17 matches found
CVE-2025-46287
An inconsistent user interface issue was addressed with improved state management. This issue is fixed in watchOS 26.2, macOS Sonoma 14.8.3, iOS 18.7.3 and iPadOS 18.7.3, iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2, macOS Sequoia 15.7.3, visionOS 26.2. An attacker may be able to spoof their FaceTi...
EUVD-2007-1814
Malware in sbrugna...
EUVD-2007-1815
Malware in sbrugna...
SIP Invite Spoof
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SIP Invite Spoof', 'Description' = %q This module will create a fake SIP invite request making the targeted device ring and display fake caller i...
Swatting-as-a-Service is a growing and complicated problem to solve
One Telegram channel has been found to be behind a great deal of swatting incidents in the US. Using the anonymity provided by Telegram, caller ID spoofing, and voices generated by Artificial Intelligence AI, a person or group of persons calling themselves Torswats is suspected to be behind dozen...
SUSE CVE-2017-8422
KDE kdelibs before 4.14.32 and KAuth before 5.34 allow local users to gain root privileges by spoofing a callerID and leveraging a privileged helper app...
Uber security alert scam spoofs real Uber number—Watch out!
This morning Malwarebytes Labs received a scam masquerading as a security alert from Uber. The alert was pretty convincing and used the kind of language were used to seeing in genuine security emails and SMS messages. It read: Your Uber account was recently logged into from iPhone in London. If...
Kamailio 5.4.0 Header Smuggling
Kamailio vulnerable to header smuggling possible due to bypass of removehf - Fixed versions: Kamailio v5.4.0 - Enable Security Advisory: - Tested vulnerable versions: 5.3.5 and earlier - Timeline: - Report date & issue patched by Kamailio: 2020-07-16 - Kamailio rewrite for header parser better fi...
Kamailio 5.4.0 Header Smuggling Exploit
Kamailio version 5.4.0 is vulnerable to header smuggling via a bypass of removehf. Kamailio vulnerable to header smuggling possible due to bypass of removehf - Fixed versions: Kamailio v5.4.0 - Enable Security Advisory: - Tested vulnerable versions: 5.3.5 and earlier - Timeline: - Report date &...
Would You Have Fallen for This Phone Scam?
You may have heard that today's phone fraudsters like to use caller ID spoofing services to make their scam calls seem more believable. But you probably didn't know that these fraudsters also can use caller ID spoofing to trick your bank into giving up information about recent transactions on you...
UBUNTU-CVE-2017-8422
KDE kdelibs before 4.14.32 and KAuth before 5.34 allow local users to gain root privileges by spoofing a callerID and leveraging a privileged helper app...
InTerCyber company in the message in the system discovered a serious vulnerability-a vulnerability warning-the black bar safety net
According to foreign media the latest report, information security company InTheCyber Security Studies experts discovered a serious vulnerability, this vulnerability or can affect the message system security. Note that this vulnerability using the method is not difficult, an attacker can easily...
CVE-2016-0847
The Telecom Component in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 allows attackers to spoof the originating telephone number of a call via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 26864502...
CVE-2007-5469
OpenSER 1.2.2 does not verify the Digest authentication header URI against the Request URI in SIP messages, which allows remote attackers to use sniffed Digest authentication credentials to call arbitrary telephone numbers or spoof caller ID aka "toll fraud and authentication forward attack". NOT...
CVE-2007-5468
Cisco CallManager 5.1.1.3000-5 is vulnerable because it does not verify the Digest authentication header URI against the SIP Request URI. This allows remote attackers to use sniffed Digest credentials to place arbitrary calls or spoof caller ID (toll fraud and authentication forward attack). The ...
Design/Logic Flaw
Alcatel-Lucent Lucent Technologies voice mail systems allow remote attackers to retrieve or remove messages, or reconfigure mailboxes, by spoofing Calling Number Identification CNID, aka Caller ID...
Voice mail systems allow administrative access based on Caller ID
Overview Certain voice mail systems trust Calling Number Identification CNID, Caller ID to authenticate administrative access to voice mail accounts. Caller ID can be easily spoofed, allowing an attacker to gain control over a vulnerable voice mailbox. Description Some voice mail systems use Call...