Lucene search
+L

2878 matches found

Nuclei
Nuclei
added 15 hours ago15 views

Ozeki 10 SMS Gateway 10.3.208 - Arbitrary File Read

An arbitrary file read vulnerability, also known as a "path traversal" or "directory traversal" vulnerability, occurs when an attacker is able to access files on a system that they shouldn't have access to. This vulnerability arises from improper input validation or insufficient access controls i...

8.7CVSS8.6AI score0.02125EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/07/01 7:53 a.m.39 views

CVE-2026-11387 SMS Alert <= 3.9.5 - Unauthenticated Privilege Escalation via Arbitrary Password Reset

The SMS Alert – SMS & OTP for WooCommerce, Order Notifications & Abandoned Cart Recovery plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 3.9.5. This is due to the plugin not properly validating a user's identity prior to updati...

9.8CVSS0.0038EPSS
Exploits1References8
EUVD
EUVD
added 2026/07/01 7:53 a.m.9 views

EUVD-2026-40922

The SMS Alert – SMS & OTP for WooCommerce, Order Notifications & Abandoned Cart Recovery plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 3.9.5. This is due to the plugin not properly validating a user's identity prior to updati...

9.8CVSS5.9AI score0.0038EPSS
Exploits1References8
The Hacker News
The Hacker News
added 2026/06/27 5:27 p.m.27 views

Ukraine Says Russian Intelligence Used Fake Support Texts to Steal Messaging Credentials

The Security Service of Ukraine SSU said it, together with the U.S. Federal Bureau of Investigation FBI, uncovered a long-running campaign orchestrated by Russian intelligence services to break into the messaging accounts of government officials, military personnel, politicians, and activists in...

5.8AI score
Exploits0
OSV
OSV
added 2026/06/23 1:7 p.m.4 views

OPENSUSE-SU-2026:21154-1 Security update for ofono

This update for ofono fixes the following issues: Changes in ofono: - Reference the tracking bugs for the SMS/STK/USSD decoder security fixes applied upstream across the 2.14-2.17 updates: SMS decoder stack buffer overflows: CVE-2023-2794 boo1218292, CVE-2023-4232 boo1218293, CVE-2023-4233...

8.1CVSS6.8AI score0.0124EPSS
Exploits4References32
EUVD
EUVD
added 2026/06/17 6:35 p.m.10 views

EUVD-2026-37639

Subscriber Privilege Escalation in SMS Alert Order Notifications = 3.9.4 versions...

9.8CVSS5.2AI score0.0045EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/17 6:35 p.m.11 views

EUVD-2026-37638

Unauthenticated Broken Authentication in SMS Alert Order Notifications = 3.9.3 versions...

7.5CVSS5.2AI score0.00381EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/17 6:35 p.m.11 views

EUVD-2025-210213

In multiple functions of btmsec.cc, there is a possible way for an attacker to intercept SMS messages due to a logic error in the code. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation...

4.3CVSS5.7AI score0.00191EPSS
Exploits0References2
NVD
NVD
added 2026/06/17 1:20 p.m.13 views

CVE-2026-54803

Subscriber Privilege Escalation in SMS Alert Order Notifications = 3.9.4 versions...

9.8CVSS0.0045EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/17 9:51 a.m.34 views

CVE-2026-54803 WordPress SMS Alert Order Notifications plugin <= 3.9.4 - Privilege Escalation vulnerability

Subscriber Privilege Escalation in SMS Alert Order Notifications = 3.9.4 versions...

9.8CVSS0.0045EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/17 9:51 a.m.32 views

CVE-2026-54802 WordPress SMS Alert Order Notifications plugin <= 3.9.3 - Broken Authentication vulnerability

Unauthenticated Broken Authentication in SMS Alert Order Notifications = 3.9.3 versions...

7.5CVSS0.00381EPSS
Exploits0References1
CVE
CVE
added 2026/06/17 9:51 a.m.23 views

CVE-2026-54802

CVE-2026-54802 affects the WordPress plugin “SMS Alert Order Notifications” (versions

7.5CVSS5.2AI score0.00381EPSS
Exploits0References1
CVE
CVE
added 2026/06/17 7:21 a.m.14 views

CVE-2026-28587

CVE-2026-28587 affects the MmsSmsProvider component (MmsSmsProvider.java), enabling local information disclosure via a missing permission check. Exploitation requires no user interaction and does not require additional privileges; impact is confined to information disclosure. The vulnerability is...

10CVSS5.5AI score0.00115EPSS
Exploits0References1Affected Software1
The Hacker News
The Hacker News
added 2026/06/16 1:10 p.m.25 views

New Rokarolla Android Malware Steals PINs, SMS Codes, and Crypto Wallet Funds

Security researchers at Zimperium's zLabs have documented a new Android banking trojan, Rokarolla , that targets 217 banking and cryptocurrency apps and packs 137 remote commands. Together, they give an operator near-total control of an infected phone: it lifts lock-screen PINs, reads and sends...

5.7AI score
Exploits0
EUVD
EUVD
added 2026/06/15 9:30 p.m.9 views

EUVD-2026-36993

Subscriber Sensitive Data Exposure in WP SMS = 7.2.1 versions...

6.5CVSS5.2AI score0.00326EPSS
Exploits0References2
NVD
NVD
added 2026/06/15 9:16 p.m.8 views

CVE-2026-40790

Subscriber Sensitive Data Exposure in WP SMS = 7.2.1 versions...

6.5CVSS0.00326EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/15 8:18 p.m.32 views

CVE-2026-40790 WordPress WP SMS plugin <= 7.2.1 - Sensitive Data Exposure vulnerability

Subscriber Sensitive Data Exposure in WP SMS = 7.2.1 versions...

6.5CVSS0.00326EPSS
Exploits0References1
CVE
CVE
added 2026/06/15 8:18 p.m.15 views

CVE-2026-40790

The CVE-2026-40790 entry concerns the WordPress WP SMS plugin, versions ≤ 7.2.1, with a Subscriber Sensitive Data Exposure vulnerability. The connected data specify a network-accessible issue with low attacker privileges, no user interaction, and high confidentiality impact (CVSS v3.1 base 6.5, M...

6.5CVSS5.2AI score0.00326EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/15 8:18 p.m.7 views

CVE-2026-40790 WordPress WP SMS plugin <= 7.2.1 - Sensitive Data Exposure vulnerability

Subscriber Sensitive Data Exposure in WP SMS = 7.2.1 versions...

6.5CVSS5.2AI score0.00326EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/15 12:0 a.m.16 views

PT-2026-49428

Subscriber Sensitive Data Exposure in WP SMS = 7.2.1 versions...

6.5CVSS5.2AI score0.00326EPSS
Exploits0References2
Rows per page
Query Builder