Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: PCI: Endpoint: Fixed incorrect parameter order in functions pciprimary/epcepfunlink and pcisecondary/epcepfunlink. The callbacks for struct configfsitemoperations are defined as follows: c int allowlinkstruct configitem src, stru...

SUSE CVE-2026-43200

In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: Fix swapped parameters in pciprimary/secondaryepcepfunlink functions struct configfsitemoperations callbacks are defined like the following: int allowlinkstruct configitem src, struct configitem target; void...

PT-2026-37540

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the PCI endpoint component where the pci primary epc epf unlink and pci secondary epc epf unlink functions specify parameters in the wrong order. This contradicts the...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from an incorrect parameter order in the functions pciprimaryepcepfunlink and pcisecondaryepcepfunlink...

OpenClaw: Voice-call Plivo V3 webhook replay key uses unsorted URL, allowing replay via query-parameter reordering

Summary Plivo V3 signature verification canonicalized query ordering, but replay detection hashed the raw verification URL. Reordering query parameters preserved a valid signature while producing a fresh replay-cache key. Impact An attacker who captured one valid signed Plivo V3 webhook could...

ruoyi-go 安全漏洞

ruoyi-go is a backend management system for individual developers at lostvip.com. A security vulnerability exists in ruoyi-go 2.1 and earlier versions, which stems from SQL injection due to incorrect manipulation of the parameter orderByColumn/isAsc in the file modules/system/systemrouter.go...

spring-boot-admin 注入漏洞

spring-boot-admin is a codecentric open source based on Spring boot Mybatis open source backend management system , with user management , menu management and role management 3 functions , permission control to the button level . spring-boot-admin version 1.0 there are injection vulnerabilities ,...

CVE-2025-0344

A vulnerability has been found in leiyuxi cy-fast 1.0 and classified as critical. Affected by this vulnerability is the function listData of the file /commpara/listData. The manipulation of the argument order leads to sql injection. The attack can be launched remotely. The exploit has been...

cy-fast 注入漏洞

cy-fast is a SpringBoot based rapid development framework by chenyi personal developer. An injection vulnerability exists in cy-fast version 1.0, which is caused by SQL injection in the parameter order...

cy-fast 注入漏洞

cy-fast is a SpringBoot based rapid development framework by chenyi personal developer. An injection vulnerability exists in cy-fast version 1.0, which is caused by SQL injection in the parameter order...

cy-fast 注入漏洞

cy-fast is a SpringBoot based rapid development framework by chenyi personal developer. An injection vulnerability exists in cy-fast version 1.0, which is caused by SQL injection in the parameter order...

cy-fast SQL注入漏洞

cy-fast is a SpringBoot based rapid development framework by chenyi personal developer. A security vulnerability exists in cy-fast version 1.0, which is caused by a SQL injection in the parameter order...

TECNO TR118 SQL注入漏洞

The TECNO TR118 is a portable 4G WiFi from China's Transocean TECNO. A SQL injection vulnerability exists in TECNO TR118 version V008-20220830, which stems from the fact that incorrect operation of the parameter orderby can lead to sql injection...

Simple Food Ordering System 跨站脚本漏洞

Simple Food Ordering System is a simple food ordering system by the individual developer Carlo Montero. A cross-site scripting vulnerability exists in Simple Food Ordering System version 1.0, which stems from cross-site scripting due to misuse of the parameter order...

Incorrect shift in assembly

Lines of code Vulnerability details Impact Shift operators shlx, y, shrx, y, sarx, y in Solidity assembly apply the shift operation of x bits on y and not the other way around, which may be confusing. Check if the values in a shift operation are reversed. Proof of Concept File: Drips.sol 823: val...

Upgraded Q -> M from #348 [1668468155840]

Judge has assessed an item in Issue 348 as M risk. The relevant finding follows: L01 Wrong parameter order inside beforeTokenTransfer in LBtoken::burn call should be beforeTokenTransferaccount, address0, id, amount; --- The text was updated successfully, but these errors were encountered: All...

IBAX go-ibax SQL注入漏洞

IBAX go-ibax is a blockchain system platform from IBAX Corporation. IBAX go-ibax suffers from a SQL injection vulnerability that stems from some unknown functionality in file/api/v2/open/rowsInfo, where manipulation of the parameter order leads to SQL injection...

CVE-2020-9268

SoPlanning 1.45 is vulnerable to SQL Injection in the OrderBy clause, as demonstrated by the projets.php?order=nomcreateur&by= substring...