNM decoding associated with libpng 1.6.35. It is a stack-bas An issue has been found in third-party PNM decoding associated with libpng 1.6.35. It is a stack-based buffer overflow in the function get_token in pnm2png.c in pnm2png.

CVE-2019-1559 [MEDIUM] CWE-203 CVE-2019-1559: If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to sen If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to send a close_notify, and once to receive one) then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid padding compared to if a 0 byte record is received with an invalid MAC. If the application then behave

CVE-2018-10933 [CRITICAL] CWE-592 CVE-2018-10933: A vulnerability was found in libssh's server-side state machine before versions 0.7.6 and 0.8.4. A m A vulnerability was found in libssh's server-side state machine before versions 0.7.6 and 0.8.4. A malicious client could create channels without first performing authentication, resulting in unauthorized access.