Lucene search
K

75 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 3:7 a.m.5 views

CVE-2023-21634

Memory Corruption in Radio Interface Layer while sending an SMS or writing an SMS to SIM...

7.8CVSS7AI score0.0014EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2025/04/17 12:0 a.m.8 views

The vulnerability of the SMS decoder in the OFono mobile phone stack allows a hacker to execute arbitrary codes.

The vulnerability of the SMS decoder in the OFono mobile phone stack is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability could allow a hacker to execute arbitrary codes...

7CVSS7.8AI score0.0025EPSS
Exploits0References6Affected Software2
CNNVD
CNNVD
added 2025/02/06 12:0 a.m.4 views

Forever CALL ME KW-50和Forever CALL ME KW-60 安全漏洞

The Forever CALL ME KW-50 and Forever CALL ME KW-60 are both children's phone watches from Forever. Forever CALL ME KW-50 R36YDRA3PWGM7SV1.02019071516.19.24cobh version and Forever CALL ME KW-60 R36CWYDES4A292V1.02023.05.2422.49.44 A security vulnerability exists in the cobb version that stems fr...

9.8CVSS6.8AI score0.00395EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/10/25 12:0 a.m.6 views

Google Pixel 安全漏洞

Google Pixel is a smartphone from the American company Google Google. Google Pixel suffers from a buffer overflow vulnerability that stems from a lack of bounds checking in smsExtractCbLanguage in smsCellBroadcast.c, which can be exploited by an attacker to cause an out-of-bounds read...

7.5CVSS7.2AI score0.00207EPSS
Exploits0References2
OSV
OSV
added 2024/09/18 2:15 a.m.4 views

CVE-2022-39068

There is a buffer overflow vulnerability in ZTE MF296R. Due to insufficient validation of the SMS parameter length, an authenticated attacker could use the vulnerability to perform a denial of service attack...

6.5CVSS6.1AI score0.00402EPSS
Exploits0References1
OSV
OSV
added 2024/08/12 1:38 p.m.4 views

UBUNTU-CVE-2024-22122

Zabbix allows to configure SMS notifications. AT command injection occurs on "Zabbix Server" because there is no validation of "Number" field on Web nor on Zabbix server side. Attacker can run test of SMS providing specially crafted phone number and execute additional AT commands on modem...

9.1CVSS5.9AI score0.01606EPSS
Exploits0References3
OSV
OSV
added 2024/08/06 12:15 a.m.1 views

DEBIAN-CVE-2024-7547

oFono SMS Decoder Stack-based Buffer Overflow Privilege Escalation Vulnerability. This vulnerability allows local attackers to execute arbitrary code on affected installations of oFono. An attacker must first obtain the ability to execute code on the target modem in order to exploit this...

7.8CVSS7.6AI score0.0025EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/08/05 12:0 a.m.4 views

oFono 缓冲区错误漏洞

oFono is an open source telephony communication framework open-sourced by UBports. A buffer error vulnerability exists in oFono, which stems from an out-of-bounds read vulnerability found in the QMI SMS Handling module...

5.5CVSS4.4AI score0.00296EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/04/17 12:0 a.m.5 views

oFono 安全漏洞

oFono is an open source telephony communication framework open-sourced by UBports. A security vulnerability exists in oFono versions prior to 2.1, which stems from a stack overflow error triggered by the smsdecodeaddressfield function during SMS PDU decoding...

8.1CVSS7.9AI score0.01006EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/04/01 12:0 a.m.4 views

Qualcomm Chipsets 安全漏洞

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A security vulnerability exists in Qualcomm Chipsets that results from a denial of service when handling non-standard sized SMS containers received in a DL NAS transport in NR...

7.5CVSS6.5AI score0.00324EPSS
Exploits0References3
OSV
OSV
added 2024/03/27 6:15 a.m.5 views

CVE-2024-25920

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in VeronaLabs WP SMS allows Stored XSS.This issue affects WP SMS: from n/a through 6.3.4...

5.4CVSS5.8AI score0.00317EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/01/10 12:0 a.m.5 views

ZTE MF258 Cross-Site Scripting Vulnerability

The ZTE MF258 is a desktop router from ZTE Corporation ZTE, China. A cross-site scripting vulnerability exists in the ZTE MF258 version prior to ZTESTDV1.0.0B11, which stems from insufficient validation of SMS interface parameter inputs, resulting in a cross-site scripting attack...

6.1CVSS6.1AI score0.00323EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/01/09 12:0 a.m.5 views

PT-2024-12971 · Zte · Zte Mf258

Name of the Vulnerable Software and Affected Versions: ZTE MF258 affected versions not specified Description: There is a Cross-site scripting XSS issue due to insufficient input validation of the SMS interface parameter, which can trigger an XSS attack. Recommendations: At the moment, there is no...

6.1CVSS6AI score0.00323EPSS
Exploits0References6
CNNVD
CNNVD
added 2023/12/05 12:0 a.m.7 views

Qualcomm Chipsets Security Vulnerability

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated. A security vulnerability exists in Qualcomm Chipsets, which is caused by a memory corruption in the wireless interface layer when sending an SMS or writing an SMS to a SIM...

7.8CVSS7.7AI score0.0014EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/05/10 12:0 a.m.4 views

PT-2023-7966

Name of the Vulnerable Software and Affected Versions ofono affected versions not specified Description A flaw was found in ofono, an Open Source Telephony on Linux, where a stack overflow bug is triggered within the sms decode address field function during the SMS PDU decoding. This issue can be...

8.1CVSS7.4AI score0.01006EPSS
Exploits0References63
CNNVD
CNNVD
added 2023/01/20 12:0 a.m.6 views

Kalkun 跨站脚本漏洞

Kalkun is an open source web-based SMS Short Message Service manager from sourceforge. A cross-site scripting vulnerability exists in Kalkun version 0.8.0. An attacker could exploit this vulnerability to conduct cross-site scripting attacks...

6.1CVSS5.9AI score0.00434EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2022/05/03 8:15 p.m.5 views

CVE-2022-20093

In telephony, there is a possible way to disable receiving SMS messages due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06498868; Issue ID: ALPS064988...

7.8CVSS7.2AI score0.00098EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2022/03/10 5:47 p.m.3 views

CVE-2022-25821

Improper use of SMS buffer pointer in Shannon baseband prior to SMR Mar-2022 Release 1 allows OOB read...

7.1CVSS7.2AI score0.00109EPSS
Exploits0References2
CNNVD
CNNVD
added 2021/12/01 12:0 a.m.4 views

Wokka Lokka Q50 信息泄露漏洞

The Wokka Lokka Q50 is a children's smartwatch from Wokka Lokka USA. The Wokka Lokka Q50 suffers from an information disclosure vulnerability that originates from allowing a remote attacker knowing the SIM phone number and passcode to listen to the device's surroundings via callbacks in SMS...

9.3CVSS7.8AI score0.01041EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2021/07/07 12:0 a.m.15 views

Huawei EulerOS: Security Advisory for python-rtslib (EulerOS-SA-2021-2164)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.6CVSS7.8AI score0.0239EPSS
Exploits0References2
Rows per page
Query Builder