CVE-2025-48913

If untrusted users are allowed to configure JMS for Apache CXF, previously they could use RMI or LDAP URLs, potentially leading to code execution capabilities. This interface is now restricted to reject those protocols, removing this possibility. Users are recommended to upgrade to versions 3.6.8...

PT-2025-32329

Name of the Vulnerable Software and Affected Versions Apache CXF versions prior to 3.6.8 Apache CXF versions prior to 4.0.9 Apache CXF versions prior to 4.1.3 Description If untrusted users are permitted to configure JMS Java Message Service for Apache CXF, they could use RMI Remote Method...

Asrmicro ASR Series 安全漏洞

Asrmicro ASR Series is a series of chips from China's Avantage Technology Asrmicro. A security vulnerability exists in Asrmicro ASR Series, which originates from a resource leak in the sms.c file in router...

VulnCheck KEV: CVE-2025-48925

The TeleMessage service through 2025-05-05 relies on the client side e.g., the TM SGNL app to do MD5 hashing, and then accepts the hash as the authentication credential...

CVE-2024-3182

Install-type password disclosure vulnerability in Universal Installer including the Silent Installer in TIBCO Hawk versions 6.2.0, 6.2.1, 6.2.2 and 6.2.3 allows user's Enterprise Message Service EMS password to be exposed outside of the hawkagent.cfg and hawkevent.cfg config files...

CVE-2023-21634

Memory Corruption in Radio Interface Layer while sending an SMS or writing an SMS to SIM...

Unspecified Vulnerability in Moodle

Moodle is a free e-learning software platform, also known as a course management system, learning management system or virtual learning environment. A security vulnerability exists in Moodle, which stems from an insufficient message service capability check, and can be exploited by an attacker to...

Moodle 安全漏洞

Moodle is a free e-learning software platform, also known as a course management system, learning management system or virtual learning environment. A security vulnerability exists in Moodle, which stems from an insufficient message service capability check, and can be exploited by an attacker to...

The vulnerability of the SMS decoder in the OFono mobile phone stack allows a hacker to execute arbitrary codes.

The vulnerability of the SMS decoder in the OFono mobile phone stack is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability could allow a hacker to execute arbitrary codes...

Forever CALL ME KW-50和Forever CALL ME KW-60 安全漏洞

The Forever CALL ME KW-50 and Forever CALL ME KW-60 are both children's phone watches from Forever. Forever CALL ME KW-50 R36YDRA3PWGM7SV1.02019071516.19.24cobh version and Forever CALL ME KW-60 R36CWYDES4A292V1.02023.05.2422.49.44 A security vulnerability exists in the cobb version that stems fr...

Google Pixel 安全漏洞

Google Pixel is a smartphone from the American company Google Google. Google Pixel suffers from a buffer overflow vulnerability that stems from a lack of bounds checking in smsExtractCbLanguage in smsCellBroadcast.c, which can be exploited by an attacker to cause an out-of-bounds read...

CVE-2022-39068

There is a buffer overflow vulnerability in ZTE MF296R. Due to insufficient validation of the SMS parameter length, an authenticated attacker could use the vulnerability to perform a denial of service attack...

UBUNTU-CVE-2024-22122

Zabbix allows to configure SMS notifications. AT command injection occurs on "Zabbix Server" because there is no validation of "Number" field on Web nor on Zabbix server side. Attacker can run test of SMS providing specially crafted phone number and execute additional AT commands on modem...

DEBIAN-CVE-2024-7547

oFono SMS Decoder Stack-based Buffer Overflow Privilege Escalation Vulnerability. This vulnerability allows local attackers to execute arbitrary code on affected installations of oFono. An attacker must first obtain the ability to execute code on the target modem in order to exploit this...

oFono 缓冲区错误漏洞

oFono is an open source telephony communication framework open-sourced by UBports. A buffer error vulnerability exists in oFono, which stems from an out-of-bounds read vulnerability found in the QMI SMS Handling module...

CVE-2024-3182

Install-type password disclosure vulnerability in Universal Installer including the Silent Installer in TIBCO Hawk versions 6.2.0, 6.2.1, 6.2.2 and 6.2.3 allows user's Enterprise Message Service EMS password to be exposed outside of the hawkagent.cfg and hawkevent.cfg config files...

CVE-2024-3182

Install-type password disclosure vulnerability in Universal Installer including the Silent Installer in TIBCO Hawk versions 6.2.0, 6.2.1, 6.2.2 and 6.2.3 allows user's Enterprise Message Service EMS password to be exposed outside of the hawkagent.cfg and hawkevent.cfg config files...

CVE-2024-3182

Install-type password disclosure vulnerability in Universal Installer including the Silent Installer in TIBCO Hawk versions 6.2.0, 6.2.1, 6.2.2 and 6.2.3 allows user's Enterprise Message Service EMS password to be exposed outside of the hawkagent.cfg and hawkevent.cfg config files...

oFono 安全漏洞

oFono is an open source telephony communication framework open-sourced by UBports. A security vulnerability exists in oFono versions prior to 2.1, which stems from a stack overflow error triggered by the smsdecodeaddressfield function during SMS PDU decoding...

Qualcomm Chipsets 安全漏洞

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A security vulnerability exists in Qualcomm Chipsets that results from a denial of service when handling non-standard sized SMS containers received in a DL NAS transport in NR...