CVE-2017-20265

Joomla! Component Flip Wall 8.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the wallid parameter. Attackers can send GET requests to index.php with the option=comflipwall&task=click&wallid...

EUVD-2017-18992

Joomla! Component Flip Wall 8.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the wallid parameter. Attackers can send GET requests to index.php with the option=comflipwall&task=click&wallid...

CVE-2017-20265

CVE-2017-20265 affects the Joomla! extension Flip Wall (version 8.0). The vulnerability is an SQL injection in the wallid parameter, exploitable via GET requests to index.php with option=com_flipwall&task=click&wallid, allowing unauthenticated attackers to execute arbitrary SQL and potentially ex...

CVE-2017-20265 Joomla! Component Flip Wall 8.0 SQL Injection

Joomla! Component Flip Wall 8.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the wallid parameter. Attackers can send GET requests to index.php with the option=comflipwall&task=click&wallid...

Astra Linux – Vulnerability in libstb

stbimage is a single-file library licensed under MIT that is used for processing images. When stbisetflipverticallyonload is set to TRUE, and reqcomp is set to a value that does not match the actual number of components per pixel, the library attempts to flip the image vertically. A specially...

Astra Linux – Vulnerability in libstb

stbimage is a single-file library licensed under MIT, used for processing images. If stbiloadgifmain in stbiloadgiffrommemory fails, it returns a null pointer and may leave the z variable uninitialized. If the caller also sets the vertical flipping flag, the process continues by calling...

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: net/tls: Fixed the reversed sign in calls to tlserrabort. sk-skerr seems to expect a positive value. This convention is not always followed by ktls, which can lead to memory corruption in other code. For example: c kworker...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: Fixed a null pointer crash in mtkdrmcrtcfinishpageflip. It is possible that mtkcrtc-event is NULL in mtkdrmcrtcfinishpageflip. The pendingneedsvblank value is set by mtkcrtc-event, but in mtkdrmcrtcatomicFlush, it...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: drm: Do not accidentally unreference the same framebuffer multiple times due to deadlock handling. If a deadlock occurs after the fb lookup in drmmodepageflipioctl, we proceed to unreference the fb and then retry the entire proce...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: drm/gma500: Fixed a bug where a sleeping function called from an invalid context caused errors. The function gmacrtcpageflip held the eventlock spinlock while calling crtcfuncs-modesetbase, which requires the wwmutex. The only...

PT-2026-50942

Name of the Vulnerable Software and Affected Versions Joomla! Component Flip Wall version 8.0 Description An SQL injection allows unauthenticated attackers to execute arbitrary SQL queries. This is achieved by injecting malicious code through the wallid parameter via GET requests to the 'index.ph...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: net: usb: aqc111: Fixed out-of-bounds accesses in RX fixup The function aqc111rxfixup contains several out-of-bounds accesses that can be triggered by a malicious or defective USB device. Specifically: - The metadata array...

EUVD-2026-30013

In the Linux kernel, the following vulnerability has been resolved: drm/i915/vrr: Configure VRR timings after enabling TRANSDDIFUNCCTL Apparently ICL may hang with an MCE if we write TRANSVRRVMAX/FLIPLINE before enabling TRANSDDIFUNCCTL. Personally I was only able to reproduce a hang on an Dell X...

CVE-2026-43299

In the Linux kernel, the following vulnerability has been resolved: btrfs: do not ASSERT when the fs flips RO inside btrfsrepairiofailure BUG There is a bug report that when btrfs hits ENOSPC error in a critical path, btrfs flips RO this part is expected, although the ENOSPC bug still needs to be...

UBUNTU-CVE-2026-43299

In the Linux kernel, the following vulnerability has been resolved: btrfs: do not ASSERT when the fs flips RO inside btrfsrepairiofailure BUG There is a bug report that when btrfs hits ENOSPC error in a critical path, btrfs flips RO this part is expected, although the ENOSPC bug still needs to be...

CVE-2026-43299

In the Linux kernel, the following vulnerability has been resolved: btrfs: do not ASSERT when the fs flips RO inside btrfsrepairiofailure BUG There is a bug report that when btrfs hits ENOSPC error in a critical path, btrfs flips RO this part is expected, although the ENOSPC bug still needs to be...

Linux Distros Unpatched Vulnerability : CVE-2026-43299

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - btrfs: do not ASSERT when the fs flips RO inside btrfsrepairiofailure BUG There is a bug report that when btrfs hits ENOSPC error in a critical path, btrfs flip...

PT-2026-38941

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A bug exists in the Btrfs file system where the kernel may crash if the file system switches to read-only RO mode during a read-repair operation. This occurs when a critical error, such ...

PT-2026-37175

Name of the Vulnerable Software and Affected Versions nova-toggle-5 versions prior to 1.3.0 Description The toggle endpoint "POST /nova-vendor/nova-toggle/toggle/resource/resourceId" was protected only by web and auth: middleware. This allowed any user authenticated on the configured guard to fli...

Bit-Flip Vulnerability of Shared KV-Cache Blocks in LLM Serving Systems

Rowhammer on GPU DRAM has enabled adversarial bit flips in model weights; shared KV-cache blocks in LLM serving systems present an analogous but previously unexamined target. In vLLM's Prefix Caching, these blocks exist as a single physical copy without integrity protection. Using software fault...