1854 matches found
MAL-2026-2095 Malicious code in pulse-shop-section (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9973ec50205f8457c7d27feb3e60011e3fe79d4e0d1b7cbeaa30bc38e98e9d95 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-2093 Malicious code in pulse-rsvp-card-entity (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d02d6daeedd5d906c300edc9ce1c430366876726cb5f6c69156b785a38713ad1 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious Package
Overview pulse-feature-flag is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
Malicious code in pulse-feature-flag (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware fad1549c9f60719931f740e56bfa68762b93275b97574f4d8d2c08aeedc71344 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-2092 Malicious code in pulse-feature-flag (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware fad1549c9f60719931f740e56bfa68762b93275b97574f4d8d2c08aeedc71344 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Storm-2561 Spreads Trojan VPN Clients via SEO Poisoning to Steal Credentials
Microsoft has disclosed details of a credential theft campaign that employs fake virtual private network VPN clients distributed through search engine optimization SEO poisoning techniques. "The campaign redirects users searching for legitimate enterprise software to malicious ZIP files on...
PT-2026-24932
A vulnerability has been found in jarikomppa soloud up to 20200207. Impacted is the function drwav read pcm frames s16 msadpcm in the library src/audiosource/wav/dr wav.h of the component WAV File Parser. The manipulation leads to out-of-bounds read. The attack needs to be performed locally. The...
Energy-Time Attack on Detectors in Quantum Key Distribution
Quantum key distribution is unbreakable in theory but may be hacked via imperfections in its hardware implementations. While many imperfections have been mitigated by countermeasures and advanced security proofs, several remain unsolved. One of these is a superlinear behaviour in single-photon...
Malicious Package
Overview finn-pulse-init is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
kernel: Linux kernel ALSA USB audio driver: Buffer overflow leading to information disclosure and denial of service
A flaw was found in the ALSA USB audio driver of the Linux kernel. This vulnerability, a buffer overflow, occurs when the size of the Pulse-Code Modulation PCM stream data packets exceeds the maximum allowed by the USB descriptor. A local attacker could exploit this by providing specially crafted...
kernel: Linux kernel ALSA USB audio driver: Buffer overflow leading to information disclosure and denial of service
A flaw was found in the ALSA USB audio driver of the Linux kernel. This vulnerability, a buffer overflow, occurs when the size of the Pulse-Code Modulation PCM stream data packets exceeds the maximum allowed by the USB descriptor. A local attacker could exploit this by providing specially crafted...
CVE-2026-24790 Welker OdorEyes EcoSystem Pulse Bypass System with XL4 Controller Missing Authentication for Critical Function
The underlying PLC of the device can be remotely influenced, without proper safeguards or authentication...
CVE-2026-24790
Technical details about CVE-2026-24790 are not publicly available in the provided documents. Monitor for updates.
CVE-2026-24790 Welker OdorEyes EcoSystem Pulse Bypass System with XL4 Controller Missing Authentication for Critical Function
The underlying PLC of the device can be remotely influenced, without proper safeguards or authentication...
Welker OdorEyes EcoSystem Pulse Bypass System with XL4 Controller 访问控制错误漏洞
The Welker OdorEyes EcoSystem Pulse Bypass System with XL4 Controller is an industrial natural gas odorization system developed by the American company Welker. This system has a security vulnerability known as access control errors. The vulnerability stems from insufficient protective measures or...
USN-8033-7: Linux kernel vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Nios II architecture; - Sun Sparc architecture; - User-Mode Linux UML; - x86 architecture; - Block layer subsystem;...
Welker OdorEyes EcoSystem Pulse Bypass System with XL4 Controller
RISK EVALUATION Successful exploitation of this vulnerability could result in an over- or under-odorization event. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network exposure for all control...
Smoothwall Express 跨站脚本漏洞
Smoothwall Express is Smoothwall open source a GNU/Linux-based firewall operating system . Smoothwall Express cross-site scripting vulnerability , the vulnerability stems from the modem.cgi script for INIT, HANGUP, SPEAKERON, SPEAKEROFF, TONEDIAL and PULSEDIAL parameters of the user-supplied data...
UBUNTU-CVE-2026-23191
In the Linux kernel, the following vulnerability has been resolved: ALSA: aloop: Fix racy access at PCM trigger The PCM trigger callback of aloop driver tries to check the PCM state and stop the stream of the tied substream in the corresponding cable. Since both check and stop operations are...
CVE-2026-23190
Mode C: CVE-2026-23190 affects the Linux kernel ASoC/amd driver; the issue is a memory leak in acp3x PDM DMA ops. Public advisories (Mageia, SUSE/OpenSUSE, Oracle Linux, Debian) confirm upstream fix in kernel. Remediation is applying the upstream patch (memory leak in acp3x pdm dma ops) or upgrad...