CVE-2025-49494

An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 2100, 1280, 2200, 1330, 1380, 1480, 9110, Modem 5123. Mishandling of an 5G NRMM packet leads to a Denial of Service...

CVE-2025-20727

In Modem, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote escalation of privilege, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for...

CVE-2025-20726

In Modem, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote escalation of privilege, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for...

CVE-2025-20726

In Modem, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote escalation of privilege, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for...

CVE-2025-20726

CVE-2025-20726 affects MediaTek’s Modem, where an incorrect bounds check enables an out-of-bounds write. This could permit remote escalation of privilege if a user equipment (UE) connects to a rogue base station; exploitation requires no user interaction. A patch is available as MOLY01672598 (MSV...

CVE-2025-20726

In Modem, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote escalation of privilege, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for...

CVE-2025-20727

CVE-2025-20727 affects MediaTek MoLY modem software, describing a heap-buffer overflow that enables out-of-bounds writes and remote escalation of privilege when a UE connects to a rogue base station. The vulnerability arises from an out-of-bounds write in the Modem component, with no user interac...

CVE-2025-20727

In Modem, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote escalation of privilege, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for...

CVE-2025-20727

In Modem, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote escalation of privilege, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for...

PT-2025-44966

Name of the Vulnerable Software and Affected Versions Huawei Modem affected versions not specified Description A heap buffer overflow exists in the Modem software that could lead to remote escalation of privilege. An attacker could exploit this by controlling a rogue base station to which a User...

PT-2025-44965

Name of the Vulnerable Software and Affected Versions Huawei Modem affected versions not specified Description The Huawei Modem contains a flaw where an incorrect bounds check can lead to an out-of-bounds write. This condition could allow for remote escalation of privilege if a User Equipment UE...

SAMSUNG多款产品 安全漏洞

SAMSUNG Exynos is a range of processors from South Korean company Samsung SAMSUNG. A security vulnerability exists in a number of SAMSUNG products, which stems from mishandling of 5G NRMM packets and could lead to a denial of service. The following products are affected: Exynos 2100, 1280, 2200,...

CVE-2025-49494

An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 2100, 1280, 2200, 1330, 1380, 1480, 9110, Modem 5123. Mishandling of an 5G NRMM packet leads to a Denial of Service...

PT-2025-45020

Name of the Vulnerable Software and Affected Versions Samsung Exynos 980 Samsung Exynos 990 Samsung Exynos 850 Samsung Exynos 2100 Samsung Exynos 1280 Samsung Exynos 2200 Samsung Exynos 1330 Samsung Exynos 1380 Samsung Exynos 1480 Samsung Exynos 2400 Samsung Exynos 1580 Samsung Exynos 2500 Samsun...

EUVD-2023-60047

Nagios Network Analyzer versions prior to 2024R1 are vulnerable to cross-site scripting XSS via the Percentile Calculator menu. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in the context of a victim's browser...

SUSE CVE-2025-40071

In the Linux kernel, the following vulnerability has been resolved: tty: ngsm: Don't block input queue by waiting MSC Currently gsmqueue processes incoming frames and when opening a DLC channel it calls gsmdlciopen which calls gsmmodemupdate. If basic mode is used it calls gsmmodemupdviamsc and i...

CVE-2025-26781

An issue was discovered in L2 in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 9110, W920, W930, Modem 5123, and Modem 5300. Incorrect handling of RLC AM PDUs leads to a Denial of Service...

CVE-2025-40069

In the Linux kernel, the following vulnerability has been resolved: drm/msm: Fix obj leak in VMBIND error path If we fail a handle-lookup part way thru, we need to drop the already obtained obj references. Patchwork: https://patchwork.freedesktop.org/patch/669784/...

CVE-2025-40071

In the Linux kernel, the following vulnerability has been resolved: tty: ngsm: Don't block input queue by waiting MSC Currently gsmqueue processes incoming frames and when opening a DLC channel it calls gsmdlciopen which calls gsmmodemupdate. If basic mode is used it calls gsmmodemupdviamsc and i...

AZL-68942 CVE-2025-40071 affecting package kernel for versions less than 6.6.112.1-2

In the Linux kernel, the following vulnerability has been resolved: tty: ngsm: Don't block input queue by waiting MSC Currently gsmqueue processes incoming frames and when opening a DLC channel it calls gsmdlciopen which calls gsmmodemupdate. If basic mode is used it calls gsmmodemupdviamsc and i...