291 matches found
CVE-2026-57783
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in merkulove Speaker speaker allows Stored XSS.This issue affects Speaker: from n/a through = 4.1.13...
CVE-2026-57783
Technical details are not publicly available in the provided documents. Monitor for updates from the vendor or NVD; current references only state a Stored XSS in Speaker
CVE-2026-57783 WordPress Speaker plugin <= 4.1.13 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in merkulove Speaker speaker allows Stored XSS.This issue affects Speaker: from n/a through = 4.1.13...
WordPress Speaker plugin <= 4.1.13 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by w41bu1 in WordPress Plugin Speaker versions = 4.1.13...
MAL-2026-6055 Malicious code in @mastra/node-speaker (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0d1fc45cd66b93c4e1a83c1743f1ac9ee3ebea854208b1a9cae83ee957ebfd83 @mastra/node-speaker is a PCM audio output library wrapping native mpg123 bindings. Its package.json declares 'easy-day-js' ^1.11.21 as a runtime...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: ASoC: max9759: fixed a underflow issue in speakergaincontrolput Checked for negative values of “priv-gain” to prevent out-of-bounds access. The concern is that these values might be provided by the user through: -...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: ASoC: codecs: rt1011: Use component to get the dapm context in spkmodeput The correct helper function to use in rt1011recvspkmodeput to retrieve the DAPM context is sndsoccomponenttodapm. From kcontrol, we will receive a NULL...
UBUNTU-CVE-2026-43478
In the Linux kernel, the following vulnerability has been resolved: ASoC: codecs: rt1011: Use component to get the dapm context in spkmodeput The correct helper to use in rt1011recvspkmodeput to retrieve the DAPM context is sndsoccomponenttodapm, from kcontrol we will receive NULL pointer...
CVE-2026-43478
In the Linux kernel, the following vulnerability has been resolved: ASoC: codecs: rt1011: Use component to get the dapm context in spkmodeput The correct helper to use in rt1011recvspkmodeput to retrieve the DAPM context is sndsoccomponenttodapm, from kcontrol we will receive NULL pointer...
PT-2026-40685
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the ASoC codecs rt1011 where the rt1011 recv spk mode put function incorrectly attempts to retrieve the DAPM Dynamic Audio Power Management context. Using kcontrol in...
Time-Domain Voice Identity Morphing (TD-VIM): A Signal-Level Approach to Morphing Attacks on Speaker Verification Systems
In biometric systems, it is a common practice to associate each sample or template with a specific individual. Nevertheless, recent studies have demonstrated the feasibility of generating "morphed" biometric samples capable of matching multiple identities. These morph attacks have been recognized...
Scores Know Bobs Voice: Speaker Impersonation Attack
Advances in deep learning have enabled the widespread deployment of speaker recognition systems SRSs, yet they remain vulnerable to score-based impersonation attacks. Existing attacks that operate directly on raw waveforms require a large number of queries due to the difficulty of optimizing in...
📄 WordPress Eventin 4.0.34 Account Takeover
A critical vulnerability exists in the Speaker Management component of the target where an authenticated attacker can intercept the speaker update process and change any speaker's registered email address without proper authorization. This flaw allows the attacker to hijack arbitrary accounts by...
Smoothwall Express 跨站脚本漏洞
Smoothwall Express is Smoothwall open source a GNU/Linux-based firewall operating system . Smoothwall Express cross-site scripting vulnerability , the vulnerability stems from the modem.cgi script for INIT, HANGUP, SPEAKERON, SPEAKEROFF, TONEDIAL and PULSEDIAL parameters of the user-supplied data...
[SECURITY] Fedora 42 Update: rust-speakersafetyd-1.0.2-6.fc42
Speaker protection daemon for embedded Linux systems...
[SECURITY] Fedora 43 Update: rust-speakersafetyd-1.0.2-6.fc43
Speaker protection daemon for embedded Linux systems...
Our PR team awarded me the “The Best Positive Speaker 2025” metal pin for public speaking, articles, and media commentary
Our PR team awarded me the “The Best Positive Speaker 2025” metal pin for public speaking, articles, and media commentary. Huge thanks to my colleagues for this! I’m very pleased. 😇 The collection is growing. 😉 This time, the pin is styled like the Friends sitcom logo. It’s made of metal, coated...
ALGO 8180 IP Audio Alerter security vulnerability
ALGO 8180 IP Audio Alerter is an IP speaker developed by ALGO Corporation. The ALGO 8180 IP Audio Alerter has a security vulnerability; this vulnerability stems from the web-based user interface, which allows direct requests for URLs, potentially leading to information leakage...
ALGO 8180 IP Audio Alerter: Operating System Command Injection Vulnerability
ALGO 8180 IP Audio Alerter is an IP speaker developed by ALGO Corporation. The ALGO 8180 IP Audio Alerter has a vulnerability related to operating system command injection. This vulnerability stems from a lack of validation for user input strings in the SAC module, which may lead to remote code...
CVE-2025-62648
The Restaurant Brands International RBI assistant platform through 2025-09-06 allows remote attackers to adjust Drive Thru speaker audio volume...