CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1164 matches found

RedhatCVE•added 2026/01/09 12:29 p.m.•2 views

CVE-2023-40636

In telecom service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with System execution privileges needed...

4.4CVSS5.5AI score0.00012EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 12:28 p.m.•3 views

CVE-2023-40638

In Telecom service, there is a possible missing permission check. This could lead to local denial of service with System execution privileges needed...

4.4CVSS6AI score0.00011EPSS

Exploits0References1

RedhatCVE•added 2026/01/07 9:17 a.m.•8 views

CVE-2025-1587

A vulnerability was found in SourceCodester Telecom Billing Management System 1.0. It has been rated as critical. This issue affects the function addrecords of the file main.cpp of the component Add New Record. The manipulation of the argument name/phonenumber leads to buffer overflow. Local acce...

7.8CVSS5.4AI score0.00029EPSS

Exploits1References1

The Hacker News•added 2025/12/17 11:12 a.m.•12 views

China-Linked Ink Dragon Hacks Governments Using ShadowPad and FINALDRAFT Malware

The threat actor known as Jewelbug has been increasingly focusing on government targets in Europe since July 2025, even as it continues to attack entities located in Southeast Asia and South America. Check Point Research is tracking the cluster under the name Ink Dragon. It's also referenced by t...

7.3AI score

Exploits0

The Hacker News•added 2025/12/02 5:46 p.m.•5 views

India Orders Messaging Apps to Work Only With Active SIM Cards to Prevent Fraud and Misuse

India's Department of Telecommunications DoT has issued directions to app-based communication service providers to ensure that the platforms cannot be used without an active SIM card linked to the user's mobile number. To that end, messaging apps like WhatsApp, Telegram, Snapchat, Arattai,...

7.1AI score

Exploits0

The Hacker News•added 2025/12/01 5:55 p.m.•6 views

India Orders Phone Makers to Pre-Install Government App to Tackle Telecom Fraud

India's telecommunications ministry has ordered major mobile device manufacturers to preload a government-backed cybersecurity app named Sanchar Saathi on all new phones within 90 days. According to a report from Reuters, the app cannot be deleted or disabled from users' devices. Sanchar Saathi,...

6.4AI score

Exploits0

GithubExploit•added 2025/11/27 9:38 p.m.•136 views

Exploit for Missing Authentication for Critical Function in Erlang Erlang\/Otp

CVE-2025-3243...

10CVSS7AI score0.59319EPSS

Exploits35

Cvelist•added 2025/11/17 3:24 a.m.•5 views

CVE-2025-13282 Chunghwa Telecom｜TenderDocTransfer - Arbitrary File Delete

TenderDocTransfer developed by Chunghwa Telecom has a Arbitrary File Delete vulnerability. The application sets up a simple local web server and provides APIs for communication with the target website. Due to the lack of CSRF protection in the APIs, unauthenticated remote attackers could use thes...

8.1CVSS0.00532EPSS

Exploits0References2

CNNVD•added 2025/11/17 12:0 a.m.•2 views

Chunghwa Telecom TenderDocTransfer 跨站请求伪造漏洞

Chunghwa Telecom TenderDocTransfer is an application from Chunghwa Telecom China. Chunghwa Telecom TenderDocTransfer suffers from a cross-site request forgery vulnerability that stems from a lack of CSRF protection in the API and the presence of absolute path traversal, which could lead to an...

8.1CVSS6.8AI score0.00532EPSS

Exploits0References2

HackRead•added 2025/10/30 4:29 p.m.•3 views

Year-Long Nation-State Hack Hits US Telecom Ribbon Communications

Ribbon Communications discloses a year-long breach by nation-state actors. The attack highlights critical supply chain risk, reflecting the Salt Typhoon and F5 espionage trends...

7AI score

Exploits0

Rapid7 Blog•added 2025/10/30 3:36 p.m.•7 views

Salt Typhoon APT Group: What Public Sector Leaders and Defenders Should Know

The Rapid7 Threat Focus: Salt Typhoon report profiles one of the most sophisticated and persistent state-sponsored threat actors operating today. Salt Typhoon, a Chinese espionage advanced persistent threat APT group linked to the Ministry of State Security MSS, has spent years infiltrating globa...

7.1AI score

Exploits0

The Hacker News•added 2025/10/22 12:56 p.m.•11 views

Chinese Threat Actors Exploit ToolShell SharePoint Flaw Weeks After Microsoft's July Patch

Threat actors with ties to China exploited the ToolShell security vulnerability in Microsoft SharePoint to breach a telecommunications company in the Middle East after it was publicly disclosed and patched in July 2025. Also targeted were government departments in an African country, as well as...

9.8CVSS9.7AI score0.93551EPSS

Exploits45

HackRead•added 2025/10/21 7:6 p.m.•6 views

Salt Typhoon APT Targets Global Telecom and Energy Sectors, Says Darktrace

The China-linked Salt Typhoon APT group attacked a European telecom via a Citrix NetScaler vulnerability in July 2025, Darktrace reports. This follows past US Army and telecom breaches...

7AI score

Exploits0

The Hacker News•added 2025/10/19 6:13 a.m.•9 views

Europol Dismantles SIM Farm Network Powering 49 Million Fake Accounts Worldwide

Europol on Friday announced the disruption of a sophisticated cybercrime-as-a-service CaaS platform that operated a SIM farm and enabled its customers to carry out a broad spectrum of crimes ranging from phishing to investment fraud. The coordinated law enforcement effort, dubbed Operation...

7AI score

Exploits0