2 matches found
CVE-2026-40285 WeGIA has SQL Injection via Session Variable Override in DespachoControle.php
WeGIA is a web manager for charitable institutions. Versions prior to 3.6.10 contain a SQL injection vulnerability in dao/memorando/UsuarioDAO.php. The cpfusuario POST parameter overwrites the session-stored user identity via extract$REQUEST in DespachoControle::verificarDespacho, and the...
CVE-2025-38535
In the Linux kernel, the following vulnerability has been resolved: phy: tegra: xusb: Fix unbalanced regulator disable in UTMI PHY mode When transitioning from USBROLEDEVICE to USBROLENONE, the code assumed that the regulator should be disabled. However, if the regulator is marked as always-on,...