Heap overflow

An issue was discovered on Samsung mobile devices with software through 2020-04-02 Exynos modem chipsets. There is a heap-based buffer over-read in the Shannon baseband. The Samsung ID is SVE-2020-17239 August 2020...

CVE-2020-25054

An issue was discovered on Samsung mobile devices with software through 2020-04-02 Exynos modem chipsets. There is a heap-based buffer over-read in the Shannon baseband. The Samsung ID is SVE-2020-17239 August 2020...

CVE-2020-25054

The CVE-2020-25054 issue affects Samsung mobile devices with Exynos modem chipsets up to 2020-04-02, involving a heap-based buffer over-read in the Shannon baseband. The entry identifies the Samsung internal ID SVE-2020-17239 (August 2020). Public data in the connected records confirms the vulner...

openSUSE Security Update : hylafax+ (openSUSE-2020-1209)

This update for hylafax+ fixes the following issues : Hylafax was updated to upstream version 7.0.3. Security issues fixed : - CVE-2020-15396: Secure temporary directory creation for faxsetup, faxaddmodem, and probemodem boo1173521. - CVE-2020-15397: Sourcing of files into binaries from user...

OPENSUSE-SU-2020:1210-1 Security update for hylafax+

This update for hylafax+ fixes the following issues: Hylafax was updated to upstream version 7.0.3. Security issues fixed: - CVE-2020-15396: Secure temporary directory creation for faxsetup, faxaddmodem, and probemodem boo1173521. - CVE-2020-15397: Sourcing of files into binaries from user...

Security update for hylafax+ (moderate)

openSUSE Security Update: Security update for hylafax+ Announcement ID: openSUSE-SU-2020:1210-1 Rating: moderate References: 1173519 1173521 Cross-References: CVE-2020-15396 CVE-2020-15397 Affected Products: openSUSE Leap 15.1 An update that fixes two vulnerabilities is now available. Description...

[SECURITY] Fedora 31 Update: hylafax+-7.0.3-1.fc31

HylaFAXtm is a enterprise-strength fax server supporting Class 1 and 2 fax modems on UNIX systems. It provides spooling services and numerous supporting fax management tools. The fax clients may reside on machines different from the server and client implementations exist for a number of platform...

Code injection

An attacker with knowledge of the modem access number on a NEC UM8000 voicemail system may use SSH tunneling or standard Linux utilities to gain access to the system's LAN port. All versions are affected...

Design/Logic Flaw

An attacker with access to an InMail voicemail box equipped with the find me/follow me feature on Aspire-derived NEC PBXes, including all versions of SV8100, SV9100, SL1100 and SL2100 devices, may access the system's administration modem...

CVE-2019-20032

An attacker with access to an InMail voicemail box equipped with the find me/follow me feature on Aspire-derived NEC PBXes, including all versions of SV8100, SV9100, SL1100 and SL2100 devices, may access the system's administration modem...

CVE-2020-12773

A security misconfiguration vulnerability exists in the SDK of some Realtek ADSL/PON Modem SoC firmware, which allows attackers using a default password to execute arbitrary commands remotely via the build-in network monitoring tool...

CVE-2020-12773 Realtek ADSL/PON Modem SoC - Security Misconfiguration

A security misconfiguration vulnerability exists in the SDK of some Realtek ADSL/PON Modem SoC firmware, which allows attackers using a default password to execute arbitrary commands remotely via the build-in network monitoring tool...

CVE-2020-12773

The CVE concerns Realtek ADSL/PON Modem SoC firmware SDK with a security misconfiguration that allows remote command execution via a built-in network monitoring tool. An attacker can exploit a default password to gain arbitrary command execution, compromising confidentiality, integrity, and avail...

Digi XBee 2 Command Execution Vulnerability

Digi XBee 2 is an embedded cellular modem from Digi USA. A security vulnerability exists in Digi XBee version 2, which stems from the product's failure to implement an effective protection mechanism against remote AT commands. A remote attacker can exploit the vulnerability to execute arbitrary...

CVE-2020-13109

Morita Shogi 64 through 2020-05-02 for Nintendo 64 devices allows remote attackers to execute arbitrary code via crafted packet data to the built-in modem because 0x800b3e94 aka the IF subcommand to top-level command 7 has a stack-based buffer overflow...

Stack overflow

Morita Shogi 64 through 2020-05-02 for Nintendo 64 devices allows remote attackers to execute arbitrary code via crafted packet data to the built-in modem because 0x800b3e94 aka the IF subcommand to top-level command 7 has a stack-based buffer overflow...

CVE-2020-13109

Morita Shogi 64 through 2020-05-02 for Nintendo 64 devices allows remote attackers to execute arbitrary code via crafted packet data to the built-in modem because 0x800b3e94 aka the IF subcommand to top-level command 7 has a stack-based buffer overflow...

Buffer overflow vulnerability in multiple NETGEAR products (CNVD-2021-46568)

NETGEAR D3600 and others are products of NETGEAR, Inc.NETGEAR D3600 is a wireless modem.NETGEAR D6100 is a wireless modem.NETGEAR R6100 is a wireless router.NETGEAR R6100 is a wireless router.NETGEAR R6100 is a wireless router.NETGEAR R6100 is a wireless router.NETGEAR R6100 is a wireless...

Buffer overflow vulnerability in multiple NETGEAR products (CNVD-2021-46567)

NETGEAR D3600 and others are products of NETGEAR, Inc.NETGEAR D3600 is a wireless modem.NETGEAR R7500 is a wireless router.NETGEAR D6100 is a wireless modem.NETGEAR R7500 is a wireless router.NETGEAR R7500 is a wireless router.NETGEAR R7500 is a wireless router.NETGEAR R7500 is a wireless...

Buffer overflow vulnerability in multiple NETGEAR products (CNVD-2021-46565)

NETGEAR D3600 and others are products of NETGEAR, Inc.NETGEAR D3600 is a wireless modem.NETGEAR D6100 is a wireless modem.NETGEAR R6100 is a wireless router.NETGEAR R6100 is a wireless router. A buffer overflow vulnerability exists in multiple NETGEAR products. The vulnerability originates when a...