Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ASoC: max9759: fixed a underflow issue in speakergaincontrolput Checked for negative values of “priv-gain” to prevent out-of-bounds access. The concern is that these values might be provided by the user through: -...

UBUNTU-CVE-2026-43478

In the Linux kernel, the following vulnerability has been resolved: ASoC: codecs: rt1011: Use component to get the dapm context in spkmodeput The correct helper to use in rt1011recvspkmodeput to retrieve the DAPM context is sndsoccomponenttodapm, from kcontrol we will receive NULL pointer...

CVE-2026-43478

In the Linux kernel, the following vulnerability has been resolved: ASoC: codecs: rt1011: Use component to get the dapm context in spkmodeput The correct helper to use in rt1011recvspkmodeput to retrieve the DAPM context is sndsoccomponenttodapm, from kcontrol we will receive NULL pointer...

PT-2026-40685

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the ASoC codecs rt1011 where the rt1011 recv spk mode put function incorrectly attempts to retrieve the DAPM Dynamic Audio Power Management context. Using kcontrol in...

Time-Domain Voice Identity Morphing (TD-VIM): A Signal-Level Approach to Morphing Attacks on Speaker Verification Systems

In biometric systems, it is a common practice to associate each sample or template with a specific individual. Nevertheless, recent studies have demonstrated the feasibility of generating "morphed" biometric samples capable of matching multiple identities. These morph attacks have been recognized...

Scores Know Bobs Voice: Speaker Impersonation Attack

Advances in deep learning have enabled the widespread deployment of speaker recognition systems SRSs, yet they remain vulnerable to score-based impersonation attacks. Existing attacks that operate directly on raw waveforms require a large number of queries due to the difficulty of optimizing in...

📄 WordPress Eventin 4.0.34 Account Takeover

A critical vulnerability exists in the Speaker Management component of the target where an authenticated attacker can intercept the speaker update process and change any speaker's registered email address without proper authorization. This flaw allows the attacker to hijack arbitrary accounts by...

Smoothwall Express 跨站脚本漏洞

Smoothwall Express is Smoothwall open source a GNU/Linux-based firewall operating system . Smoothwall Express cross-site scripting vulnerability , the vulnerability stems from the modem.cgi script for INIT, HANGUP, SPEAKERON, SPEAKEROFF, TONEDIAL and PULSEDIAL parameters of the user-supplied data...

[SECURITY] Fedora 42 Update: rust-speakersafetyd-1.0.2-6.fc42

Speaker protection daemon for embedded Linux systems...

[SECURITY] Fedora 43 Update: rust-speakersafetyd-1.0.2-6.fc43

Speaker protection daemon for embedded Linux systems...

Our PR team awarded me the “The Best Positive Speaker 2025” metal pin for public speaking, articles, and media commentary

Our PR team awarded me the “The Best Positive Speaker 2025” metal pin for public speaking, articles, and media commentary. Huge thanks to my colleagues for this! I’m very pleased. 😇 The collection is growing. 😉 This time, the pin is styled like the Friends sitcom logo. It’s made of metal, coated...

ALGO 8180 IP Audio Alerter security vulnerability

ALGO 8180 IP Audio Alerter is an IP speaker developed by ALGO Corporation. The ALGO 8180 IP Audio Alerter has a security vulnerability; this vulnerability stems from the web-based user interface, which allows direct requests for URLs, potentially leading to information leakage...

ALGO 8180 IP Audio Alerter: Operating System Command Injection Vulnerability

ALGO 8180 IP Audio Alerter is an IP speaker developed by ALGO Corporation. The ALGO 8180 IP Audio Alerter has a vulnerability related to operating system command injection. This vulnerability stems from a lack of validation for user input strings in the SAC module, which may lead to remote code...

CVE-2025-62648

The Restaurant Brands International RBI assistant platform through 2025-09-06 allows remote attackers to adjust Drive Thru speaker audio volume...

CVE-2025-62648

CVE-2025-62648 affects Restaurant Brands International (RBI) assistant platform versions up to 2025-09-06. The connected CSAF document details multiple vulnerabilities: an unauthenticated account creation path via a signup API, cleartext transmission of passwords in email, a token with administra...

EUVD-2025-34924

The Restaurant Brands International RBI assistant platform through 2025-09-06 allows remote attackers to adjust Drive Thru speaker audio volume...

EUVD-2020-3571

Malware in sbrugna...

EUVD-2019-14876

Malware in sbrugna...

EUVD-2020-29824

Malware in sbrugna...

EUVD-2020-6255

Malware in sbrugna...