Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: Input: tiam335xtsc - fix off-by-one error in wireorder validation The current validation 'wireorderi ARRAYSIZEconfigpins' allows wireorderi to equal ARRAYSIZEconfigpins, which causes out-of-bounds access when used as index in...

CVE-2026-2592

The Zarinpal Gateway for WooCommerce plugin for WordPress is vulnerable to Improper Access Control to Payment Status Update in all versions up to and including 5.0.16. This is due to the payment callback handler 'ReturnfromZarinPalGateway' failing to validate that the authority token provided in...

Input: ti_am335x_tsc - fix off-by-one error in wire_order validation

...

CVE-2025-68777

In the Linux kernel, the following vulnerability has been resolved: Input: tiam335xtsc - fix off-by-one error in wireorder validation The current validation 'wireorderi ARRAYSIZEconfigpins' allows wireorderi to equal ARRAYSIZEconfigpins, which causes out-of-bounds access when used as index in...

CVE-2025-68777

In the Linux kernel, the following vulnerability has been resolved: Input: tiam335xtsc - fix off-by-one error in wireorder validation The current validation 'wireorderi ARRAYSIZEconfigpins' allows wireorderi to equal ARRAYSIZEconfigpins, which causes out-of-bounds access when used as index in...

UBUNTU-CVE-2025-68777

In the Linux kernel, the following vulnerability has been resolved: Input: tiam335xtsc - fix off-by-one error in wireorder validation The current validation 'wireorderi ARRAYSIZEconfigpins' allows wireorderi to equal ARRAYSIZEconfigpins, which causes out-of-bounds access when used as index in...

CVE-2025-68777

CVE-2025-68777 in the Linux kernel affects the ti_am335x_tsc driver. The validation for wire_order uses the condition wire_order[i] > ARRAY_SIZE(config_pins), which permits wire_order[i] to equal ARRAY_SIZE(config_pins) and can trigger an out-of-bounds access when indexing config_pins[wire_ord...

CVE-2025-68777 Input: ti_am335x_tsc - fix off-by-one error in wire_order validation

In the Linux kernel, the following vulnerability has been resolved: Input: tiam335xtsc - fix off-by-one error in wireorder validation The current validation 'wireorderi ARRAYSIZEconfigpins' allows wireorderi to equal ARRAYSIZEconfigpins, which causes out-of-bounds access when used as index in...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel, which originates from a worse-than-one error in the wireorder validation in the tiam335xtsc driver, which could lead to...

PT-2026-2509

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw related to an off-by-one error in the validation of the wire order variable. The initial validation check, wire orderi ARRAY SIZEconfig pins, permitted...

EUVD-2009-4734

Malware in sbrugna...

EUVD-2024-45801

Malicious code in bioql PyPI...

OESA-2025-2327 openssl security update

The OpenSSL Project is a collaborative effort to develop a robust, commercial-grade, fully featured, and Open Source toolkit implementing the Secure Sockets Layer SSL v2/v3 and Transport Layer Security TLS v1 protocols as well as a full-strength general purpose cryptography library. The project i...

OESA-2025-2325 openssl security update

The OpenSSL Project is a collaborative effort to develop a robust, commercial-grade, fully featured, and Open Source toolkit implementing the Secure Sockets Layer SSL v2/v3 and Transport Layer Security TLS v1 protocols as well as a full-strength general purpose cryptography library. The project i...

OESA-2025-2326 openssl security update

The OpenSSL Project is a collaborative effort to develop a robust, commercial-grade, fully featured, and Open Source toolkit implementing the Secure Sockets Layer SSL v2/v3 and Transport Layer Security TLS v1 protocols as well as a full-strength general purpose cryptography library. The project i...

CVE-2019-14979

cgi-bin/webscr?cmd=cart in the WooCommerce PayPal Checkout Payment Gateway plugin 1.6.17 for WordPress allows Parameter Tampering in an amount parameter such as amount1, as demonstrated by purchasing an item for lower than the intended price. NOTE: The plugin author states it is true that the...

DEBIAN-CVE-2022-49894

In the Linux kernel, the following vulnerability has been resolved: cxl/region: Fix region HPA ordering validation Some regions may not have any address space allocated. Skip them when validating HPA order otherwise a crash like the following may result: devmcxladdregion: cxlacpi cxlacpi.0:...

Cart Manipulation

sylius/paypal-plugin is vulnerable to cart manipulation. The vulnerability is due to improper order validation and enforcement after PayPal payment authorization, allowing users to alter their cart contents before finalizing the order...

Malicious code in limit-order-validation (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a7ad6cba9faf323fb0ffae19f703ba40944f39673b2e8803037d19ff0990671f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-2229 Malicious code in limit-order-validation (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a7ad6cba9faf323fb0ffae19f703ba40944f39673b2e8803037d19ff0990671f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...