In SQLite DBMS
A specially crafted SQL SELECT query can result in a use-after-free memory area being accessed, which can potentially be used to create an exploit to execute your code in the context of an application using SQLite. The vulnerability can be exploited if the application allows the transfer of SQL constructs from outside to SQLite.
For example, a potential attack could be made on the Chrome browser and applications using the Chromium engine, since the WebSQL API is implemented on top of SQLite and accesses this DBMS to process SQL queries from web applications. To attack, it is enough to create a page with malicious JavaScript code and get the user to open it in a browser based on the Chromium engine.
Source: opennet.ru