CVE-2026-10294

CVE-2026-10294 affects PackageKit up to 1.3.5. The vulnerable component is the API function g_file_test in src/pk-transaction.c. Manipulation of the argument frontend-socket leads to improper authorization. The issue can be exploited remotely, and the exploit has been disclosed publicly and may b...

CVE-2026-26063

CediPay is a crypto-to-fiat app for the Ghanaian market. A vulnerability in CediPay prior to version 1.2.3 allows attackers to bypass input validation in the transaction API. The issue has been fixed in version 1.2.3. If upgrading is not immediately possible, restrict API access to trusted networ...

CVE-2026-26063 CediPay Affected by Improper Input Validation in Payment Processing

CediPay is a crypto-to-fiat app for the Ghanaian market. A vulnerability in CediPay prior to version 1.2.3 allows attackers to bypass input validation in the transaction API. The issue has been fixed in version 1.2.3. If upgrading is not immediately possible, restrict API access to trusted networ...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993171)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993171 advisory. In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: adapt set backend to use GC transaction API Use the GC transaction API to...

Incorrect Authorization

org.nutz:nutzboot-parent is vulnerable to Incorrect Authorization. The vulnerability is due to inadequate validation of transaction parameters from/to/wei in the Transaction API, which allows an attacker to manipulate requests and perform unauthorized actions remotely...

CVE-2025-13806

A security vulnerability has been detected in nutzam NutzBoot up to 2.6.0-SNAPSHOT. This impacts an unknown function of the file nutzboot-demo/nutzboot-demo-simple/nutzboot-demo-simple-web3j/src/main/java/io/nutz/demo/simple/module/EthModule.java of the component Transaction API. The manipulation...

NutzBoot Incorrect Privilege Assignment vulnerability

A security vulnerability has been detected in nutzam NutzBoot up to 2.6.0-SNAPSHOT. This impacts an unknown function of the file nutzboot-demo/nutzboot-demo-simple/nutzboot-demo-simple-web3j/src/main/java/io/nutz/demo/simple/module/EthModule.java of the component Transaction API. The manipulation...

CVE-2025-13806

A security vulnerability has been detected in nutzam NutzBoot up to 2.6.0-SNAPSHOT. This impacts an unknown function of the file nutzboot-demo/nutzboot-demo-simple/nutzboot-demo-simple-web3j/src/main/java/io/nutz/demo/simple/module/EthModule.java of the component Transaction API. The manipulation...

CVE-2025-13806 nutzam NutzBoot Transaction API EthModule.java improper authorization

A security vulnerability has been detected in nutzam NutzBoot up to 2.6.0-SNAPSHOT. This impacts an unknown function of the file nutzboot-demo/nutzboot-demo-simple/nutzboot-demo-simple-web3j/src/main/java/io/nutz/demo/simple/module/EthModule.java of the component Transaction API. The manipulation...

PT-2025-48410

Name of the Vulnerable Software and Affected Versions nutzam NutzBoot versions up to 2.6.0-SNAPSHOT Description A security issue exists in nutzam NutzBoot related to improper authorization within the Transaction API. The issue stems from manipulation of the from, to, and wei arguments in an unkno...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-990919)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990919 advisory. In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: adapt set backend to use GC transaction API Use the GC transaction API to...

CVE-2023-52923

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: adapt set backend to use GC transaction API Use the GC transaction API to replace the old and buggy gc API and the busy mark approach. No set elements are removed from async garbage collection anymore, instea...

UBUNTU-CVE-2023-52923

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: adapt set backend to use GC transaction API Use the GC transaction API to replace the old and buggy gc API and the busy mark approach. No set elements are removed from async garbage collection anymore, instea...

CVE-2023-52923

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: adapt set backend to use GC transaction API Use the GC transaction API to replace the old and buggy gc API and the busy mark approach. No set elements are removed from async garbage collection anymore, instea...

CVE-2023-52923

CVE-2023-52923 — Linux kernel netfilter nf_tables GC transaction API fix . The issue concerns the nf_tables set backend in the Linux kernel, where the GC transaction API replaces the old GC and busy-mark approach. The patch changes: sets the _DEAD bit to hide removed elements instead of removing ...

CVE-2023-52923 netfilter: nf_tables: adapt set backend to use GC transaction API

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: adapt set backend to use GC transaction API Use the GC transaction API to replace the old and buggy gc API and the busy mark approach. No set elements are removed from async garbage collection anymore, instea...

CVE-2023-52923 netfilter: nf_tables: adapt set backend to use GC transaction API

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: adapt set backend to use GC transaction API Use the GC transaction API to replace the old and buggy gc API and the busy mark approach. No set elements are removed from async garbage collection anymore, instea...

PT-2024-31690 · Unknown · Symphony Xts Web Trading Platform

Name of the Vulnerable Software and Affected Versions: Symphony XTS Web Trading platform version 2.0.0.1 P160 Description: This issue exists due to improper access controls on APIs in the Transaction module of the vulnerable application. An authenticated remote attacker could exploit this by...