22 matches found
CVE-2026-31602 ALSA: ctxfi: Limit PTP to a single page
In the Linux kernel, the following vulnerability has been resolved: ALSA: ctxfi: Limit PTP to a single page Commit 391e69143d0a increased CTPTPNUM from 1 to 4 to support 256 playback streams, but the additional pages are not used by the card correctly. The CT20K2 hardware already has multiple...
PT-2026-34954
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the ALSA ctxfi component where the ct vm map function always uses Page Table Entries PTEs in vm-ptp0.area regardless of the CT PTP NUM value. On AMD64 systems, a singl...
EUVD-2025-204678
A vulnerability has been found in SeaCMS up to 13.3. The affected element is an unknown function of the file js/player/dmplayer/dmku/class/mysqli.class.php. Such manipulation of the argument page/limit leads to sql injection. The attack can be executed remotely. The exploit has been disclosed to...
CVE-2025-15002
A vulnerability has been found in SeaCMS up to 13.3. The affected element is an unknown function of the file js/player/dmplayer/dmku/class/mysqli.class.php. Such manipulation of the argument page/limit leads to sql injection. The attack can be executed remotely. The exploit has been disclosed to...
CVE-2025-15002
A vulnerability has been found in SeaCMS up to 13.3. The affected element is an unknown function of the file js/player/dmplayer/dmku/class/mysqli.class.php. Such manipulation of the argument page/limit leads to sql injection. The attack can be executed remotely. The exploit has been disclosed to...
CVE-2025-15002
SeaCMS up to version 13.3 contains a SQL injection flaw in an unknown function of js/player/dmplayer/dmku/class/mysqli.class.php, triggered by manipulating the page/limit argument. The vulnerability can be exploited remotely and exploits have been disclosed publicly. Public sources consistently r...
CVE-2025-15002 SeaCMS mysqli.class.php sql injection
A vulnerability has been found in SeaCMS up to 13.3. The affected element is an unknown function of the file js/player/dmplayer/dmku/class/mysqli.class.php. Such manipulation of the argument page/limit leads to sql injection. The attack can be executed remotely. The exploit has been disclosed to...
CVE-2025-15002 SeaCMS mysqli.class.php sql injection
A vulnerability has been found in SeaCMS up to 13.3. The affected element is an unknown function of the file js/player/dmplayer/dmku/class/mysqli.class.php. Such manipulation of the argument page/limit leads to sql injection. The attack can be executed remotely. The exploit has been disclosed to...
PT-2025-52613
Name of the Vulnerable Software and Affected Versions SeaCMS versions prior to 13.4 Description A flaw exists in SeaCMS that allows for SQL injection. The issue is located in an unknown function within the js/player/dmplayer/dmku/class/mysqli.class.php file. Manipulation of the page/limit argumen...
CLSA-2025-1765377802 poppler: Fix of CVE-2025-52886
CVE-2025-52886: limit amount of annotations per page/document to mitigate out-of-memory...
Linux Distros Unpatched Vulnerability : CVE-2018-5690
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cross-site scripting XSS vulnerability in admin/users.php in Dotclear 2.12.1 allows remote authenticated users to inject arbitrary web script or HTML via the nb...
kernel: udmabuf: fix a buf size overflow issue during udmabuf creation
A buffer-overflow vulnerability was found in the Linux kernel's udmabuf driver. The flaw occurs in the udmabufcreate function, which calculates the page count limit pglimit using the variable sizelimitmb. This size variable can be misinterpreted as either 32-bit or 64-bit, resulting in incorrect...
kernel: udmabuf: fix a buf size overflow issue during udmabuf creation
A buffer-overflow vulnerability was found in the Linux kernel's udmabuf driver. The flaw occurs in the udmabufcreate function, which calculates the page count limit pglimit using the variable sizelimitmb. This size variable can be misinterpreted as either 32-bit or 64-bit, resulting in incorrect...
kernel: udmabuf: fix a buf size overflow issue during udmabuf creation
A buffer-overflow vulnerability was found in the Linux kernel's udmabuf driver. The flaw occurs in the udmabufcreate function, which calculates the page count limit pglimit using the variable sizelimitmb. This size variable can be misinterpreted as either 32-bit or 64-bit, resulting in incorrect...
CVE-2015-9437
The dynamic-widgets plugin before 1.5.11 for WordPress has CSRF with resultant XSS via the wp-admin/themes.php?page=dynwid-config pagelimit parameter...
UBUNTU-CVE-2025-37803
In the Linux kernel, the following vulnerability has been resolved: udmabuf: fix a buf size overflow issue during udmabuf creation by casting sizelimitmb to u64 when calculate pglimit...
DEBIAN-CVE-2024-35841
In the Linux kernel, the following vulnerability has been resolved: net: tls, fix WARNIING in skmsgfree A splice with MSGSPLICEPAGES will cause tls code to use the tlsswsendmsgsplice path in the TLS sendmsg code to move the user provided pages from the msg into the msgpl. This will loop over the...
SUSE CVE-2013-7106
Multiple stack-based buffer overflows in Icinga before 1.8.5, 1.9 before 1.9.4, and 1.10 before 1.10.2 allow remote authenticated users to cause a denial of service crash and possibly execute arbitrary code via a long string to the 1 displaynavtable, 2 pagelimitselector, 3 printexportlink, or 4...
kernel: heap buffer overflow in the iSCSI subsystem
A flaw was found in the Linux kernel. A heap buffer overflow in the iSCSI subsystem is triggered by setting an iSCSI string attribute to a value larger than one page and then trying to read it. The highest threat from this vulnerability is to data confidentiality and integrity as well as system...
CVE-2019-14796
The mq-woocommerce-products-price-bulk-edit aka Woocommerce Products Price Bulk Edit plugin 2.0 for WordPress allows XSS via the wp-admin/admin-ajax.php?action=updateoptions showproductspagelimit parameter...