26 matches found
CLSA-2025-1754337993 sqlite: Fix of CVE-2025-6965
CVE-2025-6965: fix memory corruption issue caused by a query where the number of aggregate terms could exceed the number of columns available...
sqlite: Integer Truncation in SQLite
A memory corruption flaw was found in SQLite. Under specific conditions a query can be generated where the number of aggregate terms could exceed the number of columns available. This issue could lead to memory corruption and subsequent unintended behavior...
CVE-2025-11763
The Display Pages Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'columncount' parameter in the display-pages shortcode in all versions up to, and including, 1.1. This is due to insufficient input sanitization and output escaping. This makes it possible for...
CVE-2025-11763
The Display Pages Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'columncount' parameter in the display-pages shortcode in all versions up to, and including, 1.1. This is due to insufficient input sanitization and output escaping. This makes it possible for...
EUVD-2025-198418
The Display Pages Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'columncount' parameter in the display-pages shortcode in all versions up to, and including, 1.1. This is due to insufficient input sanitization and output escaping. This makes it possible for...
CVE-2025-11763 Display Pages Shortcode <= 1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting
The Display Pages Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'columncount' parameter in the display-pages shortcode in all versions up to, and including, 1.1. This is due to insufficient input sanitization and output escaping. This makes it possible for...
CVE-2025-11763 Display Pages Shortcode <= 1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting
The Display Pages Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'columncount' parameter in the display-pages shortcode in all versions up to, and including, 1.1. This is due to insufficient input sanitization and output escaping. This makes it possible for...
CVE-2025-11763
The WordPress plugin Display Pages Shortcode is vulnerable to Stored XSS through the column_count parameter in the [display-pages] shortcode (versions ≤ 1.1). The flaw arises from insufficient input filtering and output escaping, enabling authenticated attackers with Contributor+ access to inject...
PT-2025-47675
The Display Pages Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'column count' parameter in the display-pages shortcode in all versions up to, and including, 1.1. This is due to insufficient input sanitization and output escaping. This makes it possible for...
sqlite: Integer Truncation in SQLite
A memory corruption flaw was found in SQLite. Under specific conditions a query can be generated where the number of aggregate terms could exceed the number of columns available. This issue could lead to memory corruption and subsequent unintended behavior...
CLSA-2025-1754340339 sqlite: Fix of CVE-2025-6965
CVE-2025-6965: fix memory corruption issue caused by a query where the number of aggregate terms could exceed the number of columns available...
sqlite: Integer Truncation in SQLite
A memory corruption flaw was found in SQLite. Under specific conditions a query can be generated where the number of aggregate terms could exceed the number of columns available. This issue could lead to memory corruption and subsequent unintended behavior...
SUSE CVE-2025-6965
There exists a vulnerability in SQLite versions before 3.50.2 where the number of aggregate terms could exceed the number of columns available. This could lead to a memory corruption issue. We recommend upgrading to version 3.50.2 or above...
CVE-2023-44275
OPNsense before 23.7.5 allows XSS via the index.php columncount parameter to the Lobby Dashboard...
PT-2023-6859 · Opnsense · Opnsense
Name of the Vulnerable Software and Affected Versions: OPNsense versions prior to 23.7.5 Description: The issue is related to the lack of protection of the web page structure in the OPNsense operating system. This can be exploited by a remote attacker to conduct cross-site scripting attacks using...
SUSE CVE-2011-2631
The Cascading Style Sheets CSS implementation in Opera before 11.11 does not properly handle the column-count property, which allows remote attackers to cause a denial of service infinite repaint loop and application hang via a web page, as demonstrated by an unspecified Wikipedia page...
SUSE CVE-2015-8740
The dissecttds7colmetadatatoken function in epan/dissectors/packet-tds.c in the TDS dissector in Wireshark 2.0.x before 2.0.1 does not validate the number of columns, which allows remote attackers to cause a denial of service stack-based buffer overflow and application crash via a crafted packet...
CVE-2021-38190
An issue was discovered in the nalgebra crate before 0.27.1 for Rust. It allows out-of-bounds memory access because it does not ensure that the number of elements is equal to the product of the row count and column count...
Design/Logic Flaw
An issue was discovered in the nalgebra crate before 0.27.1 for Rust. It allows out-of-bounds memory access because it does not ensure that the number of elements is equal to the product of the row count and column count...
DEBIAN-CVE-2015-8740
The dissecttds7colmetadatatoken function in epan/dissectors/packet-tds.c in the TDS dissector in Wireshark 2.0.x before 2.0.1 does not validate the number of columns, which allows remote attackers to cause a denial of service stack-based buffer overflow and application crash via a crafted packet...