VDB

GCVE-110-NCSC-2025-382

GCVE-110-NCSC-2025-382
Advisory PublishedCVSS 5.3/10
Vulnetix · Advisory published December 9, 2025
A NULL pointer dereference vulnerability in SQLite 3.31.1 can cause out-of-memory errors during INTERSECT query processing, potentially leading to Denial of Service attacks in affected NetApp products.

Weaknesses (CWE)

CWE-271Privilege Dropping / Lowering ErrorsCWE-20Improper Input ValidationCWE-400Uncontrolled Resource ConsumptionCWE-358Improperly Implemented Security Check for StandardCWE-787Out-of-bounds WriteCWE-126Buffer Over-readCWE-476NULL Pointer DereferenceCWE-327Use of a Broken or Risky Cryptographic AlgorithmCWE-770Allocation of Resources Without Limits or ThrottlingCWE-835Loop with Unreachable Exit Condition ('Infinite Loop')CWE-863Incorrect AuthorizationCWE-203Observable DiscrepancyCWE-416Use After FreeCWE-119Improper Restriction of Operations within the Bounds of a Memory BufferCWE-862Missing AuthorizationCWE-909Missing Initialization of ResourceCWE-200Exposure of Sensitive Information to an Unauthorized ActorCWE-212Improper Removal of Sensitive Information Before Storage or TransferCWE-681Incorrect Conversion between Numeric TypesCWE-667Improper LockingCWE-362Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')CWE-763Release of Invalid Pointer or ReferenceCWE-129Improper Validation of Array IndexCWE-415Double FreeCWE-141Improper Neutralization of Parameter/Argument DelimitersCWE-319Cleartext Transmission of Sensitive InformationCWE-79Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')CWE-294Authentication Bypass by Capture-replayCWE-306Missing Authentication for Critical FunctionCWE-287Improper AuthenticationCWE-276Incorrect Default PermissionsCWE-347Improper Verification of Cryptographic SignatureCWE-311Missing Encryption of Sensitive DataCWE-125Out-of-bounds ReadCWE-384Session FixationCWE-77Improper Neutralization of Special Elements used in a Command ('Command Injection')CWE-414Missing Lock CheckCWE-120Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')CWE-303Incorrect Implementation of Authentication AlgorithmCWE-440Expected Behavior ViolationCWE-74Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')CWE-121Stack-based Buffer OverflowCWE-352Cross-Site Request Forgery (CSRF)CWE-732Incorrect Permission Assignment for Critical ResourceCWE-201Insertion of Sensitive Information Into Sent DataCWE-1333Inefficient Regular Expression ComplexityCWE-502Deserialization of Untrusted DataCWE-1287Improper Validation of Specified Type of InputCWE-407Inefficient Algorithmic ComplexityCWE-268Privilege ChainingCWE-78Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')CWE-754Improper Check for Unusual or Exceptional ConditionsCWE-340Generation of Predictable Numbers or IdentifiersCWE-295Improper Certificate ValidationCWE-204Observable Response DiscrepancyCWE-940Improper Verification of Source of a Communication ChannelCWE-285Improper AuthorizationCWE-798Use of Hard-coded CredentialsCWE-284Improper Access ControlCWE-288Authentication Bypass Using an Alternate Path or ChannelCWE-122Heap-based Buffer Overflow

Risk Scores

CVSS 3.0
5.3/10
Medium · CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Affected Products

VendorProductVersionsPlatforms
Siemensvers:unknown/*

Aliases

CVE-2018-1000876CVE-2018-12934CVE-2018-7169CVE-2018-9234CVE-2019-12900CVE-2019-14866CVE-2019-9893CVE-2020-12762CVE-2020-21047CVE-2020-22217CVE-2020-35525CVE-2021-35550CVE-2021-35556CVE-2021-35559CVE-2021-35561CVE-2021-35564CVE-2021-35565CVE-2021-35567CVE-2021-35578CVE-2021-35586CVE-2021-35588CVE-2021-35603CVE-2021-36084CVE-2021-36085CVE-2021-36086CVE-2021-36087CVE-2021-38185CVE-2021-47358CVE-2021-47361CVE-2022-0435CVE-2022-0492CVE-2022-0847CVE-2022-0850CVE-2022-1353CVE-2022-1734CVE-2022-20141CVE-2022-23039CVE-2022-23040CVE-2022-24958CVE-2022-2639CVE-2022-27223CVE-2022-28390CVE-2022-2964CVE-2022-29872CVE-2022-29873CVE-2022-29874CVE-2022-29876CVE-2022-29878CVE-2022-29879CVE-2022-29880CVE-2022-29881CVE-2022-29882CVE-2022-29883CVE-2022-30594CVE-2022-31807CVE-2022-3424CVE-2022-34903CVE-2022-36123CVE-2022-37032CVE-2022-37434CVE-2022-40226CVE-2022-41665CVE-2022-41858CVE-2022-43439CVE-2022-48624CVE-2022-48626CVE-2022-48919CVE-2022-48926CVE-2022-48948CVE-2022-48951CVE-2022-48960CVE-2022-48962CVE-2022-48966CVE-2022-48967CVE-2022-49058CVE-2023-27043CVE-2023-28322CVE-2023-29383CVE-2023-29491CVE-2023-30901CVE-2023-31238CVE-2023-41358CVE-2023-46218CVE-2023-4641CVE-2023-46753CVE-2023-47234CVE-2024-0397CVE-2024-11053CVE-2024-11168CVE-2024-12133CVE-2024-12243CVE-2024-28085CVE-2024-32487CVE-2024-47875CVE-2024-50602CVE-2024-52533CVE-2024-5642CVE-2024-56835CVE-2024-56836CVE-2024-56837CVE-2024-56838CVE-2024-56839CVE-2024-56840CVE-2024-6232CVE-2024-6923CVE-2024-7592CVE-2025-0938CVE-2025-10148CVE-2025-2783CVE-2025-40800CVE-2025-40801CVE-2025-40806CVE-2025-40807CVE-2025-40818CVE-2025-40819CVE-2025-40820CVE-2025-40830CVE-2025-40831CVE-2025-40935CVE-2025-40938CVE-2025-40939CVE-2025-40940CVE-2025-40941CVE-2025-59392

References

advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory

Browse GCVE Records

73,280 records in the GCVE database · Updated July 17, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›