Lucene search
K

75 matches found

attackerkb
attackerkb
added 2026/03/11 12:0 a.m.1 views

CVE-2025-66956

Insecure Access Control in Contact Plan, E-Mail, SMS and Fax components in Asseco SEE Live 2.0 allows remote attackers to access and execute attachments via a computable URL...

9.9CVSS5.9AI score0.00485EPSS
Exploits0References4
osv
osv
added 2026/03/02 7:16 p.m.4 views

CVE-2025-48609

In multiple functions of MmsProvider.java, there is a possible way to arbitrarily delete files which affect telephony, SMS, and MMS functionalities due to a path traversal error. This could lead to local denial of service with no additional execution privileges needed. User interaction is not...

9.1CVSS5.9AI score0.00263EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2026/03/02 6:42 p.m.3 views

CVE-2025-48609

In multiple functions of MmsProvider.java, there is a possible way to arbitrarily delete files which affect telephony, SMS, and MMS functionalities due to a path traversal error. This could lead to local denial of service with no additional execution privileges needed. User interaction is not...

6.1AI score0.00263EPSS
Exploits0References1
cvelist
cvelist
added 2026/03/02 6:42 p.m.19 views

CVE-2025-48609

In multiple functions of MmsProvider.java, there is a possible way to arbitrarily delete files which affect telephony, SMS, and MMS functionalities due to a path traversal error. This could lead to local denial of service with no additional execution privileges needed. User interaction is not...

0.00263EPSS
Exploits0References1
attackerkb
attackerkb
added 2026/03/02 6:42 p.m.2 views

CVE-2025-48609

In multiple functions of MmsProvider.java, there is a possible way to arbitrarily delete files which affect telephony, SMS, and MMS functionalities due to a path traversal error. This could lead to local denial of service with no additional execution privileges needed. User interaction is not...

9.1CVSS6.1AI score0.00263EPSS
Exploits0References3Affected Software1
packetstormnews
packetstormnews
added 2026/01/14 12:0 a.m.13 views

Private Links, Public Leaks: Consequences of Frictionless User Experience on the Security and Privacy Posture of SMS-Delivered URLs

Digital service providers often prioritize a frictionless user experience by adopting technologies that simplify access to their services. One widely used mechanism is the Short Message Service SMS to deliver links URLs that enable single-click access to online services with little to no...

7.1AI score
Exploits0
cve
cve
added 2025/12/26 12:0 a.m.13 views

CVE-2025-66947

CVE-2025-66947 affects krishanmuraiji SMS v1.0. The flaw is a time-based SQL injection in /studentms/admin/edit-class-detail.php via the editid GET parameter, where unvalidated input can trigger SQL SLEEP() delays to infer database contents. Exploitation could lead to full database disclosure or ...

6.5CVSS7.6AI score0.00259EPSS
Exploits2References1Affected Software1
cnnvd
cnnvd
added 2025/11/21 12:0 a.m.7 views

WordPress plugin SMS Alert Order Notifications 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There is...

5.3CVSS5.8AI score0.00187EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/10/28 9:51 a.m.11 views

CVE-2025-46583

There is a Denial of Service(DoS)vulnerability in the ZTE MC889A Pro product. Due to insufficient validation of the input parameters of the Short Message Service interface, allowing an attacker to exploit it to carry out a DoS attack...

5.3CVSS6.8AI score0.00379EPSS
Exploits0References1
nvd
nvd
added 2025/10/27 10:15 a.m.7 views

CVE-2025-46583

There is a Denial of Service(DoS)vulnerability in the ZTE MC889A Pro product. Due to insufficient validation of the input parameters of the Short Message Service interface, allowing an attacker to exploit it to carry out a DoS attack...

5.3CVSS0.00379EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2025/10/27 9:23 a.m.3 views

CVE-2025-46583 DOS Vulnerability in ZTE MC889A Pro product

There is a Denial of Service(DoS)vulnerability in the ZTE MC889A Pro product. Due to insufficient validation of the input parameters of the Short Message Service interface, allowing an attacker to exploit it to carry out a DoS attack...

5.3CVSS6.4AI score0.00379EPSS
Exploits0References1
cvelist
cvelist
added 2025/10/27 9:23 a.m.8 views

CVE-2025-46583 DOS Vulnerability in ZTE MC889A Pro product

There is a Denial of Service(DoS)vulnerability in the ZTE MC889A Pro product. Due to insufficient validation of the input parameters of the Short Message Service interface, allowing an attacker to exploit it to carry out a DoS attack...

5.3CVSS0.00379EPSS
Exploits0References1
cve
cve
added 2025/10/27 9:23 a.m.9 views

CVE-2025-46583

The CVE-2025-46583 DoS vulnerability affects ZTE MC889A Pro due to insufficient validation of input parameters in the Short Message Service interface. The issue enables a network-exploitable DoS with low attack complexity and no authentication; impact is limited to Availability (CVE score 5.3, ME...

5.3CVSS6.5AI score0.00379EPSS
Exploits0References1
euvd
euvd
added 2025/10/27 9:23 a.m.5 views

EUVD-2025-36143

There is a Denial of Service(DoS)vulnerability in the ZTE MC889A Pro product. Due to insufficient validation of the input parameters of the Short Message Service interface, allowing an attacker to exploit it to carry out a DoS attack...

5.3CVSS6.3AI score0.00379EPSS
Exploits0References2
ptsecurity
ptsecurity
added 2025/10/27 12:0 a.m.6 views

PT-2025-43918

Name of the Vulnerable Software and Affected Versions ZTE MC889A Pro affected versions not specified Description A Denial of Service DoS issue exists in the ZTE MC889A Pro product. The root cause is inadequate validation of input parameters within the Short Message Service interface, which could...

5.3CVSS6.4AI score0.00379EPSS
Exploits0References3
cnnvd
cnnvd
added 2025/10/27 12:0 a.m.5 views

ZTE MC889A Pro 安全漏洞

The ZTE MC889A Pro is a router from China's ZTE Corporation ZTE. The ZTE MC889A Pro suffers from a denial of service vulnerability that originates from insufficient validation of the input parameters of the SMS service interface, which can be exploited by an attacker to cause a denial of service...

5.3CVSS6.7AI score0.00379EPSS
Exploits0References1
cvelist
cvelist
added 2025/10/22 2:32 p.m.12 views

CVE-2025-49915 WordPress SMS Alert Order Notifications plugin <= 3.8.5 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Cozy Vision SMS Alert Order Notifications sms-alert allows SQL Injection.This issue affects SMS Alert Order Notifications: from n/a through = 3.8.5...

9.3CVSS0.00445EPSS
Exploits0References1
euvd
euvd
added 2025/10/07 12:30 a.m.4 views

EUVD-2003-1454

Malware in sbrugna...

7.8CVSS6.4AI score0.01818EPSS
Exploits0References5
euvd
euvd
added 2025/10/07 12:30 a.m.5 views

EUVD-2019-10304

Malware in sbrugna...

8.6CVSS8.6AI score0.0239EPSS
Exploits0References3
euvd
euvd
added 2025/10/03 8:7 p.m.8 views

EUVD-2025-24812

Malicious code in bioql PyPI...

9.1CVSS6.6AI score0.00357EPSS
Exploits0References3
Rows per page
Query Builder