PT-2025-38749

Name of the Vulnerable Software and Affected Versions Sound4 PULSE-ECO AES67 version 1.22 Description The web-based management interface is susceptible to Remote Code Execution RCE through a malicious firmware update package. The system does not properly validate the integrity of the manual.sh...

CVE-2025-57431

The Sound4 PULSE-ECO AES67 1.22 web-based management interface is vulnerable to Remote Code Execution RCE via a malicious firmware update package. The update mechanism fails to validate the integrity of manual.sh, allowing an attacker to inject arbitrary commands by modifying this script and...

Design/Logic Flaw

When loading a script with Subresource Integrity, attackers with an injection capability could trigger the reuse of previously cached entries with incorrect, different integrity metadata. This vulnerability affects Firefox 103...

CVE-2022-36315

When loading a script with Subresource Integrity, attackers with an injection capability could trigger the reuse of previously cached entries with incorrect, different integrity metadata. This vulnerability affects Firefox 103...

Security Vulnerabilities fixed in Firefox 103 — Mozilla

When combining CSS properties for overflow and transform, the mouse cursor could interact with different coordinates than displayed. When visiting a website with an overly long URL, the user interface would start to hang. Due to session restore, this could lead to a permanent Denial of Service.Th...

The vulnerability of the SCADA system “KRUG-2000” software, related to insufficient verification of script integrity, allows a perpetrator to trigger a service failure.

The vulnerability of the SCADA system “KRUG-2000” software is related to insufficient verification of the integrity of scripts. Exploiting this vulnerability can allow an intruder to cause a service failure...