21 matches found
CVE-2026-23739
Asterisk is an open source private branch exchange and telephony toolkit. Prior to versions 20.7-cert9, 20.18.2, 21.12.1, 22.8.2, and 23.2.2, the astxmlopen function in xml.c parses XML documents using libxml with unsafe parsing options that enable entity expansion and XInclude processing...
EUVD-2023-54107
Malicious code in bioql PyPI...
EUVD-2023-54106
Malicious code in bioql PyPI...
Asterisk: Multiple Vulnerabilities
Background Asterisk is an open source telephony engine and toolkit. Description Multiple vulnerabilities have been discovered in Asterisk. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no known...
oFono 安全漏洞
oFono is an open source telephony communication framework open-sourced by UBports. A security vulnerability exists in oFono that stems from a stack-based buffer overflow code execution vulnerability found in the CUSD module...
oFono 安全漏洞
oFono is an open source telephony communication framework open-sourced by UBports. A security vulnerability exists in oFono that stems from a heap-based buffer overflow elevation of privilege vulnerability found in the SimToolKit module...
oFono 安全漏洞
oFono is an open source telephony communication framework open-sourced by UBports. A security vulnerability exists in oFono that stems from a heap-based buffer overflow elevation of privilege vulnerability found in the SimToolKit module...
Fedora 40 : ofono (2024-c42ea059d0)
The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-c42ea059d0 advisory. Update to v2.5 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for...
CVE-2023-4233
A flaw was found in ofono, an Open Source Telephony on Linux. A stack overflow bug is triggered within the smsdecodeaddressfield function during the SMS PDU decoding. It is assumed that the attack scenario is accessible from a compromised modem, a malicious base station, or just SMS...
CVE-2023-4232
A flaw was found in ofono, an Open Source Telephony on Linux. A stack overflow bug is triggered within the decodestatusreport function during the SMS decoding. It is assumed that the attack scenario is accessible from a compromised modem, a malicious base station, or just SMS. There is a bound...
UBUNTU-CVE-2023-4234
A flaw was found in ofono, an Open Source Telephony on Linux. A stack overflow bug is triggered within the decodesubmitreport function during the SMS decoding. It is assumed that the attack scenario is accessible from a compromised modem, a malicious base station, or just SMS. There is a bound...
CVE-2023-4235
A flaw was found in ofono, an Open Source Telephony on Linux. A stack overflow bug is triggered within the decodedeliverreport function during the SMS decoding. It is assumed that the attack scenario is accessible from a compromised modem, a malicious base station, or just SMS. There is a bound...
CVE-2023-4233
A flaw was found in ofono, an Open Source Telephony on Linux. A stack overflow bug is triggered within the smsdecodeaddressfield function during the SMS PDU decoding. It is assumed that the attack scenario is accessible from a compromised modem, a malicious base station, or just SMS...
CVE-2023-4232 Ofono: sms decoder stack-based buffer overflow remote code execution vulnerability within the decode_status_report() function
A flaw was found in ofono, an Open Source Telephony on Linux. A stack overflow bug is triggered within the decodestatusreport function during the SMS decoding. It is assumed that the attack scenario is accessible from a compromised modem, a malicious base station, or just SMS. There is a bound...
CVE-2023-4232 Ofono: sms decoder stack-based buffer overflow remote code execution vulnerability within the decode_status_report() function
A flaw was found in ofono, an Open Source Telephony on Linux. A stack overflow bug is triggered within the decodestatusreport function during the SMS decoding. It is assumed that the attack scenario is accessible from a compromised modem, a malicious base station, or just SMS. There is a bound...
oFono 安全漏洞
oFono is an open source telephony communication framework open-sourced by UBports. A security vulnerability exists in oFono versions prior to 2.1, which stems from a stack overflow error triggered by the decodestatusreport function during SMS decoding...
CVE-2023-2794
A flaw was found in ofono, an Open Source Telephony on Linux. A stack overflow bug is triggered within the decodedeliver function during the SMS decoding. It is assumed that the attack scenario is accessible from a compromised modem, a malicious base station, or just SMS. There is a bound check f...
CVE-2023-2794
A flaw was found in ofono, an Open Source Telephony on Linux. A stack overflow bug is triggered within the decodedeliver function during the SMS decoding. It is assumed that the attack scenario is accessible from a compromised modem, a malicious base station, or just SMS. There is a bound check f...
CVE-2023-2794 Ofono: sms decoder stack-based buffer overflow remote code execution vulnerability within the decode_deliver() function
A flaw was found in ofono, an Open Source Telephony on Linux. A stack overflow bug is triggered within the decodedeliver function during the SMS decoding. It is assumed that the attack scenario is accessible from a compromised modem, a malicious base station, or just SMS. There is a bound check f...
CVE-2023-2794 Ofono: sms decoder stack-based buffer overflow remote code execution vulnerability within the decode_deliver() function
A flaw was found in ofono, an Open Source Telephony on Linux. A stack overflow bug is triggered within the decodedeliver function during the SMS decoding. It is assumed that the attack scenario is accessible from a compromised modem, a malicious base station, or just SMS. There is a bound check f...