6 matches found
MAL-2025-18698 Malicious code in down-lo-ad-now-zip-mp3-37967-duality-g5efy-wezkck (npm)
The package down-lo-ad-now-zip-mp3-37967-duality-g5efy-wezkck was found to contain malicious code...
Duality on the Thermodynamics of the Kirchhoff-Law-Johnson-Noise (KLJN) Secure Key Exchange Scheme
This study investigates a duality approach to information leak detection in the generalized Kirchhoff-Law-Johnson-Noise secure key exchange scheme proposed by Vadai, Mingesz, and Gingl VMG-KLJN. While previous work by Chamon and Kish sampled voltages at zero-current instances, this research...
Malicious code in AdamsLair.Duality.Editor.Net (NuGet)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in AdamsLair.Duality.Core (NuGet)
--- -= Per source details. Do not edit below this line.=-...
Dysfunctional CToken._acceptAdmin due to lack of function to assign pendingAdmin
Lines of code Vulnerability details Impact The implementation of CToken in Duality introduced an acceptAdmin function, which presumably should allow changing the admin. However, there does not exist a pairing proposePendingAdmin function that can propose a new pendingAdmin, thus pendingAdmin will...
Race you to the kernel!
Posted by Ian Beer of Google Project Zero The OS X and iOS kernel code responsible for loading a setuid root binary invalidates the old task port after first swapping the new virtual memory map pointer into the old task object, leaving a short race window where you can manipulate the memory of an...