CVE-2020-13434

creationtimestamp| type| source ---|---|--- 2026-05-21 05:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-26-141-03...

MiracleLinux 8 : sqlite-3.26.0-13.el8 (AXSA:2021-1806:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-1806:01 advisory. sqlite: integer overflow in sqlite3strvappendf function in printf.c CVE-2020-13434 sqlite: heap-based buffer overflow in multiSelectOrderBy due to...

CVE-2025-13434

A weakness has been identified in jameschz Hush Framework 2.0. The impacted element is an unknown function of the file Hush\hush-lib\hush\Util.php of the component HTTP Host Header Handler. This manipulation of the argument $SERVER'HOST' causes improper neutralization of http headers for scriptin...

CVE-2025-13434

creationtimestamp| type| source ---|---|--- 2025-11-20 04:05:22+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3m5zvb6cunm2s...

CVE-2024-13434

The WP Inventory Manager plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'message' parameter in all versions up to, and including, 2.3.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrar...

CVE-2024-13434

creationtimestamp| type| source ---|---|--- 2025-01-17 04:34:12+00:00| seen| https://infosec.exchange/users/cve/statuses/113841828810932968 2025-01-17 04:56:28+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/2095 2025-01-17 05:15:31+00:00| seen|...

CVE-2024-13434

CVE-2024-13434 concerns the WP Inventory Manager WordPress plugin. It allows a Reflected Cross-Site Scripting (XSS) via the user-supplied parameter “message” in all versions up to 2.3.2, caused by insufficient input sanitization and inadequate output escaping. The vulnerability enables unauthenti...

CVE-2024-13434 WP Inventory Manager <= 2.3.2 - Reflected Cross-Site Scripting

The WP Inventory Manager plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'message' parameter in all versions up to, and including, 2.3.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrar...

CVE-2024-13434 WP Inventory Manager <= 2.3.2 - Reflected Cross-Site Scripting

The WP Inventory Manager plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'message' parameter in all versions up to, and including, 2.3.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrar...

K000148486: SQLite vulnerabilities CVE-2020-15358, CVE-2020-13632, CVE-2020-13435, and CVE-2020-13434

Security Advisory Description CVE-2020-15358 In SQLite before 3.32.3, select.c mishandles query-flattener optimization, leading to a multiSelectOrderBy heap overflow because of misuse of transitive properties for constant propagation. CVE-2020-13632 ext/fts3/fts3snippet.c in SQLite before 3.32.0...

CVE-2020-13434 affecting package ceph for versions less than 18.2.1-1

CVE-2020-13434 affecting package ceph for versions less than 18.2.1-1. An upgraded version of the package is available that resolves this issue...

BELL-CVE-2020-13434 CVE-2020-13434 does not affect BellSoft software

Bulletin has no description...

NewStart CGSL MAIN 6.02 : sqlite Multiple Vulnerabilities (NS-SA-2022-0052)

The remote NewStart CGSL host, running version MAIN 6.02, has sqlite packages installed that are affected by multiple vulnerabilities: - SQLite through 3.32.0 has an integer overflow in sqlite3strvappendf in printf.c. CVE-2020-13434 - In SQLite before 3.32.3, select.c mishandles query-flattener...

AlmaLinux 8 : mingw packages (ALSA-2021:1968)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2021:1968 advisory. - In SQLite through 3.29.0, whereLoopAddBtreeIndex in sqlite3.c can crash a browser or other application because of missing validation of a sqlitestat1 sz...

AlmaLinux 8 : sqlite (ALSA-2021:1581)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2021:1581 advisory. - SQLite through 3.32.0 has an integer overflow in sqlite3strvappendf in printf.c. CVE-2020-13434 - In SQLite before 3.32.3, select.c mishandles...

Mageia: Security Advisory (MGASA-2021-0303)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Bulletin: Multiple Security Vulnerabilities fixed in IBM Security Verify Access

Summary Multiple Security vulnerabilities have been fixed in the IBM Security Verify Access product. Vulnerability Details CVEID: CVE-2021-3520 DESCRIPTION: lz4 could allow a remote attacker to execute arbitrary code on the system, caused by an integer overflow. By sending a specially crafted fil...

openSUSE 15 Security Update : php7 (openSUSE-SU-2021:1130-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:1130-1 advisory. - Tenable.sc leverages third-party software to help provide underlying functionality. Multiple third-party components were found to contain...

openSUSE 15 Security Update : sqlite3 (openSUSE-SU-2021:1058-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:1058-1 advisory. - SQLite before 3.8.9 does not properly implement the dequoting of collation-sequence names, which allows context-dependent attackers to...

Huawei EulerOS: Security Advisory for sqlite3 (EulerOS-SA-2021-2169)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...